Advertisement

Burn After Reading: Expunging Execution Footprints of Android Apps

  • Junliang ShuEmail author
  • Juanru Li
  • Yuanyuan Zhang
  • Dawu Gu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11058)

Abstract

Mobile apps nowadays are consuming and producing a mass of sensitive data. In response, a wide variety of privacy protection techniques and tools have been proposed since mobile users have the escalating privacy concerns. However, only a few privacy protection schemes consider how to thoroughly erase the runtime information of an app after its execution. Various traceable vestiges, called execution footprints, are kept by the device which could be used to steal and speculate user’s privacy. We argue that a mobile operating system should not only establish sound isolation between different apps but also need to provide a fine-grained execution footprint expunging mechanism to ensure using an app confidentially. To achieve this target, Mist, a modified Android OS, to generate fine-grained data expunging policies, is designed and implemented. Mist is a lightweight ephemeral container, which does not require the support of specialized hardware or operation mode and it will be disposed of securely when in use apps. In this container, Mist persistently tracks every message generated by the app and then it deletes them during and after the execution. Experiments based on 200 apps show that execution footprints still have been neglected by the Android OS even after the app removal. By utilizing the expunging mechanism Mist provided, those footprints are erased to guarantee a private and confidential execution.

References

  1. 1.
    What if the FBI tried to crack an Android phone? We attacked one to find out. https://theconversation.com/what-if-the-fbi-tried-to-crack-an-android-phone-we-attacked-one-to-find-out-56556
  2. 2.
    White Paper: Red Hat Crash Utility. http://people.redhat.com/anderson/crash_whitepaper/
  3. 3.
    Aggarwal, G., Bursztein, E., Jackson, C., Boneh, D.: An analysis of private browsing modes in modern browsers. In: USENIX Security Symposium, pp. 79–94 (2010)Google Scholar
  4. 4.
    Albano, P., Castiglione, A., Cattaneo, G., De Santis, A.: A novel anti-forensics technique for the android os. In: 2011 International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA), pp. 380–385. IEEE (2011)Google Scholar
  5. 5.
    Cai, L., Chen, H.: Touchlogger: inferring keystrokes on touch screen from smartphone motion. HotSec 11, 9 (2011)Google Scholar
  6. 6.
    Chen, J., Chen, H., Bauman, E., Lin, Z., Zang, B., Guan, H.: You shouldnt collect my secrets: thwarting sensitive keystroke leakage in mobile IME apps. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 657–690 (2015)Google Scholar
  7. 7.
    Djoko, J.B., Jennings, B., Lee, A.J.: Tprivexec: private execution in virtual memory. In: Proceedings of the Sixth ACM on Conference on Data and Application Security and Privacy, pp. 285–294. ACM (2016)Google Scholar
  8. 8.
    Dunn, A.M., et al.: Eternal sunshine of the spotless machine: Protecting privacy with ephemeral channels. In: Presented as part of the 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI 12), pp. 61–75 (2012)Google Scholar
  9. 9.
    Fawaz, K., Feng, H., Shin, K.G.: Anatomization and protection of mobile apps location privacy threats. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 753–768 (2015)Google Scholar
  10. 10.
    Halderman, J.A., et al.: Lest we remember: cold-boot attacks on encryption keys. Commun. ACM 52(5), 91–98 (2009)CrossRefGoogle Scholar
  11. 11.
    Jana, S., Narayanan, A., Shmatikov, V.: A scanner darkly: protecting user privacy from perceptual applications. In: 2013 IEEE Symposium on Security and Privacy (SP), pp. 349–363. IEEE (2013)Google Scholar
  12. 12.
    Kollár, I.: Forensic ram dump image analyser. Master’s Thesis, Charles University in Prague (2010)Google Scholar
  13. 13.
    Li, L., Zhao, X., Xue, G.: Unobservable re-authentication for smartphones. In: NDSS, pp. 1–16 (2013)Google Scholar
  14. 14.
    Lin, C.C., Li, H., Zhou, X.Y., Wang, X.: Screenmilker: how to milk your android screen for secrets. In: NDSS (2014)Google Scholar
  15. 15.
    Lin, Z., Rhee, J., Wu, C., Zhang, X., Xu, D.: Dimsum: discovering semantic data of interest from un-mappable memory with confidence. In: Proceedings of NDSS (2012)Google Scholar
  16. 16.
    Michalevsky, Y., Boneh, D., Nakibly, G.: Gyrophone: recognizing speech from gyroscope signals. In: 23rd USENIX Security Symposium (USENIX Security 14), pp. 1053–1067 (2014)Google Scholar
  17. 17.
    Nan, Y., Yang, M., Yang, Z., Zhou, S., Gu, G., Wang, X.: Uipicker: user-input privacy identification in mobile applications. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 993–1008 (2015)Google Scholar
  18. 18.
    Onarlioglu, K., Mulliner, C., Robertson, W., Kirda, E.: Privexec: private execution as an operating system service. In: 2013 IEEE Symposium on Security and Privacy (SP), pp. 206–220. IEEE (2013)Google Scholar
  19. 19.
    Peters, T.M., Gondree, M.A., Peterson, Z.N.: Defy: a deniable, encrypted file system for log-structured storage (2015)Google Scholar
  20. 20.
    Reardon, J., Marforio, C., Capkun, S., Basin, D.: User-level secure deletion on log-structured le systems. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, pp. 63–64. ACM (2012)Google Scholar
  21. 21.
    Saltaformaggio, B., Bhatia, R., Gu, Z., Zhang, X., Xu, D.: Guitar: piecing together android app guis from memory images. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 120–132. ACM (2015)Google Scholar
  22. 22.
    Saltaformaggio, B., Bhatia, R., Gu, Z., Zhang, X., Xu, D.: VCR: app-agnostic recovery of photographic evidence from android device memory images. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 146–157. ACM (2015)Google Scholar
  23. 23.
    Saltaformaggio, B., Bhatia, R., Zhang, X., Xu, D., Richard III, G.G.: Screen after previous screens: spatial-temporal recreation of android app displays from memory images. In: USENIX Security Symposium, pp. 1137–1151 (2016)Google Scholar
  24. 24.
    Saltaformaggio, B., Gu, Z., Zhang, X., Xu, D.: Dscrete: automatic rendering of forensic information from memory images via application logic reuse. In: 23rd USENIX Security Symposium (USENIX Security 14), pp. 255–269 (2014)Google Scholar
  25. 25.
    Shu, J., Zhang, Y., Li, J., Li, B., Gu, D.: Why data deletion fails? a study on deletion flaws and data remanence in android systems. ACM Trans. Embed. Comput. Syst. (TECS) 16(2), 61 (2017)CrossRefGoogle Scholar
  26. 26.
    Simon, L., Anderson, R.: Security analysis of android factory resets. In: 4th Mobile Security Technologies Workshop (MoST) (2015)Google Scholar
  27. 27.
    Skillen, A., Mannan, M.: On implementing deniable storage encryption for mobile devices (2013)Google Scholar
  28. 28.
    Tang, Y., Ames, P., Bhamidipati, S., Bijlani, A., Geambasu, R., Sarda, N.: Cleanos: limiting mobile data exposure with idle eviction. In: Presented as part of the 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI 12), pp. 77–91 (2012)Google Scholar
  29. 29.
    Xu, M., Jang, Y., Xing, X., Kim, T., Lee, W.: Ucognito: private browsing without tears. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 438–449. ACM (2015)Google Scholar
  30. 30.
    Yajin, Z., Kapil Singh, X.J.: Appshell: making data protection practical for lost or stolen android devices. In: IEEE/IFIP Network Operations and Management Symposium. IEEE (2016)Google Scholar
  31. 31.
    Zhang, N., Yuan, K., Naveed, M., Zhou, X., Wang, X.: Leave me alone: app-level protection against runtime information gathering on android. In: 2015 IEEE Symposium on Security and Privacy, pp. 915–930. IEEE (2015)Google Scholar
  32. 32.
    Zhang, X., Ying, K., Aafer, Y., Qiu, Z., Du, W.: Life after app uninstallation: are the data still alive? data residue attacks on android. In: Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, California, USA(2016)Google Scholar
  33. 33.
    Zhou, X., et al.: Identity, location, disease and more: inferring your secrets from android public resources. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 1017–1028. ACM (2013)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Junliang Shu
    • 1
    Email author
  • Juanru Li
    • 1
  • Yuanyuan Zhang
    • 1
  • Dawu Gu
    • 1
  1. 1.Lab of Cryptology and Computer SecurityShanghai Jiao Tong UniversityShanghaiChina

Personalised recommendations