Abstract
Correspondingly, Android also becomes a common attack target. Till now, many attacks have been detected out, such as confused deputy attack, collusion attack, and root exploits attack. In this paper, we present a novel attack, denoted as transplantation attack. Transplantation attack, when being applied to spy on user, can make the malicious behavior more stealthy. The attack can evade permission check, evade device administration, and even evade API auditing. The premise of carrying out Transplantation attack is that malware is able to access resources or gain access capability. By fulfilling the premise, we do a case study about Camera device. The result indicates that Transplantation attack indeed exists. Based on these observations, we predict the kind of system resources that may suffer transplantation attack. Defence discussion are also presented.
This work is supported by National Natural Science Foundation of China grant 70890084/G021102 and 61003274, Strategy Pilot Project of Chinese Academy of Sciences sub-project XDA06010702, and National High Technology Research and Development Program of China (863 Program, No. 2013AA01A214 and 2012AA013104).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
CVE: Common vulnerabilities and exposures. http://cve.mitre.org/
Au, K.W.Y., Zhou, Y.F., Huang, Z., Lie, D.: Pscout: analyzing the android permission specification. In: ACM CCS (2012)
Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.R.: XMandroid: a new android evolution to mitigate privilege escalation attacks. Technische Universität Darmstadt, Technical Report TR-2011-04
Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.R., Shastry, B.: Towards taming privilege- escalation attacks on android. In: 19th NDSS 2012 (2012)
Chan, P.P., Hui, L.C., Yiu, S.: A privilege escalation vulnerability checking system for android applications. In: 2011 IEEE 13th International Conference on Communication Technology (ICCT), pp. 681–686. IEEE (2011)
Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in android. In: 9th MobiSys 2011 (2011)
Conti, M., Nguyen, V.T.N., Crispo, B.: Crepe: context-related policy enforcement for android. In: Information Security (2011)
Davi, L., Dmitrienko, A., Sadeghi, A.R., Winandy, M.: Privilege escalation attacks on android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) Information Security. Lecture Notes in Computer Science, vol. 6531, pp. 346–360. Springer, Heidelberg (2011)
Dietz, M., Shekhar, S., Pisetsky, Y., Shu, A., Wallach, D.S.: Quire: lightweight provenance for smart phone operating systems. In: USENIX Security (2011)
Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: 16th ACM CCS, pp. 235–245. ACM (2009)
Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: 18th ACM CCS, pp. 627–638. ACM (2011)
Felt, A.P., Wang, H.J., Moshchuk, A., Hanna, S., Chin, E.: Permission re-delegation: attacks and defenses. In: USENIX Security Symposium (2011)
Fuchs, A.P., Chaudhuri, A., Foster, J.S.: Scandroid: automated security certification of android applications. University of Maryland, Manuscript (2009)
Google: Dashboard, March 2014. http://developer.android.com/about/dashboards/index.html?utm_source=ausdroid.net#Platform
Grace, M., Zhou, Y., Wang, Z., Jiang, X.: Systematic detection of capability leaks in stock android smartphones. In: 19th NDSS (2012)
Nauman, M., Khan, S., Zhang, X.: Apex: extending android permission model and enforcement with user-defined runtime constraints. In: 5th ACM CCS (2010)
NC State University: security alert: New sophisticated android malware droidkungfu found in alternative chinese app markets (2011). http://www.csc.ncsu.edu/faculty/jiang/DroidKungFu.html
NIST: Cve-2013-4787 (2013). http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4787
Ongtang, M., McLaughlin, S., Enck, W., McDaniel, P.: Semantically rich application-centric security in android. Secur. Commun. Netw. 5(6), 658–673 (2012)
Smalley, S., Craig, R.: Security enhanced (se) android: bringing flexible MAC to android. In: NDSS (2013)
Squad, A.S.: Bug 9695860 (2013). http://blog.sina.com.cn/s/blog_be6dacae0101bksm.html
viaForensics: Defeating SEAndroid C DEFCON 21 Presentation. https://viaforensics.com/mobile-security/implementing-seandroid-defcon-21-presentation.html. Accessed August 3, 2013
Xiaoyong, Z., Yeonjoon, L., Nan, Z., Muhammad, N., XiaoFeng, W.: The peril of fragmentation: security hazards in android device driver customizations. In: 35th IEEE Security and Privacy, pp. 1–18. IEEE (2014)
Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: Security and Privacy (SP), pp. 95–109. IEEE (2012)
Zhou, Y., Zhang, X., Jiang, X., Freeh, V.W.: Taming information-stealing smartphone applications (on android). In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) Trust 2011. LNCS, vol. 6740, pp. 93–107. Springer, Heidelberg (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Zhang, Z., Xiang, J., Wang, L., Lei, L. (2015). Transplantation Attack: Analysis and Prediction. In: Tian, J., Jing, J., Srivatsa, M. (eds) International Conference on Security and Privacy in Communication Networks. SecureComm 2014. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 153. Springer, Cham. https://doi.org/10.1007/978-3-319-23802-9_28
Download citation
DOI: https://doi.org/10.1007/978-3-319-23802-9_28
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23801-2
Online ISBN: 978-3-319-23802-9
eBook Packages: Computer ScienceComputer Science (R0)