short-paper

Template-based Android inter process communication fuzzing

Authors:

Anatoli Kalysch,

Tilo MüllerAuthors Info & Claims

ARES '20: Proceedings of the 15th International Conference on Availability, Reliability and Security

Article No.: 32, Pages 1 - 6

https://doi.org/10.1145/3407023.3407052

Published: 25 August 2020 Publication History

Abstract

Fuzzing is a test method in vulnerability assessments that calls the interfaces of a program in order to find bugs in its input processing. Automatically generated inputs, based on a set of templates and randomness, are sent to a program at a high rate, collecting crashes for later investigation. We apply fuzz testing to the inter process communication (IPC) on Android in order to find bugs in the mechanisms how Android apps communicate with each other. The sandboxing principle on Android usually ensures that apps can only communicate to other apps via programmatic interfaces. Unlike traditional operating systems, two Android apps running in the same user context are not able to access the data of each other (security) or quit the other app (safety).

Our IPC fuzzer for Android detects the structure of data sent within Intents between apps by disassembling and analyzing an app's bytecode. It relies on multiple mutation engines for input generation and supports post-mortem analysis for a detailed insight into crashes. We tested 1488 popular apps from the Google Play-Store, enabling us to crash 450 apps with intents that could be sent from any unprivileged app on the same device, thus undermining the safety guarantees given by Android. We show that any installed app on a device could easily crash a series of other apps, effectively rendering them useless. Even worse, we discovered flaws in popular frameworks like Unity, the Google Services API, and the Adjust SDK. Comparing our implementation to previous research shows improvements in the depth and diversity of our detected crashes.

References

[1]

Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. 2014. Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. Acm Sigplan Notices 49, 6 (2014), 259--269.

Digital Library

[2]

Andrew D Birrell and Bruce Jay Nelson. 1984. Implementing remote procedure calls. ACM Transactions on Computer Systems (TOCS) 2, 1 (1984), 39--59.

Digital Library

[3]

Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner. 2011. Analyzing inter-application communication in Android. In Proceedings of the 9th international conference on Mobile systems, applications, and services. ACM, 239--252.

Digital Library

[4]

Mark Deutel. 2019. Analyzer. https://github.com/markdeutel/SmaliAnalyzer, accessed on 02. April 2020.

[5]

Mark Deutel. 2019. Intent Fuzzer. https://github.com/markdeutel/IntentFuzzer, accessed on 02. April 2020.

[6]

Mark Deutel. 2019. Log Parser. https://github.com/markdeutel/LogParser, accessed on 02. April 2020.

[7]

NCC Group. 2018. Intent Fuzzer. https://www.nccgroup.trust/us/our-research/intent-fuzzer/, accessed on 07. April 2020.

[8]

Chris Haseman. 2009. Android Essentials. Apress.

[9]

Aki Helin. 2018. radamsa. https://gitlab.com/akihe/radamsa, accessed on 07. April 2020.

[10]

Yiming Jing, Gail-Joon Ahn, Adam Doupé, and Jeong Hyun Yi. 2016. Checking intent-based communication in android with intent space analysis. In Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security. 735--746.

Digital Library

[11]

MRW Labs. 2018. Drozer. https://labs.mwrinfosecurity.com/tools/drozer/, accessed on 07. April 2020.

[12]

Amiya K Maji, Fahad A Arshad, Saurabh Bagchi, and Jan S Rellermeyer. 2012. An empirical study of the robustness of inter-component communication in Android. In Dependable systems and networks (DSN), 2012 42nd annual IEEE/IFIP international conference on. IEEE, 1--12.

[13]

Google Developer Manual. 2014. UI/Application Exerciser Monkey. https://developer.android.com/studio/test/monkey, accessed on 07. April 2020.

[14]

Barton P Miller, Louis Fredriksen, and Bryan So. 1990. An empirical study of the reliability of UNIX utilities. Commun. ACM 33, 12 (1990), 32--44.

Digital Library

[15]

Barton P Miller, David Koski, Cjin Pheow Lee, Vivekananda Maganty, Ravi Murthy, Ajitkumar Natarajan, and Jeff Steidl. 1995. Fuzz revisited: A reexamination of the reliability of UNIX utilities and services. Technical Report. Technical report.

[16]

Inc. PalmSource. 2005. OpenBinder. http://www.angryredplanet.com/~hackbod/openbinder/docs/html/, accessed on 07. April 2020.

[17]

Pragati Ogal Rai. 2013. Android Application Security Essentials. Packt Publishing Ltd.

Digital Library

[18]

Razvan Ionescu and Stefania Popescu. 2015. Android Intent Fuzzing Module for Drozer. https://events.ccc.de/congress/2015/wiki/images/8/8d/Ccc_pdf_fuzzinozer.pdf, accessed on 07. April 2020.

[19]

Raimondas Sasnauskas and John Regehr. 2014. Intent fuzzer: crafting intents of death. In Proceedings of the 2014 Joint International Workshop on Dynamic Analysis (WODA) and Software and System Performance Testing, Debugging, and Analytics (PERTEA). ACM, 1--5.

Digital Library

[20]

Inc. Statista. 2019. Number of Google Play Store Apps. https://www.statista.com/statistics/266210/number-of-available-applications-in-the-google-play-store/, accessed on 09. April 2020.

[21]

Jice Wang and Hongqi Wu. 2018. Android Inter-App Communication Threats, Solutions, and Challenges. arXiv preprint arXiv:1803.05039 (2018).

[22]

Hui Ye, Shaoyin Cheng, Lanbo Zhang, and Fan Jiang. 2013. Droidfuzzer: Fuzzing the android apps with intent-filter tag. In Proceedings of International Conference on Advances in Mobile Computing & Multimedia. ACM, 68.

Digital Library

[23]

Michal Zalewski. 2017. AFL Fuzzer: american fuzzy loop. https://github.com/google/AFL, accessed on 07. April 2020.

Cited By

Xiong HDai QChang RQiu MWang RShen WZhou YChristakis MPradel M(2024)Atlas: Automating Cross-Language Fuzzing on Android Closed-Source LibrariesProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3652133(350-362)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3652133
Lyvas CLambrinoudakis CGeneiatakis D(2022)IntentAuth: Securing Android’s Intent-based inter-process communicationInternational Journal of Information Security10.1007/s10207-022-00592-921:5(973-982)Online publication date: 22-Apr-2022
https://doi.org/10.1007/s10207-022-00592-9
Laranjeiro NAgnelo JBernardino J(2021)A Systematic Review on Software Robustness AssessmentACM Computing Surveys10.1145/344897754:4(1-65)Online publication date: 3-May-2021
https://dl.acm.org/doi/10.1145/3448977

Index Terms

Template-based Android inter process communication fuzzing
1. Security and privacy
  1. Systems security
    1. Operating systems security
      1. Mobile platform security
    2. Vulnerability management
      1. Penetration testing

Recommendations

Vetting undesirable behaviors in android apps with permission use analysis
CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Android platform adopts permissions to protect sensitive resources from untrusted apps. However, after permissions are granted by users at install time, apps could use these permissions (sensitive resources) with no further restrictions. Thus, recent ...
Inter-app communication between Android apps developed in app-inventor and Android studio
MOBILESoft '16: Proceedings of the International Conference on Mobile Software Engineering and Systems

Communications between mobile apps are an important aspect of mobile platforms. Android is specifically designed with inter-app communication in mind and depends on this to provide different platform specific functionalities. Android Apps can either be ...
Attacks on Android-Based Smartphones and Impact of Vendor Customization on Android OS Security
Information Systems Security
Abstract
Smartphones are ubiquitous today, and they contain a large amount of personal and sensitive information. It is, therefore, essential to secure the underlying operating system. Android is the dominant operating system among the smartphone market; ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '20: Proceedings of the 15th International Conference on Availability, Reliability and Security

August 2020

1073 pages

ISBN:9781450388337

DOI:10.1145/3407023

Program Chairs:
Melanie Volkamer
Karlsruhe Institute of Technologie (KIT), Competence Center for Applied Security Technology (KASTEL)
,
Christian Wressnegger
Karlsruhe Institute of Technologie (KIT), Competence Center for Applied Security Technology (KASTEL)

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 August 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

ARES 2020

ARES 2020: The 15th International Conference on Availability, Reliability and Security

August 25 - 28, 2020

Virtual Event, Ireland

Acceptance Rates

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
250
Total Downloads

Downloads (Last 12 months)46
Downloads (Last 6 weeks)2

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Xiong HDai QChang RQiu MWang RShen WZhou YChristakis MPradel M(2024)Atlas: Automating Cross-Language Fuzzing on Android Closed-Source LibrariesProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3652133(350-362)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3652133
Lyvas CLambrinoudakis CGeneiatakis D(2022)IntentAuth: Securing Android’s Intent-based inter-process communicationInternational Journal of Information Security10.1007/s10207-022-00592-921:5(973-982)Online publication date: 22-Apr-2022
https://doi.org/10.1007/s10207-022-00592-9
Laranjeiro NAgnelo JBernardino J(2021)A Systematic Review on Software Robustness AssessmentACM Computing Surveys10.1145/344897754:4(1-65)Online publication date: 3-May-2021
https://dl.acm.org/doi/10.1145/3448977

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten