Intentio Ex Machina: Android Intent Access Control via an Extensible Application Hook

  • Carter YagemannEmail author
  • Wenliang Du
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9878)


Android’s intent framework serves as the primary method for interprocess communication (IPC) among apps. The increased volume of intent IPC present in Android devices, coupled with intent’s ability to implicitly find valid receivers for IPC, bring about new security challenges. We propose Intentio Ex Machina (IEM), an access control solution for Android intent security. IEM separates the logic for performing access control from the point of interception by placing an interface in the Android framework. This allows the access control logic to be placed inside a normal application and reached via the interface. The app, called a “user firewall”, can then receive intents as they enter the system and inspect them. Not only can the user firewall allow or block intents, but it can even modify them to a controlled extent. Since it runs as a user application, developers are able to create user firewalls that manufacturers can then integrate into their devices. In this way, IEM allows for a new genre of security application for Android systems offering a creative and interactive approach to active IPC defense.


Access Control System Server Threat Model Access Control Mechanism Decision Engine 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



This project was supported in part by the NSF grant 1318814.


  1. 1.
    Aafer, Y., Zhang, N., Zhang, Z., Zhang, X., Chen, K., Wang, X., Zhou, X., Wenliang, D., Grace, M.: Hare hunting in the wild android: a study on the threat of hanging attribute references. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015, pp. 1248–1259. ACM, New York (2015)Google Scholar
  2. 2.
    Andrus, J., Dall, C., Van’t Hof, A., Laadan, O., Nieh, J.: Cells: a virtual mobile smartphone architecture. In: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, SOSP 2011, pp. 173–187. ACM, New York (2011)Google Scholar
  3. 3.
    Backes, M., Bugiel, S., Gerling, S., Scippa: system-centric IPC provenance on android. In: Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC 2014, pp. 36–45. ACM, New York (2014)Google Scholar
  4. 4.
    Backes, M., Bugiel, S., Hammer, C., Schranz, O., von Styp-Rekowsky, P.: Boxify: full-fledged app sandboxing for stock android. In: 24th USENIX Security Symposium (USENIX Security 2015), pp. 691–706. USENIX Association, Washington, D.C., August 2015Google Scholar
  5. 5.
    Bernstein, D.J.: Syn cookies. Accessed 20 Nov 2015
  6. 6.
    Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.-R.: Xmandroid: a new android evolution to mitigate privilege escalation attacks. Technical report TR-2011-04, Technische Universität Darmstadt, April 2011Google Scholar
  7. 7.
    Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.-R., Shastry, B.: Towards taming privilege-escalation attacks on android. In: NDSS (2012)Google Scholar
  8. 8.
    Bugiel, S., Davi, L., Dmitrienko, A., Heuser, S., Sadeghi, A.-R., Shastry, B.: Practical and lightweight domain isolation on android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2011, pp. 51–62. ACM, New York (2011)Google Scholar
  9. 9.
    Bugiel, S., Heuser, S., Sadeghi, A.-R.: Flexible and fine-grained mandatory access control on android for diverse security and privacy policies. In: Presented as Part of the 22nd USENIX Security Symposium (USENIX Security 2013), pp. 131–146. USENIX, Washington, D.C. (2013)Google Scholar
  10. 10.
    Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in android. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, MobiSys 2011, pp. 239–252. ACM, New York (2011)Google Scholar
  11. 11.
    Conti, M., Nguyen, V.T.N., Crispo, B.: CRePE: context-related policy enforcement for android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 331–345. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  12. 12.
    Davi, L., Dmitrienko, A., Sadeghi, A.-R., Winandy, M.: Privilege escalation attacks on android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 346–360. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  13. 13.
    Elish, K.O., Yao, D.D., Ryder, B.G.: On the need of precise inter-app ICC classification for detecting android malware collusions. In: Proceedings of IEEE Mobile Security Technologies (MoST), in Conjunction with the IEEE Symposium on Security and Privacy (2015)Google Scholar
  14. 14.
    Enck, W., Ongtang, M., Mcdaniel, P.: Mitigating android software misuse before it happens (2008)Google Scholar
  15. 15.
    Felt, A.P., Hanna, S., Chin, E., Wang, H.J., Moshchuk, E.: Permission re-delegation: attacks and defenses. In: 20th Usenix Security Symposium (2011)Google Scholar
  16. 16.
    Hay, R., Tripp, O., Pistoia, M.: Dynamic detection of inter-application communication vulnerabilities in android. In: Proceedings of the 2015 International Symposium on Software Testing and Analysis, ISSTA 2015, pp. 118–128. ACM, New York (2015)Google Scholar
  17. 17.
    Heuser, S., Nadkarni, A., Enck, W., Sadeghi, A.-R.: ASM: a programmable interface for extending android security. In: 23rd USENIX Security Symposium (USENIX Security 2014), pp. 1005–1019. USENIX Association, San Diego, August 2014Google Scholar
  18. 18.
    Kantola, D., Chin, E., He, W., Wagner, D.: Reducing attack surfaces for intra-application communication in android. Technical report UCB/EECS-2012-182, EECS Department, University of California, Berkeley, July 2012Google Scholar
  19. 19.
    Lineberry, A., Richardson, D.L., Wyatt, T.: These arent the permissions you are looking for. In: DefCon, vol. 18 (2010)Google Scholar
  20. 20.
    Linux-PAM. A linux-pam page. Accessed 02 Dec 2015
  21. 21.
    Long, L., Li, Z., Zhenyu, W., Lee, W., Jiang, G., Chex: statically vetting android apps for component hijacking vulnerabilities. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS 2012, pp. 229–240. ACM, New York (2012)Google Scholar
  22. 22.
    Ludwig, A.: Android security state of the union. In: Black Hat USA (2015)Google Scholar
  23. 23.
    Maji, A.K., Arshad, F.A., Bagchi, S., Rellermeyer, J.S.: An empirical study of the robustness of inter-component communication in android. In: Proceedings of the 2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), DSN 2012, pp. 1–12. IEEE Computer Society, Washington, D.C. (2012)Google Scholar
  24. 24.
    Nadkarni, A., Enck, W.: Preventing accidental data disclosure in modern operating systems. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, CCS 2013, pp. 1029–1042. ACM, New York (2013)Google Scholar
  25. 25.
    Ongtang, M., McLaughlin, S., Enck, W., McDaniel, P.: Semantically rich application-centric security in android. In: Computer Security Applications Conference, ACSAC 2009, Annual, pp. 340–349, December 2009Google Scholar
  26. 26.
    OWASP. Web application firewall. Accessed 4 Dec 2015
  27. 27.
    Android Open Source Project. Android open source project - issue tracker - issue 177223: Intent/bundle security issue. Accessed 20 Nov 2015
  28. 28.
    Schlegel, R., Zhang, K., Zhou, X., Intwala, M., Kapadia, A., Wang, X.F.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. NDSS 11, 17–33 (2011)Google Scholar
  29. 29.
    Smalley, S., Craig, R.: Security enhanced (se) android: bringing flexible MAC to android. NDSS 310, 20–38 (2013)Google Scholar
  30. 30.
    Chiachih, W., Zhou, Y., Patel, K., Liang, Z., Jiang, X., Airbag: boosting smartphone resistance to malware infection. In: Proceedings of the Network and Distributed System Security Symposium (2014)Google Scholar
  31. 31.
    Zhou, Q., Wang, D., Zhang, Y., Qin, B., Aimin, Y., Zhao, B.: Chaindroid: safe and flexible access to protected android resources based on call chain. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 156–162, July 2013Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.Syracuse UniversitySyracuseUSA

Personalised recommendations