Table of Contents Author Guidelines Submit a Manuscript
Security and Communication Networks
Volume 2017 (2017), Article ID 4121765, 13 pages
https://doi.org/10.1155/2017/4121765
Research Article

Android Rooting: An Arms Race between Evasion and Detection

School of Electronic Engineering, Soongsil University, Seoul, Republic of Korea

Correspondence should be addressed to Souhwan Jung; rk.ca.uss@jnawhuos

Received 1 May 2017; Revised 31 July 2017; Accepted 16 August 2017; Published 29 October 2017

Academic Editor: Zonghua Zhang

Copyright © 2017 Long Nguyen-Vu et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. IDC, “Android market share,” 2017, http://www.idc.com/promo/smartphone-market-share/os.
  2. J. J. Drake, Z. Lanier, C. Mulliner, P. O. Fora, S. A. Ridley, and G. Wicherski, Android Hacker’s Handbook, John Wiley & Sons, 2014.
  3. E. Nikolay, Android Security Internals: An In-Depth Guide to Android’s Security Architecture, No Starch Press, 2014.
  4. J. Levin, Android Internals: The Confectioner’s Cookbook (VOL1 The Power User’s View), 2016.
  5. Y. Shao, X. Luo, and C. Qian, “RootGuard: protecting rooted android phones,” The Computer Journal, vol. 47, no. 6, Article ID 6838907, pp. 32–40, 2014. View at Publisher · View at Google Scholar · View at Scopus
  6. Google, “Android security report 2014,” 2015, https://source.android.com/security/reports/Google_Android_Security_2014_Report_Final.pdf.
  7. Google, “Android security report 2015,” 2016, https://source.android.com/security/reports/Google_Android_Security_2015_Report_Final.pdf.
  8. Google, “Android security report 2016,” 2017, https://source.android.com/security/reports/Google_Android_Security_2016_Report_Final.pdf.
  9. Chainfire, “SuperSU,” 2017, http://www.supersu.com.
  10. T. Vidas, C. Zhang, and N. Christin, “Toward a general collection methodology for Android devices,” Digital Investigation, vol. 8, pp. S14–S24, 2011. View at Publisher · View at Google Scholar · View at Scopus
  11. T. Jason, XDA Developers’ Android Hacker’s Toolkit: The Complete Guide to Rooting, ROMs and Theming, John Wiley & Sons, 2012.
  12. L. Nguyen-Vu, “S4URC Advanced Root Checker,” 2017, https://play.google.com/store/apps/details?id=ssu.cnsl.S4URC.rootchecker.
  13. Android Official Website, “Android security architecture,” 2017, https://source.android.com/security.
  14. S.-T. Sun, A. Cuadros, and K. Beznosov, “Android rooting: methods, detection, and evasion,” in Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2015, pp. 3–14, Denver, Colo, USA. View at Publisher · View at Google Scholar · View at Scopus
  15. Chainfire, “How-to SU,” 2017, https://su.chainfire.eu.
  16. K. Yaghmour, Embedded Android: Porting, Extending, and Customizing, O’Reilly Media, 2013.
  17. V. Costamagna and F. Bergadano, “HOOKDROID: Dalvik dynamic instrumentation for security analytics,” International Journal on Information Technologies & Security, vol. 8, no. 3, 2016. View at Google Scholar
  18. J. Gajrani, J. Sarswat, M. Tripathi, V. Laxmi, M. S. Gaur, and M. Conti, “A robust dynamic analysis system preventing SandBox detection by android malware,” in Proceedings of the 8th International Conference on Security of Information and Networks, SIN 2015, Sochi, Russia, September 2015. View at Publisher · View at Google Scholar · View at Scopus
  19. V. Costamagna and C. Zheng, “ARTDroid: A virtual-method hooking framework on android ART runtime,” in Proceedings of the 1st International Workshop on Innovations in Mobile Privacy and Security, IMPS 2016, pp. 20–28, London, UK. View at Scopus
  20. F. Sierra and A. Ramirez, “Defending Your Android App,” in Proceedings of the the 4th Annual ACM Conference, pp. 29–34, Chicago, Ill, USA, September 2015. View at Publisher · View at Google Scholar
  21. Android Developer, “Android platform versions,” 2017, https://developer.android.com/about/dashboards/index.html. View at Publisher · View at Google Scholar
  22. H. Zhang, D. She, and Z. Qian, “Android root and its providers: a double-edged sword,” in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015, pp. 1093–1104, Denver, Colo, USA, October 2015. View at Publisher · View at Google Scholar · View at Scopus
  23. L. Nguyen-Vu and J. Souhwan, “DroidSecure: a technique to mitigate privilege escalation in android application,” Journal of The Korea Institute of Information Security & Cryptology, vol. 26, 2016. View at Google Scholar
  24. L. Nguyen-Vu, J. Park, N.-T. Chau, and S. Jung, “Signing key leak detection in Google Play Store,” in Proceedings of the 30th International Conference on Information Networking, ICOIN 2016, pp. 13–16, Kota Kinabalu, Malaysia, January 2016. View at Publisher · View at Google Scholar · View at Scopus
  25. C. Mulliner, W. Robertson, and E. Kirda, “VirtualSwindle: an automated attack against in-app billing on Android,” in Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, ASIA CCS 2014, pp. 459–470, Kyoto, Japan, June 2014. View at Publisher · View at Google Scholar · View at Scopus
  26. N. Evans, A. Benameur, and Y. Shen, “All your root checks are belong to Us: the sad state of Root detection,” in Proceedings of the 13th ACM International Symposium on Mobility Management and Wireless Access, MobiWac 2015, pp. 81–88, Cancun, Mexico, November 2015. View at Publisher · View at Google Scholar · View at Scopus
  27. T. Kim, H. Ha, S. Choi, J. Jung, and B. Chun, “Breaking Ad-hoc runtime integrity protection mechanisms in android financial apps,” in Proceedings of the the 2017 ACM, pp. 179–192, Abu Dhabi, United Arab Emirates, April 2017. View at Publisher · View at Google Scholar
  28. HEX-RAY, “IDA Pro,” 2017, https://www.hex-rays.com.
  29. P. Kacherginsky, “IDA Patcher,” 2014, https://github.com/iphelix/ida-patcher.
  30. L. Davi, A. Dmitrienko, A.-R. Sadeghi, and M. Winandy, “Privilege escalation attacks on android,” in International Conference on Information Security, Lecture Notes in Computer Science, pp. 346–360, Springer, Berlin, Germany, 2010. View at Publisher · View at Google Scholar
  31. S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, A. Sadeghi, and B. Shastry, “Towards taming privilege-escalation attacks on android,” in Proceedings of the 19th Annual Network & Distributed System Security Symposium (NDSS '12), vol. 17, San Diego, Calif, USA, 2012. View at Publisher · View at Google Scholar
  32. S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, and A.-R. Sadeghi, “Xmandroid: a new android evolution to mitigate privilege escalation attacks,” Tech. Rep., Technische Universitt Darmstadt, Darmstadt, Germany, 2011. View at Google Scholar
  33. S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, A. Sadeghi, and B. Shastry, “Poster: the quest for security against privilege escalation attacks on android,” in Proceedings of the 18th ACM conference on Computer and communications security, pp. 741–744, Chicago, Ill, USA, October 2011. View at Publisher · View at Google Scholar
  34. Y. Park, C. H. Lee, C. Lee, J. H. Lim, M. Park, and S.-J. Cho, “RGBDroid: a novel response-based approach to android privilege escalation attacks,” in Proceedings of the 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats, vol. 12, San Jose, Calif, USA, 2012.
  35. L. Xing, X. Pan, R. Wang, K. Yuan, and X. F. Wang, “Upgrading your Android, elevating my malware: privilege escalation through mobile OS updating,” in Proceedings of the 35th IEEE Symposium on Security and Privacy, SP 2014, pp. 393–408, San Jose, Calif, USA, May 2014. View at Publisher · View at Google Scholar · View at Scopus
  36. Y. Zhongyang, Z. Xin, B. Mao, and L. Xie, “DroidAlarm: an all-sided static analysis tool for Android privilege-escalation malware,” in Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS 2013, pp. 353–358, Hangzhou, China, May 2013. View at Publisher · View at Google Scholar · View at Scopus
  37. P. C. Abhishek, “Analysing the vulnerability exploitation in Android with the device-mapper-verity (dm-verity),” in Proceedings of the Symposium on Applied Computing, pp. 576-577, Marrakech, Morocco, April 2017. View at Publisher · View at Google Scholar
  38. M. Schölzel, E. Eren, K.-O. Detken, and L. Schwenke, “Monitoring Android devices by using events and metadata,” International Journal of Computing, 2016. View at Google Scholar
  39. J. Kozyrakis, “Inside Google SafetyNet,” 2017, https://koz.io/tags/safetynet.
  40. Google, “Enjarify - Android Reversing Tool,” 2017, https://github.com/google/enjarify.
  41. G. Dana, M. Nigmatullin, and R. Bierens, “Jailbreak/Root Detection Evasion Study on iOS and Android,” Research Report, University of Amsterdam, 2016. View at Google Scholar
  42. J.-M. Roberts, “VirusShare,” 2017, https://virusshare.com.
  43. M. Parkour, “Contangio Minidump,” 2017, http://contagiominidump.blogspot.com.