From System Services Freezing to System Server Shutdown in Android
- 12 October 2015
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM)
Abstract
The Android OS not only dominates 78.6% of the worldwide smartphone market in 2014, but importantly has been widely used for mission critical tasks (e.g., medical devices, auto/aircraft navigators, embedded in satellite project). The core of Android, System Server (SS), is a multi-threaded process that contains most of the system services and provides the essential functionalities to support applications (apps). Considering the complicated design of the SS and its easily-accessible system services (e.g., via Android APIs), we conjecture that the SS may face DoS attacks. As the SS plays the important role in Android, serious DoS attacks could cause single-point-of-failure to the phone system. By studying the source code, we discovered a general design trait in the concurrency control mechanism of the SS that could be vulnerable to DoS attacks. To validate our hypothesis, we design a tool to cost efficiently explore high-risk methods in the SS. After a systematic analysis of 2,154 candidate-risky methods, we found four unknown vulnerabilities in critical services (e.g., the ActivityManager and the WindowManager), which are named the Android Stroke Vulnerabilities ({\it ASVs}). Exploiting the ASVs would continuously block all other requests for system services, followed by killing the SS and soft-rebooting the OS. Results of a further threat analysis show that by writing a loop to invoke Android APIs in an app, an attacker can continually freeze (reboot) the device at targeted critical moments (e.g., when patching vulnerable apps). Furthermore, ASVs can be exploited to enhance malware with anti-removal capability or to design the ransomware by putting the devices into continuous DoS loops. After being informed, Google confirmed our findings promptly. We also proposed to their Android framework team several improvements in their concurrency control design and a fine-grained failure recovery mechanism for the SS.
Keywords
Funding Information
- NSFC (61100226)
- NSF (SBE-1422215,CCF-1320605)
- MURI (AROW911NF-13-1-0421)
This publication has 29 references indexed in Scilit:
- What the App is That? Deception and Countermeasures in the Android User InterfacePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- Towards Discovering and Understanding Unexpected Hazards in Tailoring Antivirus Software for AndroidPublished by Association for Computing Machinery (ACM) ,2015
- Race detection for event-driven mobile applicationsACM SIGPLAN Notices, 2014
- AirBag: Boosting Smartphone Resistance to Malware InfectionPublished by Internet Society ,2014
- A Framework for Evaluating Mobile App Repackaging Detection AlgorithmsLecture Notes in Computer Science, 2013
- Android permissionsPublished by Association for Computing Machinery (ACM) ,2012
- What is keeping my phone awake?Published by Association for Computing Machinery (ACM) ,2012
- Would You Mind Forking This Process? A Denial of Service Attack on Android (and Some Countermeasures)Published by Springer Science and Business Media LLC ,2012
- A hybrid ranking approach to estimate vulnerability for dynamic attacksComputers & Mathematics with Applications, 2011
- CellsPublished by Association for Computing Machinery (ACM) ,2011