Vulnerable Service Invocation and Countermeasures

Vulnerable Service Invocation and Countermeasures

Before Android 5.0, the services in Android applications can be invoked either explicitly or implicitly. However, since the implicit service invocations may suffer service hijacking attacks and thus lead to sensitive data leakage, they have been forbidden since Android 5.0. Thereafter the Android sy...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on dependable and secure computing 2021-07, Vol.18 (4), p.1733-1750
Hauptverfasser: Chang, Huan, Lei, Lingguang, Sun, Kun, Wang, Yuewu, Jing, Jiwu, He, Yi, Wang, Pingjian
Format: Artikel
Sprache:eng
Schlagworte:
Access control
Computer crashes
Google
Implicit intent
Leakage
Matched filters
Mobile operating systems
Security
service hijacking attacks
Static analysis
Sun
Virtual private networks
vulnerable service invocation
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 1750
container_issue 4
container_start_page 1733
container_title IEEE transactions on dependable and secure computing
container_volume 18
creator Chang, Huan
Lei, Lingguang
Sun, Kun
Wang, Yuewu
Jing, Jiwu
He, Yi
Wang, Pingjian
description Before Android 5.0, the services in Android applications can be invoked either explicitly or implicitly. However, since the implicit service invocations may suffer service hijacking attacks and thus lead to sensitive data leakage, they have been forbidden since Android 5.0. Thereafter the Android system will simply throw an exception and crash the applications that still invokes services implicitly, so that it was expected that application developers will be forced to convert the implicit service invocations to explicit ones. In this paper, we develop a static analysis framework called ISA to analyze the effectiveness of forbidden policy on removing the vulnerable service invocations. We collect two datasets containing common 1390 apps downloaded 1 to 3 months before the forbidden policy is enforced and 30 months after the forbidden policy is enforced, respectively. Our preliminary analysis indicates a 82.58% reduction in the number of vulnerable service invocations due to the enforcement of forbidden policy. However, upon further investigation, we discover that the forbidden policy fails to resolve service hijacking attacks. We find that 36 popular applications are still vulnerable to service hijacking attacks, which can lead to the leakage of sensitive information such as user login credential. Finally, we analyze the reasons of the residue vulnerable invocations and then propose two countermeasures.
doi_str_mv 10.1109/TDSC.2019.2936848
format Article
fullrecord <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_crossref_primary_10_1109_TDSC_2019_2936848</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>8815742</ieee_id><sourcerecordid>2549756605</sourcerecordid><originalsourceid>FETCH-LOGICAL-c336t-9c8af1a8550b1e9ce1c804a996a21e25589283168bdc61fc2258199ba0275d503</originalsourceid><addsrcrecordid>eNo9kE1Lw0AQhhdRsFZ_gHgJeE7d2ewkO0eJX4WCh1avy2Y7gZQ2qbtJwX9vSouneQ_P-w48QtyDnAFIelq9LMuZkkAzRVlutLkQEyANqZRgLseMGlOkAq7FTYwbKZU2pCcCvodty8FVW06WHA6N52TeHjrv-qZrE9euk7Ib2p7Djl0cAsdbcVW7beS7852Kr7fXVfmRLj7f5-XzIvVZlvcpeeNqcAZRVsDkGbyR2hHlTgErREPKZJCbau1zqL1SaICoclIVuEaZTcXjaXcfup-BY2833RDa8aVVqKnAPJc4UnCifOhiDFzbfWh2LvxakPZoxh7N2KMZezYzdh5OnYaZ_3ljAAutsj_KKl3N</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2549756605</pqid></control><display><type>article</type><title>Vulnerable Service Invocation and Countermeasures</title><source>IEEE Electronic Library (IEL)</source><creator>Chang, Huan ; Lei, Lingguang ; Sun, Kun ; Wang, Yuewu ; Jing, Jiwu ; He, Yi ; Wang, Pingjian</creator><creatorcontrib>Chang, Huan ; Lei, Lingguang ; Sun, Kun ; Wang, Yuewu ; Jing, Jiwu ; He, Yi ; Wang, Pingjian</creatorcontrib><description>Before Android 5.0, the services in Android applications can be invoked either explicitly or implicitly. However, since the implicit service invocations may suffer service hijacking attacks and thus lead to sensitive data leakage, they have been forbidden since Android 5.0. Thereafter the Android system will simply throw an exception and crash the applications that still invokes services implicitly, so that it was expected that application developers will be forced to convert the implicit service invocations to explicit ones. In this paper, we develop a static analysis framework called ISA to analyze the effectiveness of forbidden policy on removing the vulnerable service invocations. We collect two datasets containing common 1390 apps downloaded 1 to 3 months before the forbidden policy is enforced and 30 months after the forbidden policy is enforced, respectively. Our preliminary analysis indicates a 82.58% reduction in the number of vulnerable service invocations due to the enforcement of forbidden policy. However, upon further investigation, we discover that the forbidden policy fails to resolve service hijacking attacks. We find that 36 popular applications are still vulnerable to service hijacking attacks, which can lead to the leakage of sensitive information such as user login credential. Finally, we analyze the reasons of the residue vulnerable invocations and then propose two countermeasures.</description><identifier>ISSN: 1545-5971</identifier><identifier>EISSN: 1941-0018</identifier><identifier>DOI: 10.1109/TDSC.2019.2936848</identifier><identifier>CODEN: ITDSCM</identifier><language>eng</language><publisher>Washington: IEEE</publisher><subject>Access control ; Computer crashes ; Google ; Implicit intent ; Leakage ; Matched filters ; Mobile operating systems ; Security ; service hijacking attacks ; Static analysis ; Sun ; Virtual private networks ; vulnerable service invocation</subject><ispartof>IEEE transactions on dependable and secure computing, 2021-07, Vol.18 (4), p.1733-1750</ispartof><rights>Copyright IEEE Computer Society 2021</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c336t-9c8af1a8550b1e9ce1c804a996a21e25589283168bdc61fc2258199ba0275d503</citedby><cites>FETCH-LOGICAL-c336t-9c8af1a8550b1e9ce1c804a996a21e25589283168bdc61fc2258199ba0275d503</cites><orcidid>0000-0002-4627-7238 ; 0000-0002-1936-0562 ; 0000-0003-4152-2107</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/8815742$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,776,780,792,27903,27904,54737</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/8815742$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Chang, Huan</creatorcontrib><creatorcontrib>Lei, Lingguang</creatorcontrib><creatorcontrib>Sun, Kun</creatorcontrib><creatorcontrib>Wang, Yuewu</creatorcontrib><creatorcontrib>Jing, Jiwu</creatorcontrib><creatorcontrib>He, Yi</creatorcontrib><creatorcontrib>Wang, Pingjian</creatorcontrib><title>Vulnerable Service Invocation and Countermeasures</title><title>IEEE transactions on dependable and secure computing</title><addtitle>TDSC</addtitle><description>Before Android 5.0, the services in Android applications can be invoked either explicitly or implicitly. However, since the implicit service invocations may suffer service hijacking attacks and thus lead to sensitive data leakage, they have been forbidden since Android 5.0. Thereafter the Android system will simply throw an exception and crash the applications that still invokes services implicitly, so that it was expected that application developers will be forced to convert the implicit service invocations to explicit ones. In this paper, we develop a static analysis framework called ISA to analyze the effectiveness of forbidden policy on removing the vulnerable service invocations. We collect two datasets containing common 1390 apps downloaded 1 to 3 months before the forbidden policy is enforced and 30 months after the forbidden policy is enforced, respectively. Our preliminary analysis indicates a 82.58% reduction in the number of vulnerable service invocations due to the enforcement of forbidden policy. However, upon further investigation, we discover that the forbidden policy fails to resolve service hijacking attacks. We find that 36 popular applications are still vulnerable to service hijacking attacks, which can lead to the leakage of sensitive information such as user login credential. Finally, we analyze the reasons of the residue vulnerable invocations and then propose two countermeasures.</description><subject>Access control</subject><subject>Computer crashes</subject><subject>Google</subject><subject>Implicit intent</subject><subject>Leakage</subject><subject>Matched filters</subject><subject>Mobile operating systems</subject><subject>Security</subject><subject>service hijacking attacks</subject><subject>Static analysis</subject><subject>Sun</subject><subject>Virtual private networks</subject><subject>vulnerable service invocation</subject><issn>1545-5971</issn><issn>1941-0018</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNo9kE1Lw0AQhhdRsFZ_gHgJeE7d2ewkO0eJX4WCh1avy2Y7gZQ2qbtJwX9vSouneQ_P-w48QtyDnAFIelq9LMuZkkAzRVlutLkQEyANqZRgLseMGlOkAq7FTYwbKZU2pCcCvodty8FVW06WHA6N52TeHjrv-qZrE9euk7Ib2p7Djl0cAsdbcVW7beS7852Kr7fXVfmRLj7f5-XzIvVZlvcpeeNqcAZRVsDkGbyR2hHlTgErREPKZJCbau1zqL1SaICoclIVuEaZTcXjaXcfup-BY2833RDa8aVVqKnAPJc4UnCifOhiDFzbfWh2LvxakPZoxh7N2KMZezYzdh5OnYaZ_3ljAAutsj_KKl3N</recordid><startdate>20210701</startdate><enddate>20210701</enddate><creator>Chang, Huan</creator><creator>Lei, Lingguang</creator><creator>Sun, Kun</creator><creator>Wang, Yuewu</creator><creator>Jing, Jiwu</creator><creator>He, Yi</creator><creator>Wang, Pingjian</creator><general>IEEE</general><general>IEEE Computer Society</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>JQ2</scope><orcidid>https://orcid.org/0000-0002-4627-7238</orcidid><orcidid>https://orcid.org/0000-0002-1936-0562</orcidid><orcidid>https://orcid.org/0000-0003-4152-2107</orcidid></search><sort><creationdate>20210701</creationdate><title>Vulnerable Service Invocation and Countermeasures</title><author>Chang, Huan ; Lei, Lingguang ; Sun, Kun ; Wang, Yuewu ; Jing, Jiwu ; He, Yi ; Wang, Pingjian</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c336t-9c8af1a8550b1e9ce1c804a996a21e25589283168bdc61fc2258199ba0275d503</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Access control</topic><topic>Computer crashes</topic><topic>Google</topic><topic>Implicit intent</topic><topic>Leakage</topic><topic>Matched filters</topic><topic>Mobile operating systems</topic><topic>Security</topic><topic>service hijacking attacks</topic><topic>Static analysis</topic><topic>Sun</topic><topic>Virtual private networks</topic><topic>vulnerable service invocation</topic><toplevel>online_resources</toplevel><creatorcontrib>Chang, Huan</creatorcontrib><creatorcontrib>Lei, Lingguang</creatorcontrib><creatorcontrib>Sun, Kun</creatorcontrib><creatorcontrib>Wang, Yuewu</creatorcontrib><creatorcontrib>Jing, Jiwu</creatorcontrib><creatorcontrib>He, Yi</creatorcontrib><creatorcontrib>Wang, Pingjian</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>ProQuest Computer Science Collection</collection><jtitle>IEEE transactions on dependable and secure computing</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Chang, Huan</au><au>Lei, Lingguang</au><au>Sun, Kun</au><au>Wang, Yuewu</au><au>Jing, Jiwu</au><au>He, Yi</au><au>Wang, Pingjian</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Vulnerable Service Invocation and Countermeasures</atitle><jtitle>IEEE transactions on dependable and secure computing</jtitle><stitle>TDSC</stitle><date>2021-07-01</date><risdate>2021</risdate><volume>18</volume><issue>4</issue><spage>1733</spage><epage>1750</epage><pages>1733-1750</pages><issn>1545-5971</issn><eissn>1941-0018</eissn><coden>ITDSCM</coden><abstract>Before Android 5.0, the services in Android applications can be invoked either explicitly or implicitly. However, since the implicit service invocations may suffer service hijacking attacks and thus lead to sensitive data leakage, they have been forbidden since Android 5.0. Thereafter the Android system will simply throw an exception and crash the applications that still invokes services implicitly, so that it was expected that application developers will be forced to convert the implicit service invocations to explicit ones. In this paper, we develop a static analysis framework called ISA to analyze the effectiveness of forbidden policy on removing the vulnerable service invocations. We collect two datasets containing common 1390 apps downloaded 1 to 3 months before the forbidden policy is enforced and 30 months after the forbidden policy is enforced, respectively. Our preliminary analysis indicates a 82.58% reduction in the number of vulnerable service invocations due to the enforcement of forbidden policy. However, upon further investigation, we discover that the forbidden policy fails to resolve service hijacking attacks. We find that 36 popular applications are still vulnerable to service hijacking attacks, which can lead to the leakage of sensitive information such as user login credential. Finally, we analyze the reasons of the residue vulnerable invocations and then propose two countermeasures.</abstract><cop>Washington</cop><pub>IEEE</pub><doi>10.1109/TDSC.2019.2936848</doi><tpages>18</tpages><orcidid>https://orcid.org/0000-0002-4627-7238</orcidid><orcidid>https://orcid.org/0000-0002-1936-0562</orcidid><orcidid>https://orcid.org/0000-0003-4152-2107</orcidid><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 1545-5971
ispartof IEEE transactions on dependable and secure computing, 2021-07, Vol.18 (4), p.1733-1750
issn 1545-5971
1941-0018
language eng
recordid cdi_crossref_primary_10_1109_TDSC_2019_2936848
source IEEE Electronic Library (IEL)
subjects Access control
Computer crashes
Google
Implicit intent
Leakage
Matched filters
Mobile operating systems
Security
service hijacking attacks
Static analysis
Sun
Virtual private networks
vulnerable service invocation
title Vulnerable Service Invocation and Countermeasures
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-22T09%3A42%3A00IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Vulnerable%20Service%20Invocation%20and%20Countermeasures&rft.jtitle=IEEE%20transactions%20on%20dependable%20and%20secure%20computing&rft.au=Chang,%20Huan&rft.date=2021-07-01&rft.volume=18&rft.issue=4&rft.spage=1733&rft.epage=1750&rft.pages=1733-1750&rft.issn=1545-5971&rft.eissn=1941-0018&rft.coden=ITDSCM&rft_id=info:doi/10.1109/TDSC.2019.2936848&rft_dat=%3Cproquest_RIE%3E2549756605%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2549756605&rft_id=info:pmid/&rft_ieee_id=8815742&rfr_iscdi=true