Analyzing inter-application communication in Android

MobiSys ’11 Proceedings of the 9th international conference on Mobile systems, applications, and services

ISBN: 978-1-4503-0643-0

Authors: 

Erika Chin University of California, Berkeley, Berkeley, CA, USA     

Adrienne Porter Felt University of California, Berkeley, Berkeley, CA, USA               

Kate Greenwood University of California, Berkeley, Berkeley, CA, USA

David Wagner University of California, Berkeley, Berkeley, CA, USA

This paper provides an analysis of possible security vulnerabilities that stem from the way applications pass data from one activity to another.  Emphasis is placed on intent-based attacks, which are categorized as one of the following:

1. Broadcast theft: Ordered broadcasts can be exploited passively by an eavesdropping receiver, or actively as a kind of denial-of-service where the chain is broken by a malicious receiver.

2. Activity Hijacking: A malicious activity can be launched in place of a legitimate one.

3. Service Hijacking: A malicious service can be started in place of a legitimate one.

4. Special Intents: Pending intents carry permissions with them, which can be exploited by a malicious receiver.

5. Malicious Broadcast Injection: A receiver that accepts any intent without verifying the origin may operate on malicious data.

6. Malicious Activity/Service Launch: An activity/service that returns data may be launched by a malicious one, causing users to unknowingly pass sensitive data to the wrong application.

The authors developed ComDroid, which detects vulnerabilities in applications by analyzing code generated by disassembling Dalvik executable files. They scanned the top 50 applications from both the free and paid sections of the android market with ComDroid, and found that 57% showed signs of possible activity hijacking vulnerabilities, 14% were vulnerable to broadcast injection, and 12% were vulnerable to malicious activity launch.

Suggestions for avoiding these vulnerabilities are presented. The main argument is that intents are unsafe if used carelessly by programmers.

About Sebastian Chande

Sebastian is a fourth year student at Florida State University. He will be graduating in Fall 2012 with a B.S. in computer science, and plans on staying at FSU to pursue a master's degree. He joined the mobile lab at FSU in Spring 2012 to work on innovative projects that draw from multiple areas of computer science.