Annual Computer Security Applications Conference (ACSAC) 2012

Full Program »

Analysis of the Communication between Colluding Applications on Modern Smartphones

Modern smartphones that implement permission-based security
mechanisms suffer from attacks by colluding applications. Users are
not made aware of possible implications of application collusion
attacks---quite the contrary---on existing platforms, users are
implicitly lead to believe that by approving the installation of
each application independently, they can limit the damage that an
application can cause.

We implement and analyze a number of covert and overt communication
channels that enable applications to collude and therefore
indirectly escalate their permissions. Furthermore, we present and
implement a covert channel between an installed application and a
web page loaded in the system browser. We measure the throughput of
all these channels as well as their bit-error rate and required
synchronization for successful data transmission. The measured
throughput of covert channels ranges from 3.7 bps to 3.27 kbps on a
Nexus One and from 0.47 bps to 4.22 kbps on a Samsung Galaxy S, such
throughputs allow the applications to efficiently exchange users'
sensitive information (e.g., GPS coordinates or contacts). We test
two popular research tools that deal with tracking information flow
or detecting communication channels on mobile platforms, and confirm
that even if they detect a number of channels, they still do not
detect all the channels and therefore fail to fully prevent
application collusion. Attacks using covert communication channels
remain, therefore, a real threat to smartphone security and an open
problem for the research community.


Claudio Marforio    
ETH Zurich

Hubert Ritzdorf    
ETH Zurich

AurĂ©lien Francillon    

Srdjan Capkun    
ETH Zurich


Powered by OpenConf®
Copyright©2002-2014 Zakon Group LLC