Vulnerable Service Invocation and Countermeasures

Before Android 5.0, the services in Android applications can be invoked either explicitly or implicitly. However, since the implicit service invocations may suffer service hijacking attacks and thus lead to sensitive data leakage, they have been forbidden since Android 5.0. Thereafter the Android system will simply throw an exception and crash the applications that still invokes services implicitly, so that it was expected that application developers will be forced to convert the implicit service invocations to explicit ones. In this paper, we develop a static analysis framework called ISA to analyze the effectiveness of forbidden policy on removing the vulnerable service invocations. We collect two datasets containing common 1390 apps downloaded 1 to 3 months before the forbidden policy is enforced and 30 months after the forbidden policy is enforced, respectively. Our preliminary analysis indicates a 82.58% reduction in the number of vulnerable service invocations due to the enforcement of forbidden policy. However, upon further investigation, we discover that the forbidden policy fails to resolve service hijacking attacks. We find that 36 popular applications are still vulnerable to service hijacking attacks, which can lead to the leakage of sensitive information such as user login credential. Finally, we analyze the reasons of the residue vulnerable invocations and then propose two countermeasures.