Novel Attacks and Defenses in the Userland of Android

In the last decade, mobile devices have spread rapidly, becoming more and more part of our everyday lives; this is due to their feature-richness, mobility, and affordable price. At the time of writing, Android is the leader of the market among operating systems, with a share of 76% and two and a half billion active Android devices around the world. Given that such small devices contain a massive amount of our private and sensitive information, the economic interests in the mobile ecosystem skyrocketed. For this reason, not only legitimate apps running on mobile environments have increased dramatically, but also malicious apps have also been on a steady rise. On the one hand, developers of mobile operating systems learned from security mistakes of the past, and they made significant strides in blocking those threats right from the start. On the other hand, these high-security levels did not deter attackers. In this thesis, I present my research contribution about the most meaningful attack and defense scenarios in the userland of the modern Android operating system. I have emphasized "userland'' because attack and defense solutions presented in this thesis are executing in the userspace of the operating system, due to the fact that Android is slightly different from traditional operating systems. After the necessary technical background, I show my solution, RmPerm, in order to enable Android users to better protect their privacy by selectively removing permissions from any app on any Android version. This operation does not require any modification to the underlying operating system because we repack the original application. Then, using again repackaging, I have developed Obfuscapk; it is a black-box obfuscation tool that can work with every Android app and offers a free solution with advanced state of the art obfuscation techniques -- especially the ones used by malware authors. Subsequently, I present a machine learning-based technique that focuses on the identification of malware in resource-constrained devices such as Android smartphones. This technique has a very low resource footprint and does not rely on resources outside the protected device. Afterward, I show how it is possible to mount a phishing attack -- the historically preferred attack vector -- by exploiting two recent Android features, initially introduced in the name of convenience. Although a technical solution to this problem certainly exists, it is not solvable from a single entity, and there is the need for a push from the entire community. But sometimes, even though there exists a solution to a well-known vulnerability, developers do not take proper precautions. In the end, I discuss the Frame Confusion vulnerability; it is often present in hybrid apps, and it was discovered some years ago, but I show how it is still widespread. I proposed a methodology, implemented in the FCDroid tool, for systematically detecting the Frame Confusion vulnerability in hybrid Android apps. The results of an extensive analysis carried out through FCDroid on a set of the most downloaded apps from the Google Play Store prove that 6.63% (i.e., 1637/24675) of hybrid apps are potentially vulnerable to Frame Confusion. The impact of such results on the Android users' community is estimated in 250.000.000 installations of vulnerable apps

Privaros: A Framework for Privacy-Compliant Delivery Drones

We present Privaros, a framework to enforce privacy policies on drones. Privaros is designed for commercial delivery drones, such as the ones that will likely be used by Amazon Prime Air. Such drones visit a number of host airspaces, each of which may have different privacy requirements. Privaros provides an information flow control framework to enforce the policies of these hosts on the guest delivery drones. The mechanisms in Privaros are built on top of ROS, a middleware popular in many drone platforms. This paper presents the design and implementation of these mechanisms, describes how policies are specified, and shows that Privaros's policy specification can be integrated with India's Digital Sky portal. Our evaluation shows that a drone running Privaros can robustly enforce various privacy policies specified by hosts, and that its core mechanisms only marginally increase communication latency and power consumption

Raamistik mobiilsete asjade veebile

Internet on oma arengus läbi aastate jõudnud järgmisse evolutsioonietappi - asjade internetti (ingl Internet of Things, lüh IoT). IoT ei tähista ühtainsat tehnoloogiat, see võimaldab eri seadmeil - arvutid, mobiiltelefonid, autod, kodumasinad, loomad, virtuaalsensorid, jne - omavahel üle Interneti suhelda, vajamata seejuures pidevat inimesepoolset seadistamist ja juhtimist. Mobiilseadmetest nagu näiteks nutitelefon ja tahvelarvuti on saanud meie igapäevased kaaslased ning oma mitmekülgse võimekusega on nad motiveerinud teadustegevust mobiilse IoT vallas. Nutitelefonid kätkevad endas võimekaid protsessoreid ja 3G/4G tehnoloogiatel põhinevaid internetiühendusi. Kuid kui kasutada seadmeid järjepanu täisvõimekusel, tühjeneb mobiili aku kiirelt. Doktoritöö esitleb energiasäästlikku, kergekaalulist mobiilsete veebiteenuste raamistikku anduriandmete kogumiseks, kasutades kergemaid, energiasäästlikumaid suhtlustprotokolle, mis on IoT keskkonnale sobilikumad. Doktoritöö käsitleb põhjalikult energia kokkuhoidu mobiilteenuste majutamisel. Töö käigus loodud raamistikud on kontseptsiooni tõestamiseks katsetatud mitmetes juhtumiuuringutes päris seadmetega.The Internet has evolved, over the years, from just being the Internet to become the Internet of Things (IoT), the next step in its evolution. IoT is not a single technology and it enables about everything from computers, mobile phones, cars, appliances, animals, virtual sensors, etc. that connect and interact with each other over the Internet to function free from human interaction. Mobile devices like the Smartphone and tablet PC have now become essential to everyday life and with extended capabilities have motivated research related to the mobile Internet of Things. Although, the recently developed Smartphones enjoy the high performance and high speed 3G/4G mobile Internet data transmission services, such high speed performances quickly drain the battery power of the mobile device. This thesis presents an energy efficient lightweight mobile Web service provisioning framework for mobile sensing utilizing the protocols that were designed for the constrained IoT environment. Lightweight protocols provide an energy efficient way of communication. Finally, this thesis highlights the energy conservation of the mobile Web service provisioning, the developed framework, extensively. Several case studies with the use of the proposed framework were implemented on real devices and has been thoroughly tested as a proof-of-concept.https://www.ester.ee/record=b522498

A Privacy-Aware Distributed Storage and Replication Middleware for Heterogeneous Computing Platform

Cloud computing is an emerging research area that has drawn considerable interest in recent years. However, the current infrastructure raises significant concerns about how to protect users\u27 privacy, in part due to that users are storing their data in the cloud vendors\u27 servers. In this paper, we address this challenge by proposing and implementing a novel middleware, called Uno, which separates the storage of physical data and their associated metadata. In our design, users\u27 physical data are stored locally on those devices under a user\u27s full control, while their metadata can be uploaded to the commercial cloud. To ensure the reliability of users\u27 data, we develop a novel fine-grained file replication algorithm that exploits both data access patterns and device state patterns. Based on a quantitative analysis of the data set from Rice University, this algorithm replicates data intelligently in different time slots, so that it can not only significantly improve data availability, but also achieve a satisfactory performance on load balancing and storage diversification. We implement the Uno system on a heterogeneous testbed composed of both host servers and mobile devices, and demonstrate the programmability of Uno through implementation and evaluation of two sample applications, Uno@Home and Uno@Sense

PrivacyGuard: A VPN-Based Approach to Detect Privacy Leakages on Android Devices

The Internet is now the most important and efficient way to gain information, and mobile devices are the easiest way to access the Internet. Furthermore, wearable devices, which can be considered to be the next generation of mobile devices, are becoming popular. The more people rely on mobile devices, the more private information about these people can be gathered from their devices. If a device is lost or compromised, much private information is revealed. Although today’s smartphone operating systems are trying to provide a secure environment, they still fail to provide users with adequate control over and visibility into how third-party applications use their private data. The privacy leakage problem on mobile devices is still severe. For example, according a field study [1] done by CMU recently, Android applications track users’ location every three minutes in average. After the PRISM program, a surveillance program done by NSA, is exposed, people are becoming increasingly aware of the mobile privacy leakages. However, there are few tools available to average users for privacy preserving. Most tools developed by recent work have some problems (details can be found in chapter 2). To address these problems, we present PrivacyGuard, an efficient way to simultaneously detect leakage of multiple types of sensitive data, such as a phone’s IMEI number or location data. PrivacyGuard provides real-time protection. It is possible to modify the leaked information and replace it with crafted data to achieve protection. PrivacyGuard is configurable, extensible and useful for other research. We implement PrivacyGuard on the Android platform by taking advantage of the VPNService class provided by the Android SDK. PrivacyGuard does not require root per- missions to run on a device and does not require any knowledge about VPN technology from users either. The VPN server runs on the device locally. No external servers are required. According to our experiments, PrivacyGuard can effectively detect privacy leak- ages of most applications and advertisement libraries with almost no overhead on power consumption and reasonable overhead on network speed