Skip to main content
SpringerLink
Log in

Function Escalation Attack

  • Conference paper
  • First Online:
Book cover International Conference on Security and Privacy in Communication Networks (SecureComm 2014)

Abstract

The prevalence of smartphone makes it more important in people’s business and personal life which also helps it to be a target of the malware. In this paper, we introduce a new kind of attack called Function Escalation Attack which obtains functions locally or remotely. We present three threat models: Steganography, Collusion Attack and Code Abusing. A vulnerability in Android filesystem which is used in code abusing threat model is exposed as well. Three proof-of-concept malicious apps are implemented for each threat model. They could bypass static analysis and dynamic analysis. The result shows that function escalation attack could successfully perform malicious tasks such as taking pictures, recording audio and so on.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Enck, W., Gilbert, P., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation. OSDI 2010, pp. 1–6. USENIX Association, Berkeley (2010)

    Google Scholar 

  2. Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., d Sadeghi, A.R.: Xmandroid: a new android evolution to mitigate privilege escalation attacks. Technical report TR-2011-04, Technische Universität Darmstadt (2011)

    Google Scholar 

  3. Lu, L., Li, Z., Wu, Z., Lee, W., Jiang, G.: Chex: statically vetting android apps for component hijacking vulnerabilities. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 229–240. ACM (2012)

    Google Scholar 

  4. Kim, J., Yoon, Y., Yi, K., Shin, J., Center, S.: Scandal: static analyzer for detecting privacy leaks in android applications. In: MoST (2012)

    Google Scholar 

  5. Tenenboim-Chekina, L., Barad, O., Shabtai, A., Mimran, D., Rokach, L., Shapira, B., Elovici, Y.: Detecting application update attack on mobile devices through network features. In: The 32nd IEEE International Conference on Computer Communications (2013)

    Google Scholar 

  6. Google Play Developer Program Policies. https://play.google.com/about/developer-content-policy.html. Accessed March 2014

  7. Android Security Overview. http://source.android.com/devices/tech/security/index.html. Accessed March 2014

  8. Enck, W., Ongtang, M., McDaniel, P.D., et al.: Understanding android security. IEEE Secur. Priv. 7(1), 50–57 (2009)

    Article  Google Scholar 

  9. Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 627–638. ACM (2011)

    Google Scholar 

  10. Dexclassloader. http://developer.android.com/reference/dalvik/system/DexClassLoader.html. Accessed March 2014

  11. Google, G.S.: Inside the android application framework (2008). https://sites.google.com/site/io/inside-the-android-application-framework

  12. Lua. http://www.lua.org/about.html

  13. LuaJ. http://luaj.org/luaj/README.html

  14. Petitcolas, F.A., Anderson, R.J., Kuhn, M.G.: Information hiding-a survey. Proc. IEEE 87(7), 1062–1078 (1999)

    Article  Google Scholar 

  15. Rfc 2083. http://tools.ietf.org/html/rfc2083

  16. Marforio, C., Ritzdorf, H., Francillon, A., Capkun, S.: Analysis of the communication between colluding applications on modern smartphones. In: Proceedings of the 28th Annual Computer Security Applications Conference, pp. 51–60. ACM (2012)

    Google Scholar 

  17. Android-apktool. https://code.google.com/p/android-apktool/

  18. Dexdeps. https://android.googlesource.com/platform/dalvik.git/+/android-4.2.2_r1/tools/dexdeps

  19. Google, I.: Android market share. http://developer.android.com/about/dashboards/index.html. Accessed March 2014

  20. Baidu Map. http://map.baidu.com/

  21. Youdao Dictionary. http://cidian.youdao.com/mobile.html

  22. Youdao Clound Note. https://note.youdao.com/index.html

  23. Enck, W., Ongtang, M., McDaniel, P.: Mitigating android software misuse before it happens. Technical Report NAS-TR-0094-2008, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA (2008)

    Google Scholar 

  24. Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 235–245. ACM (2009)

    Google Scholar 

  25. Zhang, Y., Yang, M., Xu, B., Yang, Z., Gu, G., Ning, P., Wang, X.S., et al.: Vetting undesirable behaviors in android apps with permission use analysis. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pp. 611–622. ACM (2013)

    Google Scholar 

  26. Shabtai, A., Fledel, Y., Elovici, Y.: Securing android-powered mobile devices using selinux. IEEE Secur. Priv. 8(3), 36–44 (2010)

    Article  Google Scholar 

  27. An analysis of the anserverbot trojan. http://www.csc.ncsu.edu/faculty/jiang/pubs/AnserverBot_Analysis.pdf

  28. Grace, M., Zhou, Y., Zhang, Q., Zou, S., Jiang, X.: Riskranker: scalable and accurate zero-day android malware detection. In: Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services, pp. 281–294. ACM (2012)

    Google Scholar 

  29. Poeplau, S., Fratantonio, Y., Bianchi, A., Kruegel, C., Vigna, G.: Execute this! analyzing unsafe and malicious dynamic code loading in android applications. In: NDSS, vol. 14, pp. 23–26 (2014)

    Google Scholar 

  30. Felt, A.P., Wang, H.J., Moshchuk, A., Hanna, S., Chin, E.: Permission re-delegation: attacks and defenses. In: USENIX Security Symposium (2011)

    Google Scholar 

  31. Davi, L., Dmitrienko, A., Sadeghi, A.-R., Winandy, M.: Privilege escalation attacks on android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 346–360. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  32. Schlegel, R., Zhang, K., Zhou, X.Y., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. In: NDSS, vol. 11, pp. 17–33 (2011)

    Google Scholar 

  33. Owusu, E., Han, J., Das, S., Perrig, A., Zhang, J.: Accessory: password inference using accelerometers on smartphones. In: Proceedings of the Twelfth Workshop on Mobile Computing Systems and Applications, p. 9. ACM (2012)

    Google Scholar 

  34. Xu, Z., Bai, K., Zhu, S.: Taplogger: Inferring user inputs on smartphone touchscreens using on-board motion sensors. In: Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 113–124. ACM (2012)

    Google Scholar 

  35. Templeman, R., Rahman, Z., Crandall, D., Kapadia, A.: Placeraider: virtual theft in physical spaces with smartphones (2012). arXiv preprint, arXiv:1209.5982

  36. Wang, T., Lu, K., Lu, L., Chung, S., Lee, W.: Jekyll on ios: when benign apps become evil. In: Presented as Part of the 22nd USENIX Security Symposium (USENIX), pp. 559–572 (2013)

    Google Scholar 

Download references

Acknowledgement

This research is supported by National Natural Science Foundation of China [61272481].

Author information

Authors and Affiliations

  1. National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, Beijing, China

    Chen Cao, Yuqing Zhang, Qixu Liu & Kai Wang

Authors
  1. Chen Cao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yuqing Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Qixu Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kai Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chen Cao .

Editor information

Editors and Affiliations

  1. CAS, Institute of Information Engineering CAS, Beijing, China

    Jing Tian

  2. Institute of Information Engineering, CAS, Beijing, China

    Jiwu Jing

  3. IBM Thomas J. Watson Research Center, New York, New York, USA

    Mudhakar Srivatsa

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Cao, C., Zhang, Y., Liu, Q., Wang, K. (2015). Function Escalation Attack. In: Tian, J., Jing, J., Srivatsa, M. (eds) International Conference on Security and Privacy in Communication Networks. SecureComm 2014. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 152. Springer, Cham. https://doi.org/10.1007/978-3-319-23829-6_33

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-23829-6_33

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-23828-9

  • Online ISBN: 978-3-319-23829-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation