Skip to main content
SpringerLink
Log in

Detecting Android Side Channel Probing Attacks Based on System States

  • Conference paper
  • First Online:
Wireless Algorithms, Systems, and Applications (WASA 2019)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 11604))

Abstract

Side channels are actively exploited by attackers to infer users’ privacy from publicly-available information on Android devices, where attackers probe the states of system components (e.g., CPU and memory), APIs, and device sensors (e.g., gyroscope and microphone). These information can be accessed by applications without any additional permission. As a result, traditional permission-based solutions cannot efficiently prevent/detect these probing attacks. In this paper, we systematically analyze the Android side-channel probing attacks, and observe that the high frequency sensitive data collecting operations from a malicious app caused continuous changes of its process states. Based on this observation, we propose SideGuard, a process-state-based approach to detect side-channel probing attacks. It monitors the process states of the applications and creates the corresponding behavior models described by feature vectors. Based on the application behavior models, we train and obtain classifiers to detect malicious app behaviors by using learning-based classification techniques. We prototyped and evaluated our approach. The experiment results demonstrate the effectiveness of our approach.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Share of Android OS of global smartphone shipments from 1st quarter 2011 to 2nd quarter 2018. https://www.statista.com/statistics/236027/global-smartphone-os-market-share-of-android/. Accessed 3 Mar 2019

  2. Babil, G.S., Mehani, O., Boreli, R., Kaafar, M.A.: On the effectiveness of dynamic taint analysis for protecting against private information leaks on Android-based devices. In: 2013 International Conference on Security and Cryptography (SECRYPT), pp. 1–8. IEEE (2013)

    Google Scholar 

  3. Cai, L., Chen, H.: Touchlogger: inferring keystrokes on touch screen from smartphone motion. HotSec 11, 9 (2011)

    Google Scholar 

  4. Chandra, S., Lin, Z., Kundu, A., Khan, L.: Towards a systematic study of the covert channel attacks in smartphones. In: Tian, J., Jing, J., Srivatsa, M. (eds.) SecureComm 2014. LNICST, vol. 152, pp. 427–435. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23829-6_29

    Google Scholar 

  5. Chen, Q.A., Qian, Z., Mao, Z.M.: Peeking into your app without actually seeing it: UI state inference and novel android attacks. In: 23rd USENIX Security Symposium (USENIX Security 14), pp. 1037–1052 (2014)

    Google Scholar 

  6. Enck, W., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 5 (2014). https://doi.org/10.1145/2619091

    Google Scholar 

  7. Hemminki, S., Nurmi, P., Tarkoma, S.: Accelerometer-based transportation mode detection on smartphones. In: Proceedings of the 11th ACM Conference on Embedded Networked Sensor Systems, p. 13. ACM (2013). https://doi.org/10.1145/2517351.2517367

  8. Ho, B.J., Martin, P., Swaminathan, P., Srivastava, M.: From pressure to path: Barometer-based vehicle tracking. In: Proceedings of the 2nd ACM International Conference on Embedded Systems for Energy-Efficient Built Environments, pp. 65–74. ACM (2015). https://doi.org/10.1145/2821650.2821665

  9. Jana, S., Shmatikov, V.: Memento: learning secrets from process footprints. In: 2012 IEEE Symposium on Security and Privacy, pp. 143–157. IEEE (2012). https://doi.org/10.1109/SP.2012.19

  10. Liang, Y., Cai, Z., Han, Q., Li, Y.: Deep learning based inference of private information using embedded sensors in smart devices. IEEE Netw. Mag. 32(4), 8–14 (2018)

    Google Scholar 

  11. Marforio, C., Ritzdorf, H., Francillon, A., Capkun, S.: Analysis of the communication between colluding applications on modern smartphones. In: Proceedings of the 28th Annual Computer Security Applications Conference, pp. 51–60. ACM (2012). https://doi.org/10.1145/2420950.2420958

  12. Michalevsky, Y., Boneh, D., Nakibly, G.: Gyrophone: recognizing speech from gyroscope signals. In: 23rd USENIX Security Symposium (USENIX Security 14), pp. 1053–1067 (2014)

    Google Scholar 

  13. Michalevsky, Y., Schulman, A., Veerapandian, G.A., Boneh, D., Nakibly, G.: PowerSpy: location tracking using mobile device power analysis. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 785–800 (2015)

    Google Scholar 

  14. Narain, S., Vo-Huu, T.D., Block, K., Noubir, G.: Inferring user routes and locations using zero-permission mobile sensors. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 397–413. IEEE (2016). https://doi.org/10.1109/SP.2016.31

  15. Owusu, E., Han, J., Das, S., Perrig, A., Zhang, J.: Accessory: password inference using accelerometers on smartphones. In: Proceedings of the Twelfth Workshop on Mobile Computing Systems & Applications, p. 9. ACM (2012). https://doi.org/10.1145/2162081.2162095

  16. Ping, D., Sun, X., Mao, B.: TextLogger: inferring longer inputs on touch screen using motion sensors. In: Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, p. 24. ACM (2015). https://doi.org/10.1145/2766498.2766511

  17. Spreitzer, R., Kirchengast, F., Gruss, D., Mangard, S.: Procharvester: fully automated analysis of procfs side-channel leaks on android. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security, pp. 749–763. ACM (2018). https://doi.org/10.1145/3196494.3196510

  18. Taylor, V.F., Spolaor, R., Conti, M., Martinovic, I.: Robust smartphone app identification via encrypted network traffic analysis. IEEE Trans. Inf. Forensics Secur. 13(1), 63–78 (2018). https://doi.org/10.1109/TIFS.2017.2737970

    Google Scholar 

  19. Yan, L., Guo, Y., Chen, X., Mei, H.: A study on power side channels on mobile devices. In: Proceedings of the 7th Asia-Pacific Symposium on Internetware, pp. 30–38. ACM (2015). https://doi.org/10.1145/2875913.2875934

  20. Zhang, L., Cai, Z., Wang, X.: Fakemask: a novel privacy preserving approach for smartphones. IEEE Trans. Netw. Serv. Manag. 13(2), 335–348 (2016)

    Google Scholar 

  21. Zhang, N., Yuan, K., Naveed, M., Zhou, X., Wang, X.: Leave me alone: app-level protection against runtime information gathering on android. In: 2015 IEEE Symposium on Security and Privacy, pp. 915–930. IEEE (2015). https://doi.org/10.1109/SP.2015.61

  22. Zhou, X., et al.: Identity, location, disease and more: inferring your secrets from android public resources. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 1017–1028. ACM (2013). https://doi.org/10.1145/2508859.2516661

Download references

Acknowledgement

We thank the anonymous reviewers for their valuable comments. This work was supported in part by the National Key R&D Program of China (No. 2017YFB080 2400), in part by the National Natural Science Foundation of China (No. 61402029, No. 61871023, No. U11733115), and in part by Singapore Ministry of Education (under NUS Grant No. R-252-000-666-114).

Author information

Authors and Affiliations

  1. Beihang University, Beijing, 100083, China

    Qixiao Lin, Jian Mao, Futian Shi & Shishi Zhu

  2. National University of Singapore, Singapore, 117417, Singapore

    Zhenkai Liang

Authors
  1. Qixiao Lin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jian Mao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Futian Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Shishi Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Zhenkai Liang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jian Mao .

Editor information

Editors and Affiliations

  1. University of Hawaii at Manoa, Honolulu, HI, USA

    Edoardo S. Biagioni

  2. University of Hawaii at Manoa, Honolulu, USA

    Yao Zheng

  3. Harbin Institute of Technology, Harbin, China

    Siyao Cheng

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Lin, Q., Mao, J., Shi, F., Zhu, S., Liang, Z. (2019). Detecting Android Side Channel Probing Attacks Based on System States. In: Biagioni, E., Zheng, Y., Cheng, S. (eds) Wireless Algorithms, Systems, and Applications. WASA 2019. Lecture Notes in Computer Science(), vol 11604. Springer, Cham. https://doi.org/10.1007/978-3-030-23597-0_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-23597-0_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-23596-3

  • Online ISBN: 978-3-030-23597-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation