short-paper

Bittersweet ADB: Attacks and Defenses

Authors:

Sukyoung RyuAuthors Info & Claims

ASIA CCS '15: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security

Pages 579 - 584

https://doi.org/10.1145/2714576.2714638

Published: 14 April 2015 Publication History

Abstract

Android devices and applications become prevalent and ask for unanticipated capabilities thanks to the increased interests in smartphones and web applications. As a way to use the capabilities not directly available to ordinary users, applications have used Android Debug Bridge (ADB), a command line tool to communicate with Android devices for debugging purposes. While ADB provides powerful features that require permissions to use critical system resources, it opens a gate to adversaries.

To understand the ADB capabilities and their possible risks, we present various types of attacks that are not easily identifiable using ADB capabilities and device-specific functions. We show that applications using ADB capabilities can modify installed applications, leak private user data, and track phone calls, among other things only with the INTERNET permission on the same device. To protect Android devices from such attacks, we present several mitigation mechanisms including a static analysis tool that analyzes Android applications to detect possible attacks using ADB capabilities. Such a tool can aid application markets such as Google Play to check third-party applications for possible attacks.

References

[1]

Android logging system. http://elinux.org/Android_Logging_System, 2012.

[2]

AppTornado GmbH. AppBrain: Number of Android applications. http://www.appbrain.com/stats/number-of-android-apps, 2014.

[3]

BlackBerry. Blackberry developer. http://developer.blackberry.com.

[4]

E. Chin, A. P. Felt, K. Greenwood, and D. Wagner. Analyzing inter-application communication in Android. In Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, 2011.

Digital Library

[5]

ClockworkMod. ClockworkMod tether (no root). https://play.google.com/store/apps/details?id=com.koushikdutta.tether, 2013.

[6]

L. Davi, A. Dmitrienko, A.-R. Sadeghi, and M. Winandy. Privilege escalation attacks on Android. In Proceedings of the 13th International Conference on Information Security, 2010.

Digital Library

[7]

A. P. Fuchs, A. Chaudhuri, and J. S. Foster. Scandroid: Automated security certification of Android applications. Technical Report CS-TR-4991, University of Maryland, 2009.

[8]

Google. Android debug bridge. http://developer.android.com/tools/help/adb.html.

[9]

Google. Toasts. http://developer.android.com/guide/topics/ui/notifiers/toasts.html.

[10]

Google. NetworkOnMainThreadException. http://developer.android.com/reference/android/os/NetworkOnMainThreadException.html, 2014.

[11]

C. Gutman. Remote ADB shell. https://play.google.com/store/apps/details?id=com.cgutman.androidremotedebugger&hl=en, 2013.

[12]

Hiandroidstudio. No root screen recorder-trial. https://play.google.com/store/apps/details?id=com.screenrecnoroot&hl=en, 2014.

[13]

IBM. T.J. Watson Libraries for Analysis (WALA). http://wala.sourceforge.net.

[14]

Invisibility. Free screen recorder no root. https://play.google.com/store/apps/details?id=uk.org.invisibility.recordablefree&hl=en, 2014.

[15]

S. Jana and V. Shmatikov. Memento: Learning secrets from process footprints. In Proceedings of the 2012 IEEE Symposium on Security and Privacy, 2012.

Digital Library

[16]

E. Kim. No root screenshot it. https://play.google.com/store/apps/details?id=com.edwardkim.android.screenshotitfullnoroot, 2013.

[17]

D. F. Kune, J. Koelndorfer, N. Hopper, and Y. Kim. Location leaks on the GSM air interface. In Proceedings of the 19th Network and Distributed System Security Symposium, 2012.

[18]

C.-C. Lin, H. Li, X. Zhou, and X. Wang. Screenmilker: How to milk your Android screen for secrets. In Proceedings of the 21st Network and Distributed System Security Symposium, 2014.

[19]

F. Liu. Windows malware attempts to infect Android devices. http://www.symantec.com/connect/blogs/windows-malware-attempts-infect-android-devices, 2014.

[20]

H. Lockheimer. Android and security. http://googlemobile.blogspot.kr/2012/02/android-and-security.html, 2012.

[21]

M. Niemietz and J. Schwenk. UI redressing attacks on Android devices. In Black Hat Abu Dhabi, 2012.

[22]

P. Pearce, A. P. Felt, G. Nunez, and D. Wagner. AdDroid: Privilege separation for applications and advertisers in Android. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, 2012.

Digital Library

[23]

S. Poeplau, Y. Fratantonio, A. Bianchi, C. Kruegel, and G. Vigna. Execute this! Analyzing unsafe and malicious dynamic code loading in Android applications. In Proceedings of the 21st Network and Distributed System Security Symposium, 2014.

[24]

E. Protalinski. Android malware numbers exploded to 25,000 in June 2012. http://www.zdnet.com/android-malware-numbers-explode-to-25000-in-june-2012-7000001046, 2012.

[25]

J. Rivera and R. van der Meulen. Gartner says annual smartphone sales surpassed sales of feature phones for the first time in 2013. http://www.gartner.com/newsroom/id/2665715, 2014.

[26]

SmartUX. Screenshot UX. https://play.google.com/store/apps/details?id=com.liveov.shotux, 2012.

[27]

X. Zhang, R. Gupta, and Y. Zhang. Cost and precision tradeoffs of dynamic data slicing algorithms. ACM Transactions on Programming Languages and Systems, 27:631--661, 2005.

Digital Library

[28]

X. Zhou, S. Demetriou, D. He, M. Naveed, X. Pan, X. Wang, C. A. Gunter, and K. Nahrstedt. Identity, location, disease and more: Inferring your secrets from Android public resources. In Proceedings of the 20th ACM Conference on Computer and Communications Security, 2013.

Digital Library

[29]

X. Zhou, Y. Lee, N. Zhang, M. Naveed, and X. Wang. The peril of fragmentation: Security hazards in Android device driver customizations. In Proceedings of the 2014 IEEE Symposium on Security and Privacy, 2014.

Digital Library

[30]

Y. Zhou and X. Jiang. Detecting passive content leaks and pollution in Android applications. In Proceedings of the 20th Network and Distributed System Security Symposium, 2013.

Cited By

Mahdad ASaxena N(2024)Mobile Login Bridge: Subverting 2FA and Passwordless Authentication via Android Debug Bridge2024 21st Annual International Conference on Privacy, Security and Trust (PST)10.1109/PST62714.2024.10788081(1-12)Online publication date: 28-Aug-2024
https://doi.org/10.1109/PST62714.2024.10788081
Vlachos VStamatiou YNikoletseas S(2023)The Privacy Flag Observatory: A Crowdsourcing Tool for Real Time Privacy Threats EvaluationJournal of Cybersecurity and Privacy10.3390/jcp30100033:1(26-43)Online publication date: 29-Jan-2023
https://doi.org/10.3390/jcp3010003
Majors JBarsallo Yi EMaji AWu DBagchi SMachiry A(2023)Security Properties of Virtual Remotes and SPOOKing their violationsProceedings of the 2023 ACM Asia Conference on Computer and Communications Security10.1145/3579856.3582834(841-854)Online publication date: 10-Jul-2023
https://dl.acm.org/doi/10.1145/3579856.3582834
Show More Cited By

Recommendations

Rooting android --- extending the ADB by an auto-connecting wifi-accessible service
NordSec'11: Proceedings of the 16th Nordic conference on Information Security Technology for Applications

The majority of malware seen on Android has a top-down approach often targeting application programming interfaces (API) of the financially rewarding telephony and short message service (SMS). In this paper we present a proof of concept of compromising ...
Compliance of Blood Donation Apps with Mobile OS Usability Guidelines

The aim of this paper is to employ the guidelines of Android, iOS, Blackberry and Windows Phone to analyze the usability compliance of free blood donation (BD) apps. An analysis process based on a systematic review protocol is used to select free BD ...
Cross-platform development for Sailfish OS and Android: Architectural patterns and "Dictionary trainer" application case study
FRUCT'19: Proceedings of the 19th Conference of Open Innovations Association FRUCT

With the widespread use of mobile devices, the role of mobile applications increases. Nevertheless, the variety of mobile platforms and the differences between them make the development of applications for multiple mobile platforms a highly resource-...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASIA CCS '15: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security

April 2015

698 pages

ISBN:9781450332453

DOI:10.1145/2714576

General Chairs:
Feng Bao
Huawei Technologies Pte Ltd, Singapore
,
Steven Miller
Singapore Management University, Singapore
,
Program Chairs:
Jianying Zhou
Institute for Infocomm Research, Singapore
,
Gail-Joon Ahn
Arizona State University, USA

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 April 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Funding Sources

National Research Foundation of Korea

Conference

ASIA CCS '15

Sponsor:

SIGSAC

ASIA CCS '15: 10th ACM Symposium on Information, Computer and Communications Security

April 14 - March 17, 2015

Singapore, Republic of Singapore

Acceptance Rates

ASIA CCS '15 Paper Acceptance Rate 48 of 269 submissions, 18%;

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
573
Total Downloads

Downloads (Last 12 months)35
Downloads (Last 6 weeks)1

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Mahdad ASaxena N(2024)Mobile Login Bridge: Subverting 2FA and Passwordless Authentication via Android Debug Bridge2024 21st Annual International Conference on Privacy, Security and Trust (PST)10.1109/PST62714.2024.10788081(1-12)Online publication date: 28-Aug-2024
https://doi.org/10.1109/PST62714.2024.10788081
Vlachos VStamatiou YNikoletseas S(2023)The Privacy Flag Observatory: A Crowdsourcing Tool for Real Time Privacy Threats EvaluationJournal of Cybersecurity and Privacy10.3390/jcp30100033:1(26-43)Online publication date: 29-Jan-2023
https://doi.org/10.3390/jcp3010003
Majors JBarsallo Yi EMaji AWu DBagchi SMachiry A(2023)Security Properties of Virtual Remotes and SPOOKing their violationsProceedings of the 2023 ACM Asia Conference on Computer and Communications Security10.1145/3579856.3582834(841-854)Online publication date: 10-Jul-2023
https://dl.acm.org/doi/10.1145/3579856.3582834
Priadi AArizal A(2022)Impact Analysis of Crypto Miner Malware Attacks Using Android Debug Bridge (ADB) Vulnerabilities via TCP/IP on Android-Based Raspberry Pi 4 IoT Device2022 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS)10.1109/ICIMCIS56303.2022.10017625(196-201)Online publication date: 16-Nov-2022
https://doi.org/10.1109/ICIMCIS56303.2022.10017625
Xu FShen SDiao WLi ZChen YLi RZhang KKim YKim JVigna GShi E(2021)Android on PC: On the Security of End-user Android EmulatorsProceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security10.1145/3460120.3484774(1566-1580)Online publication date: 12-Nov-2021
https://dl.acm.org/doi/10.1145/3460120.3484774
Gupta SBuriro ACrispo B(2020)A Risk-Driven Model to Minimize the Effects of Human Factors on Smart DevicesEmerging Technologies for Authorization and Authentication10.1007/978-3-030-39749-4_10(156-170)Online publication date: 25-Jan-2020
https://doi.org/10.1007/978-3-030-39749-4_10
Hwang SLee SRyu S(2020)All about activity injection: Threats, semantics, detection, and defenseSoftware: Practice and Experience10.1002/spe.279250:7(1061-1086)Online publication date: 30-Jan-2020
https://doi.org/10.1002/spe.2792
Lu HHelu XJin CSun YZhang MTian Z(2019)Salaxy: Enabling USB Debugging Mode Automatically to Control Android DevicesIEEE Access10.1109/ACCESS.2019.29588377(178321-178330)Online publication date: 2019
https://doi.org/10.1109/ACCESS.2019.2958837
Graa MLobe Kome ICuppens-Boulahia NCuppens FFrey V(2018)Detection and Response to Data Exfiltration from Internet of Things Android DevicesICT Systems Security and Privacy Protection10.1007/978-3-319-99828-2_24(339-354)Online publication date: 26-Aug-2018
https://doi.org/10.1007/978-3-319-99828-2_24
Lee SHwang SRyu SRosu GDi Penta MNguyen T(2017)All about activity injection: threats, semantics, and detectionProceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering10.5555/3155562.3155597(252-262)Online publication date: 30-Oct-2017
https://dl.acm.org/doi/10.5555/3155562.3155597
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten