Table of Contents Author Guidelines Submit a Manuscript
Mobile Information Systems
Volume 2018, Article ID 6020461, 9 pages
https://doi.org/10.1155/2018/6020461
Research Article

The Dangers of Rooting: Data Leakage Detection in Android Applications

Department of Computer Science, Università degli Studi di Milano, Via Comelico 39/41, 20135 Milano, Italy

Correspondence should be addressed to Andrea Visconti; ti.iminu@itnocsiv.aerdna

Received 31 July 2017; Revised 11 October 2017; Accepted 28 November 2017; Published 1 February 2018

Academic Editor: Jinglan Zhang

Copyright © 2018 Luca Casati and Andrea Visconti. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. M. Louk, H. Lim, and H. Lee, “An analysis of security system for intrusion in smartphone environment,” The Scientific World Journal, vol. 2014, Article ID 983901, 12 pages, 2014. View at Publisher · View at Google Scholar · View at Scopus
  2. M. Lettner, M. Tschernuth, and R. Mayrhofer, “Mobile platform architecture review: Android, iPhone, QT,” in Proceedings of the International Conference on Computer Aided Systems Theory, pp. 544–551, Springer, Las Palmas de Gran Canaria, Spain, February 2011.
  3. P. Feng, J. Ma, and C. Sun, “Selecting critical data flows in Android applications for abnormal behavior detection,” Mobile Information Systems, vol. 2017, Article ID 7397812, 16 pages, 2017. View at Publisher · View at Google Scholar · View at Scopus
  4. L. Wu, M. Grace, Y. Zhou, C. Wu, and X. Jiang, “The impact of vendor customizations on Android security,” in Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pp. 623–634, ACM, Berlin, Germany, November 2013.
  5. K. Zhu, X. He, B. Xiang, L. Zhang, and A. Pattavina, “How dangerous are your smartphones? App usage recommendation with privacy preserving,” Mobile Information Systems, vol. 2016, Article ID 6804379, 10 pages, 2016. View at Publisher · View at Google Scholar · View at Scopus
  6. A. P. Felt, E. Ha, S. Egelman, A. Haney, E. Chin, and D. Wagner, “Android permissions: user attention, comprehension, and behavior,” in Proceedings of the Eighth Symposium on Usable Privacy and Security, p. 3, ACM, New York, NY, USA, July 2012.
  7. J. Alegre-Sanahuja, J. Camacho, J. C. Cortés López, F. J. Santonja, and R. J. Villanueva Micó, “Agent-based model to study and quantify the evolution dynamics of Android malware infection,” Abstract and Applied Analysis, vol. 2014, Article ID 623436, 10 pages, 2014. View at Publisher · View at Google Scholar · View at Scopus
  8. N. Viennot, E. Garcia, and J. Nieh, “A measurement study of Google Play,” ACM SIGMETRICS Performance Evaluation Review, vol. 42, no. 1, pp. 221–233, 2014. View at Publisher · View at Google Scholar
  9. E. Guzman and W. Maalej, “How do users like this feature? A fine grained sentiment analysis of app reviews,” in Proceedings of the IEEE 22nd International Requirements Engineering Conference (RE), pp. 153–162, IEEE, Karlskrona, Sweden, August 2014.
  10. AppBrain, “Number of Android applications,” 2017, http://www.appbrain.com/stats/number-of-android-apps. View at Google Scholar
  11. AppBrain, “Most popular Google Play categories,” 2017, http://www.appbrain.com/stats/android-market-app-categories. View at Google Scholar
  12. Kaspersky Lab, “Rooting your Android: advantages, disadvantages, and snags,” 2017, https://www.kaspersky.com/blog/android-root-faq/17135/. View at Google Scholar
  13. W. Jeon, J. Kim, Y. Lee, and D. Won, “A practical analysis of smartphone security,” in Human Interface and the Management of Information. Interacting with Information, pp. 311–320, 2011. View at Google Scholar
  14. S. Bossi and A. Visconti, “What users should know about full disk encryption based on LUKS,” in Proceedings of the 14th International Conference on Cryptology and Network Security, Marrakesh, Morocco, December 2015.
  15. C. Vorakulpipat, S. Sirapaisan, E. Rattanalerdnusorn, and V. Savangsuk, “A policy-based framework for preserving confidentiality in BYOD environments: a review of information security perspectives,” Security and Communication Networks, vol. 2017, Article ID 2057260, 11 pages, 2017. View at Publisher · View at Google Scholar · View at Scopus
  16. S. T. Sun, A. Cuadros, and K. Beznosov, “Android rooting: methods, detection, and evasion,” in Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 3–14, ACM, Denver, CO, USA, October 2015.
  17. Y. Kim, T. Oh, and J. Kim, “Analyzing user awareness of privacy data leak in mobile applications,” Mobile Information Systems, vol. 2015, Article ID 369489, 12 pages, 2015. View at Publisher · View at Google Scholar · View at Scopus
  18. M. Nauman, S. Khan, X. Zhang, and J. P. Seifert, “Beyond kernel-level integrity measurement: enabling remote attestation for the android platform,” in Proceedings of the Trust and Trustworthy Computing, pp. 1–15, Berlin, Germany, June 2010.
  19. L. Casati and A. Visconti, “Exploiting a bad user practice to retrieve data leakage on android password managers,” in Proceedings of the International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, pp. 952–958, Springer, Torino, Italy, July 2017.
  20. P. Faruki, A. Bharmal, V. Laxmi et al., “Android security: a survey of issues, malware penetration, and defenses,” IEEE Communications Surveys and Tutorials, vol. 17, no. 2, pp. 998–1022, 2015. View at Publisher · View at Google Scholar · View at Scopus
  21. A. Moser, C. Kruegel, and E. Kirda, “Limits of static analysis for malware detection,” IEEE, December 2007. View at Google Scholar
  22. I. You and K. Yim, “Malware obfuscation techniques: a brief survey,” in Proceedings of the International Conference on Broadband, Wireless Computing, Communication and Applications (BWCCA 2010), pp. 297–300, IEEE, Fukuoka, Japan, 2010.
  23. S. Poeplau, Y. Fratantonio, A. Bianchi, C. Kruegel, and G. Vigna, “Execute this! Analyzing unsafe and malicious dynamic code loading in Android applications,” in Proceedings of the Network and Distributed System Security Symposium (NDSS), vol. 14, pp. 23–26, San Diego, CA, USA, February 2014.
  24. R. Lyda and J. Hamrock, “Using entropy analysis to find encrypted and packed malware,” IEEE Security and Privacy, vol. 5, no. 2, pp. 40–45, 2007. View at Publisher · View at Google Scholar · View at Scopus
  25. O. Somarriba, U. Zurutuza, R. Uribeetxeberria, L. Delosières, and S. Nadjm-Tehrani, “Detection and visualization of android malware behavior,” Journal of Electrical and Computer Engineering, vol. 2016, Article ID 8034967, 17 pages, 2016. View at Publisher · View at Google Scholar · View at Scopus
  26. Y. Aafer, W. Du, and H. Yin, “DroidAPIMiner: mining API-level features for robust malware detection in android,” in Proceedings of the International Conference on Security and Privacy in Communication Systems, pp. 86–103, Springer, Guangzhou, China, October 2013.
  27. T. Azim and I. Neamtiu, “Targeted and depth-first exploration for systematic testing of android apps,” Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications, vol. 48, no. 10, pp. 641–660, 2013. View at Publisher · View at Google Scholar
  28. A. Machiry, R. Tahiliani, and M. Naik, “Dynodroid: an input generation system for Android apps,” in Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering, pp. 224–234, ACM, Saint Petersburg, Russia, August 2013.
  29. R. Mahmood, N. Mirzaei, and S. Malek, “Evodroid: segmented evolutionary testing of Android apps,” in Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 599–609, ACM, Hong Kong, China, November 2014.
  30. K. Tam, A. Feizollah, N. B. Anuar, R. Salleh, and L. Cavallaro, “The evolution of Android malware and Android analysis techniques,” ACM Computing Surveys, vol. 49, no. 4, pp. 1–41, 2017. View at Publisher · View at Google Scholar · View at Scopus
  31. K. Tam, S. J. Khan, A. Fattori, and L. Cavallaro, “Copperdroid: automatic reconstruction of Android malware behaviors,” in Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, USA, February 2015.
  32. Xposed Module Repository, 2017, http://repo.xposed.info/.
  33. L. Li, D. Li, T. F. Bissyandé et al., “Understanding Android app piggybacking: a systematic study of malicious code grafting,” IEEE Transactions on Information Forensics and Security, vol. 12, no. 6, pp. 1269–1284, 2017. View at Publisher · View at Google Scholar · View at Scopus
  34. H. S. Oh, B. J. Kim, H. K. Choi, and S. M. Moon, “Evaluation of Android Dalvik virtual machine,” in Proceedings of the 10th International Workshop on Java Technologies for Real-time and Embedded Systems, ACM, New York, NY, USA, October 2012.
  35. D. Octeau, S. Jha, and P. McDaniel, “Retargeting Android applications to java bytecode,” in Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering, p. 6, ACM, Cary, NC, USA, November 2012.
  36. J. Park, H. Kim, Y. Jeong et al., “Effects of code obfuscation on Android app similarity analysis,” Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, vol. 6, no. 4, pp. 86–98, 2015. View at Google Scholar
  37. F. Sierra and A. Ramirez, “Defending your Android app,” in Proceedings of the 4th Annual ACM Conference on Research in Information Technology, ACM, Chicago, IL, USA, October 2015.
  38. J. Andrus and J. Nieh, “Teaching operating systems using Android,” in Proceedings of the 43rd ACM Technical Symposium on Computer Science Education (SIGCSE’12), ACM, New York, NY, USA, 2012.
  39. A. Shabtai, Y. Fledel, and Y. Elovici, “Securing Android-powered mobile devices using SELinux,” IEEE Security & Privacy, vol. 8, no. 3, pp. 36–44, 2010. View at Publisher · View at Google Scholar · View at Scopus
  40. KingRoot, 2017, https://kingroot.net/.
  41. Nexus Root Toolkit v.2.1.9, 2016, http://www.wugfresh.com/nrt/.
  42. Dashboards–Platform Versions, 2017, https://developer.android.com/about/dashboards/index.html.
  43. Google Play Console Help Center, 2017, https://support.google.com/googleplay/android-developer/.
  44. Android Debug Bridge, 2017, https://developer.android.com/studio/command-line/adb.html.
  45. D. Hardt, The OAuth 2.0 Authorization Framework, RFC 6749, 2012, https://www.rfc-editor.org/info/rfc6749.
  46. Password Hashing Competition, https://password-hashing.net.
  47. K. Moriarty, B. Kaliski, and A. Rusch, PKCS#5: Password-Based Cryptography Specification Version 2.1. RFC 8018, 2017, https://www.rfc-editor.org/info/rfc8018.
  48. J. Steube, “Optimising computation of hash-algorithms as an attacker,” 2013, https://hashcat.net/events/p13/js-ocohaaaa.pdf. View at Google Scholar
  49. A. Visconti, S. Bossi, H. Ragab, and A. Calò, “On the weaknesses of PBKDF2,” in Proceedings of the 14th International Conference on Cryptology and Network Security, Marrakesh, Morocco, December 2015.
  50. A. Ruddick and J. Yan, “Acceleration attacks on PBKDF2: or, what is inside the black-box of oclHashcat?” in Proceedings of the 10th USENIX Workshop on Offensive Technologies, Austin, TX, USA, August 2016.