ATRIBUT ANCAMAN HANGING IN THE WILD ANDROID

  • Neilin Nikhlis Universitas Sains dan Teknologi Komputer
  • Edy Siswanto Universitas Sains dan Teknologi Komputer
DOI: https://doi.org/10.51903/informatika.v3i1.237
Keywords: Harehunter, HareGuard, Android, Deteksi Malware Android

Abstract

Android adalah sistem yang kompleks, yang komponen dan aplikasinya dimaksudkan untuk bekerja bersama, menimbulkan hubungan saling ketergantungan yang sangat rumit di antara. Sementara itu, ekosistem Android dikenal sangat beragam dan terdesentralisasi: setiap versi OS dikustomisasi dan dikustomisasi ulang oleh berbagai pihak hampir secara independen dan digunakan oleh siapa saja yang dapat membuat aplikasi untuk versi tersebut. Android melindungi aset informasinya melalui kotak pasir aplikasi dan model izin, di mana setiap aplikasi berjalan dalam kompartemennya sendiri dan hanya dapat mengakses sumber daya global yang sensitif dan komponen aplikasi lainnya (penyedia konten, layanan, aktivitas, penerima broadcast) dengan izin yang tepat. Penelitian ini menggunakan pengurkuran Harehunter dengan tujuan untuk mendeteksi kerentanan Hare dalam aplikasi sistem Android secara otomatis. Eveluasi kinerja Harehunter dan HareGuard dilakukan dalam penelitian ini, yang keduanya terbukti sangat efektif. Pendekatan yang diguanakan disini adalah analisis diferensial, dengan mencari semua kode yang diekstrak, didekompilasi, dan file manifes untuk definisi atribut yang ditargetkan sebagai langkap awal, dan menjalankan parser XML. Hasil penelitian ini menunjukkan bahwa dampak Hares sangat signifikan. Penerapan HareGuard dalam penelitian ini terbukti efektif dalam mendeteksi semua aplikasi serangan yang dibuat. Evaluasi lebih lanjut terhadap kinerja berdampak pada inang sistem minimum. Untuk penelitian dimasa depan, agar Harehunter lebih efektif, disarankan untuk menggunakan pengaalisa yang lebih mumpuni. Sehingga arah ini dapat dieksplorasi lebih dalam lagi.

References

A. Al-Haiqi, M. Ismail, and R. Nordin, “On the best sensor for keystrokes inference attack on android,” in The 4th International Conference on Electrical Engineering and Informatics (ICEEI), Procedia Technology, 2013.
A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner, “Android permissions demystified,” in Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS ’11, (New York, NY, USA), pp. 627–638, ACM, 2011.
B. Liu, J. Lin, and N. Sadeh, “Reconciling mobile app privacy and usability on smartphones: Could user privacy profiles help?,” in Proceedings of the 23rd International Conference on World Wide Web, WWW’14, (New York, NY, USA), pp. 201–212, ACM, 2014.
C. Lin, H. Li, X. Zhou, and X. Wang, “Screenmilker: How to milk your android screen for secrets,” in 21st Annual Network and Distributed System Security Symposium (NDSS), The Internet Society, 2014.
E. Miluzzo, A. Varshavsky, S. Balakrishnan, and R. R. Choudhury, “Tapprints: Your finger taps have fingerprints,” in Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services, MobiSys ’12, (New York, NY, USA) pp. 323–336, ACM, 2012.
F. Roesner and T. Kohno, “Securing embedded user interfaces: Android and beyond,” in Proceedings of the 22Nd USENIX Conference on Security, SEC’13, (Berkeley, CA, USA), pp. 97–112, USENIX Association, 2013.
F. Roesner, T. Kohno, A. Moshchuk, B. Parno, H. J. Wang, and C. Cowan, “User-driven access control: Rethinking permission granting in modern operating systems,” in Proceedings of the 2012 IEEE Symposium on Security and Privacy, 2012.
H. Huang, S. Zhu, K. Chen, and P. Liu, “From system services freezing to system server shutdown in android: All you need is a loop in an app,” in Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, CCS ’15, (New York, NY, USA), pp. 1236–1247, ACM, 2015.
H. Zhang, D. She, and Z. Qian, “Android root and its providers: A double-edged sword,” in Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, CCS ’15, (New York, NY, USA), pp. 1093–1104, ACM, 2015.
J. Caballero, G. Grieco, M. Marron, and A. Nappa, “Undangle: Early detection of dangling pointers in use-after-free and double-free vulnerabilities,” in Proceedings of the 2012 International Symposium on Software Testing and Analysis, ISSTA 2012, ACM, 2012.
K. W. Y. Au, Y. F. Zhou, Z. Huang, and D. Lie, “Pscout: Analyzing the android permission specification,” in Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS ’12, (New York, NY, USA), pp. 217–228, ACM, 2012.
L. Li, A. Bartel, J. Klein, Y. L. Traon, S. Arzt, S. Rasthofer, E. Bodden, D. Octeau, and P. McDaniel, “I know what leaked in your pocket: uncovering privacy leaks on android apps with static taint analysis,” arXiv preprint arXiv:1404.7431, 2014.
L. Wu, M. Grace, Y. Zhou, C. Wu, and X. Jiang, “The impact of vendor customizations on android security,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS ’13, (New York, NY, USA), pp. 623–634, ACM, 2013.
M. Egele, D. Brumley, Y. Fratantonio, and C. Kruegel, “An empirical study of cryptographic misuse in android applications,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS ’13, (New York, NY, USA), pp. 73–84, ACM, 2013.
M. Zhang, Y. Duan, Q. Feng, and H. Yin, “Towards automatic generation of security-centric descriptions for android apps,” in Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, CCS ’15, (New York, NY, USA), pp. 518–529, ACM, 2015.
P. Brodley and leviathan Security Group, “Zero Permission Android Applications.” https://www.leviathansecurity.com/blog/zero-permission-android-applications/. Accessed: 10/02/2013.
P. Ratazzi, Y. Aafer, A. Ahlawat, H. Hao, Y. Wang, and W. Du, “A systematic security evaluation of Android’s multi-user framework,” in Mobile Security Technologies (MoST) 2014, MoST’14, (San Jose, CA, USA), May 17 2014.
P. Wijesekera, A. Baokar, A. Hosseini, S. Egelman, D. Wagner, and K. Beznosov, “Android permissions remystified: A field study on contextual integrity,” in Proceedings of the 24th USENIX Conference on Security Symposium, SEC’15, (Berkeley, CA, USA), pp. 499–514, USENIX Association, 2015.
Q. A. Chen, Z. Qian, and Z. M. Mao, “Peeking into your app without actually seeing it: Ui state inference and novel android attacks,” in Proceedings of the 23rd USENIX Conference on Security Symposium, SEC’14, (Berkeley, CA, USA), pp. 1037–1052, USENIX Association, 2014.
R. Pandita, X. Xiao, W. Yang, W. Enck, and T. Xie, “Whyper: Towards automating risk assessment of mobile applications,” in Proceedings of the 22Nd USENIX Conference on Security, SEC’13, (Berkeley, CA, USA), pp. 527–542, USENIX Association, 2013.
R. Wang, L. Xing, X. Wang, and S. Chen, “Unauthorized origin crossing on mobile platforms: Threats and mitigation,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, CCS ’13, (New York, NY, USA), pp. 635–646, ACM, 2013.
S. Fahl, M. Harbach, M. Oltrogge, T. Muders, and M. Smith, “Hey, you, get off of my clipboard,” in In proceeding of 17th International Conference on Financial Cryptography and Data Security, 2013.
S. H. Kim, D. Han, and D. H. Lee, “Predictability of android openssl’s pseudorandom number generator,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS ’13, (New York, NY, USA), pp. 659–668, ACM, 2013.
T. Li, X. Zhou, L. Xing, Y. Lee, M. Naveed, X. Wang, and X. Han, “Mayhem in the push clouds: Understanding and mitigating security hazards in mobile push-messaging services,” in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS ’14, (New York, NY, USA), pp. 978–989, ACM, 2014.
W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri, “A study of android application security,” in Proceedings of the 20th USENIX conference on Security symposium, 2011.
X. Jin, X. Hu, K. Ying, W. Du, H. Yin, and G. N. Peri, “Code injection attacks on html5-based mobile apps: Characterization, detection and mitigation,” in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS ’14, (New York, NY, USA), pp. 66–77, ACM, 2014.
X. Zhang, K. Ying, Y. Aafer, Z. Qiu, and W. Du, “Life after app uninstallation: Are the data still alive? data residue attacks on android,” in NDSS, 2016.
X. Zhou, S. Demetriou, D. He, M. Naveed, X. Pan, X. Wang, C. A. Gunter, and K. Nahrstedt, “Identity, location, disease and more: Inferring your secrets from android public resources,” in Proceedings of the 2013 ACM SIGSAC Conferenceon Computer & Communications Security, CCS ’13, (New York, NY, USA), pp. 1017–1028, ACM, 2013.
Y. Acar, M. Backes, S. Bugiel, S. Fahl, P. McDaniel, and M. Smith, “Sok: Lessons learned from android security research for appified software platforms,” in 37th IEEE Symposium on Security and Privacy (S&P ’16), IEEE, 2016.
Y. Michalevsky, D. Boneh, and G. Nakibly, “Gyrophone: Recognizing speech from gyroscope signals,” in Proceedings of the 23rd USENIX Conference on Security Symposium, SEC’14, (Berkeley, CA, USA), pp. 1053–1067, USENIX Association, 2014.
Y. Michalevsky, G. Nakibly, A. Schulman, and D. Boneh, “Powerspy: Location tracking using mobile device power analysis,” in 24th USENIX Security Symposium, 2015.
Z. Qu, V. Rastogi, X. Zhang, Y. Chen, T. Zhu, and Z. Chen, “Autocog: Measuring the description-to-permission fidelity in android applications,” in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS’14, (New York, NY, USA), pp. 1354–1365, ACM, 2014
Published
2023-05-19
Issue
Vol 3 No 1 (2023): Mei : JURNAL INFORMATIKA DAN MULTIMEDIA
Section
Articles