Abstract
Java code is easy to be decompiled, and third-party SO files are used frequently by developers to improve development efficiency. Therefore, more and more core functions of Android applications are implemented in the native layer. However, there is neither comprehensive security research work nor automated security analysis tools on Android native layer, especially for third-party SO files that are dynamically loaded within the applications. To solve this problem, SoProtector, a novel and effective system is proposed to defend against the privacy leaks, which mainly analyzes the data stream between two levels: application and Native layers. In addition, SoProtector includes a real-time monitor to detect malicious functions in binary code. Our evaluation using 3400 applications has demonstrated that SoProtector can detect more sources, sinks and smudges than most static analysis tools; And it detects and effectively blocks more than 82% of applications that dynamically load malicious third-party SO files with low performance overhead.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Symantec index. http://www.symantec.com/connect/blogs/norton-mobile-insight-discovers-facebook-privacyleak
Ball index. http://www.theguardian.com/world/2014/jan/27/nsa-gchqsmartphone-app-angry-birds-personal-data
Gibler, C., Crussell, J., Erickson, J., Chen, H.: AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale. In: Katzenbeisser, S., Weippl, E., Camp, L.Jean, Volkamer, M., Reiter, M., Zhang, X. (eds.) Trust 2012. LNCS, vol. 7344, pp. 291–307. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-30921-2_17
Kaspersky index. http://usa.kaspersky.com/about-us/press-center/pressreleases
Symantec index. http://www..com/connect/blogs/yet-another-bunchmalicious-apps-found-google-play
News index. https://www.csc2.ncsu.edu/faculty/xjiang4/DroidKungFu2/
GingerMaster index. https://www.csc2.ncsu.edu/faculty/xjiang4
News index. https://blog.lookout.com/blog/2011/03/02/android-malware-droiddream-how-it-works/. Accessed 4 Mar 2017
Liu, Z.: Verifiable searchable encryption with aggregate keys for data sharing system. Future Gener. Comput. Syst. 78, 778–788 (2018)
Enck, W.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst., 2–32 (2014)
Hornyack, P.: These aren’t the droids you are looking for: retrofitting Android to protect data from imperious applications. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 639–652 (2011)
Arzt, S.: Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. ACM SIGPLAN Not. 49, 259–269 (2014)
Chen, X.: N-Mobishare: new privacy-perserving location-sharing system for mobile online social networks. Int. J. Comput. Math. 93, 384–400 (2018)
Li, T.: CDFS: a cryptographic data publishing system. J. Comput. Syst. Sci., 80–91 (2018)
Fischer, F.: Stack overflow considered harmful? the impact of copy & paste on android application security. In: IEEE Symposium on Security and Privacy (SP), pp. 121–136 (2017)
Xu, D.: Cryptographic function detection in obfuscated binaries via bit-precise symbolic loop mapping. In: IEEE Symposium on Security and Privacy (SP), pp. 921–937 (2017)
Eschweiler, S.: Efficient cross-architecture identification of bugs in binary code. In: The Network and Distributed System Security Symposium (2016)
Pewny, J.: Cross-architecture bug search in binary executables. In: IEEE Symposium on Security and Privacy, pp. 709–724 (2015)
Feng, Q.: Scalable graph-based bug search for firmware images. In: ACM SIGSAC Conference on Computer and Communications Security, pp. 480–491 (2016)
Geoffrey, H.: Deep learning. Nature 521, 436–444 (2015)
Richard, S.: Recognizing functions in binaries with neural networks. In: USENIX Security, pp. 611–626 (2015)
Xiao, J.: Neural network-based graph embedding for cross-platform binary code similarity detection. In: ACM Conference on Computer and Communications Security, pp. 435–446 (2017)
Wang, H.: A secure, usable, and transparent middleware for permission managers on Android. In: IEEE Transactions on Dependable and Secure Computing, pp. 350–362 (2017)
Wandoujia Store Index. http://www.wandoujia.com/apps
VirusShare Index. https://virusshare.com
Krupp, B.: SPE: security and privacy enhancement framework for mobile devices. IEEE Trans. Dependable Sec. Comput. 14, 433–446 (2017)
Saracino, A.: MADAM: effective and efficient behavior-based android malware detection and prevention. IEEE Trans. Dependable Sec. Comput. 15, 83–97 (2018)
Tongxin, L.: Unleashing the walking dead: understanding cross-app remote infections on mobile WebViews. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 829–844 (2017)
Paranthaman, R.: Malware collection and analysis. In: 2017 IEEE International Conference on Information Reuse and Integration, pp. 26–31 (2017)
Files Websites index. http://cs.tju.edu.cn/csweb/cyxz
Acknowledgement
This work has been partially sponsored by the National Key R&D Program of China (No. 2017YFE0111900), the National Science Foundation of China (No. 61572355, U1736115), the Tianjin Research Program of Application Foundation and Advanced Technology (No. 15JCYBJC15700), and the Fundamental Research of Xinjiang Corps (No. 2016AC015).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Zhang, N., Xu, G., Meng, G., Zheng, X. (2018). SoProtector: Securing Native C/C++ Libraries for Mobile Applications. In: Vaidya, J., Li, J. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2018. Lecture Notes in Computer Science(), vol 11336. Springer, Cham. https://doi.org/10.1007/978-3-030-05057-3_32
Download citation
DOI: https://doi.org/10.1007/978-3-030-05057-3_32
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-05056-6
Online ISBN: 978-3-030-05057-3
eBook Packages: Computer ScienceComputer Science (R0)