A new mitigation approach for covert channel of Android operating system based on permission mechanism

doi:10.7523/j.issn.2095-6134.2015.05.013

Abstract

Abstract:

About 500 million of smart mobile devices have been sold in China because of the new architecture, secure mechanism, rich sensors, and applications. However, the new features cause a new secure problem named smart mobile device covert channel, which is more dangerous than the traditional attacks and leaks users' privacy. At the present stage there are no elimination and mitigation methods. In this work, the Android covert channels are classified into two models including the shared resource-based Android covert channel and the sensor-based covert channel. The latter one has been carefully studied in this work. The new secure features of permission mechanisms is analyzed and extended to protect the sensors. A new mitigation approach for sensor-based channel is designed and implemented, and the experiments show that the covert channel can be mitigated perfectly.

Key words: Android, covert channel, permission mechanism, Android sensors, covert channel mitigation

CLC Number:

TP393

WU Jingzheng, WU Yanjun, LUO Tianyue, WU Zhifei, YANG Mutian, WANG Yongji. A new mitigation approach for covert channel of Android operating system based on permission mechanism[J]. , 2015, 32(5): 667-675.

References

[1] Zhou Y J, Jiang X X. Detecting passive content leaks and pollution in Android applications[C]//Proc of the 20th Annual Network and Distributed System Security Symposium (NDSS'13). San Diego, California, USA, 2013:1-16.

[2] Grace M, Zhou Y J, Zhang Q, et al. RiskRanker:scalable and accurate zero-day android malware detection[C]//Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services (MobiSys'12). Low Wood Bay, Lake District, UK, 2012:281-294.

[3] La Polla M, Martinelli F, Sgandurra D. A survey on security for mobile devices[J]. IEEE Communications Surveys & Tutorials, 2012, 15(1):446-471.

[4] Wu J Z, Wu Y J, Yang M T, et at. Vulnerability detection of Android system in fuzzing cloud[C]//Proceedings of the 2013 IEEE Sixth International Conference on Cloud Computing. IEEE Computer Society, 2013:954-955.

[5] Enck W, Octeau D, Mcdaniel P, et al. A study of android application security[C]//Proceedings of the 20th USENIX Conference on Security. San Francisco, California, USA; USENIX Association,2011:21-36.

[6] Schlegel R, Zhang K H, Zhou X Y, et al. Soundcomber:a stealthy and context-aware sound trojan for smartphones[C]//Proceedings of the 18th Annual Network and Distributed System Security Symposium (NDSS'11). San Diego, California, USA,2011:17-33.

[7] Lampson B W. A note on the confinement problem[J]. Commun ACM, 1973, 16(10):613-615.

[8] 王永吉, 吴敬征, 曾海涛,等. 隐蔽信道研究[J]. 软件学报, 2010, 21(9):2262-2288.

[9] Cai L, Chen H. TouchLogger:inferring keystrokes on touch screen from smartphone motion[C]//Proceedings of the 6th USENIX Conference on Hot Topics in Security. San Francisco, California, USA; USENIX Association. 2011,9-14.

[10] Wu J Z, Wu Y J, Wu Z F, et al. Vulcloud:scalable and hybrid vulnerability detection in cloud computing[C]//Proceedings of the Software Security and Reliability-Companion (SERE-C), 2013 IEEE 7th International Conference on. 2013:18-20.

[11] Yang M T, Wu J Z, Wu Y J, et al. Policykeeper:recommending proper security mechanisms based on the severity of vulnerability considering user experience[C]//Proceedings of the Software Security and Reliability-Companion (SERE-C), 2013 IEEE 7th International Conference on. 2013:F 18-20.

[12] Au K W Y, Zhou Y F, Huang Z, et al. PScout:analyzing the Android permission specification[C]//Proceedings of the 2012 ACM Conference on Computer and Communications Security (CCS'12). Raleigh, North Carolina, USA,2012:217-228.

[13] Shah G, Molina A, Blaze M. Keyboards and covert channels[C]//Proceedings of the 15th Conference on USENIX Security Symposium:Volume 15. Vancouver B C, Canada; USENIX Association,2006.

[14] Owusu E, Han J, Das S, et al. ACCessory:password inference using accelerometers on smartphones[C]//Proceedings of the 12th Workshop on Mobile Computing Systems & Applications (HotMobile'12). San Diego, California, USA, 2012:1-6.

[15] Miluzzo E, Varshavsky A, Balakrishnan S, et al. Tapprints:your finger taps have fingerprints[C]//Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services (MobiSys'12). Low Wood Bay, Lake District, UK, 2012:323-336.

[16] 王昌达, 鞠时光, 周从华,等. 一种隐通道威胁审计的度量方法[J]. 计算机学报, 2009, 32(4):751-762.

[17] 卿斯汉, 朱继锋. 安胜安全操作系统的隐蔽通道分析[J]. 软件学报, 2004, 15(09):1385-1392.

[18] Wu J Z, Wang Y J, Ding L P, et al. A practical covert channel identification approach in source code based on directed information flow graph[C]//The Fifth Annual International Conference on Secure Software Integration and Reliability Improvement (SSIRI 2011). Jeju Island, Korea, Jun 27-29, 2011:98-107.

[19] Wu J Z, Wang Y J, Ding L P, et al. Constructing scenario of event-flag covert channel in secure operating system[C]//2nd International Conference on Information and Multimedia Technology (ICIMT 2010). Hongkong, Dec 28-30, 2010:371-375.

[20] Yao L H, Zi X C, Pan L, et al.A study of on/off timing channel based on packet delay distribution[J] Compwters & Security, 2009, 28(8):785-794.

[21] Wu J Z, Wang Y J, Ding L P, et al. Improving performance of network covert timing channel through Huffman coding[J]. Mathematical and Computer Modelling, 2012, 55(1/2):69-79.

[22] 王永吉, 吴敬征, 曾海涛,等. 一种基于并发冲突间隔时间的隐蔽信道检测方法[J]. 计算机研究与发展, 2011, 48(8):1542-1553.

[23] Wu J Z, Wang Y J, Ding L P, et al. Identification and evaluation of sharing memory covert timing channel in Xen virtual machines[C]//IEEE 4th International Conference on Cloud Computing (CLOUD 2011). Washington DC, USA, Jul 4-9, 2011:283-291.

[24] Ristenpart T, Tromer E, Shacham H, et al. Hey, you, get off of my cloud:exploring information leakage in third-party compute clouds[C]//Proceedings of the 16th ACM Conference on Computer and Communications Security. Chicago, Illinois, USA; ACM, 2009:199-212.

[25] 吴敬征, 丁丽萍, 王永吉. 云计算环境下隐蔽信道关键问题研究[J]. 通信学报, 2011, 32(9A):184-203.

[26] Sailer R, Jaeger T, Valdez E, et al. Building a MAC-based security architecture for the Xen open-source hypervisor[C]//Proceedings of the Computer Security Applications Conference, 21st Annual. F, 2005.

[27] Payne B D, Carbone M, Sharif M, et al. Lares:an architecture for secure active monitoring using virtualization[C]//Proceedings of the Security and Privacy, 2008 SP 2008 IEEE Symposium on. F, 2008.

[28] Azab A M, Ning P, Wang Z, et al. HyperSentry:enabling stealthy in-context measurement of hypervisor integrity[C]//Proceedings of the 17th ACM Conference on Computer and Communications Security. Chicago, Illinois, USA; ACM, 2010:38-49.

[29] Wang Z, Jiang X X. HyperSafe:a lightweight approach to provide lifetime hypervisor control-flow Integrity[C]//Proceedings of the Security and Privacy (SP), 2010 IEEE Symposium on. F 16-19 May, 2010.

[30] Seshadri A, Luk M, Qu N, et al. SecVisor:a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes[J]. SIGOPS Oper Syst Rev, 2007, 41(6):335-350.

[31] Wu J Z, Ding L P, Lin Y Q, et al. XenPump:a new method to mitigate timing channel in cloud computing[C]//Proceedings of the 2012 IEEE Fifth International Conference on Cloud Computing (CLOUD'12). Hawaii, USA; IEEE Computer Society,2012:678-685.

[32] Tsai C R. Covert channel analysis in secure compwter systems[D]. University of Maryland, College Park, MD,1987.