1 research outputs found
Android inter-app communication threats and detection techniques
With the digital breakthrough, smart phones have become very essential
component. Mobile devices are very attractive attack surface for cyber thieves
as they hold personal details (accounts, locations, contacts, photos) and have
potential capabilities for eavesdropping (with cameras/microphone, wireless
connections). Android, being the most popular, is the target of malicious
hackers who are trying to use Android app as a tool to break into and control
device. Android malware authors use many anti-analysis techniques to hide from
analysis tools. Academic researchers and commercial anti-malware companies are
putting great effort to detect such malicious apps. They are making use of the
combinations of static, dynamic and behavior based analysis techniques. Despite
of all the security mechanisms provided by Android, apps can carry out
malicious actions through collusion. In collusion malicious functionality is
divided across multiple apps. Each participating app accomplish its part and
communicate information to another app through Inter Component Communication
(ICC). ICC do not require any special permissions. Also, there is no compulsion
to inform user about the communication. Each participating app needs to request
a minimal set of privileges, which may make it appear benign to current
state-of-the-art techniques that analyze one app at a time. There are many
surveys on app analysis techniques in Android; however they focus on single-app
analysis. This survey augments this through focusing only on collusion among
multiple-apps. In this paper, we present Android vulnerabilities that may be
exploited for a possible collusion attack. We cover the existing threat
analysis, scenarios, and a detailed comparison of tools for intra and inter-app
analysis. To the best of our knowledge this is the first survey on app
collusion and state-of-the-art detection tools in Android.Comment: 83 pages, 4 figures, This is a survey pape