88 research outputs found
Analyzing Android Browser Apps for file:// Vulnerabilities
Securing browsers in mobile devices is very challenging, because these
browser apps usually provide browsing services to other apps in the same
device. A malicious app installed in a device can potentially obtain sensitive
information through a browser app. In this paper, we identify four types of
attacks in Android, collectively known as FileCross, that exploits the
vulnerable file:// to obtain users' private files, such as cookies, bookmarks,
and browsing histories. We design an automated system to dynamically test 115
browser apps collected from Google Play and find that 64 of them are vulnerable
to the attacks. Among them are the popular Firefox, Baidu and Maxthon browsers,
and the more application-specific ones, including UC Browser HD for tablet
users, Wikipedia Browser, and Kids Safe Browser. A detailed analysis of these
browsers further shows that 26 browsers (23%) expose their browsing interfaces
unintentionally. In response to our reports, the developers concerned promptly
patched their browsers by forbidding file:// access to private file zones,
disabling JavaScript execution in file:// URLs, or even blocking external
file:// URLs. We employ the same system to validate the ten patches received
from the developers and find one still failing to block the vulnerability.Comment: The paper has been accepted by ISC'14 as a regular paper (see
https://daoyuan14.github.io/). This is a Technical Report version for
referenc
MopEye: Monitoring Per-app Network Performance with Zero Measurement Traffic
Mobile network performance measurement is important for understanding mobile
user experience, problem diagnosis, and service comparison. A number of
crowdsourcing measurement apps (e.g., MobiPerf [4, 6] and Netalyzr [5, 7]) have
been embarked for the last few years. Unlike existing apps that use active
measurement methods, we employ a novel passive-active approach to continuously
monitor per-app network performance on unrooted smartphones without injecting
additional network traffic. By leveraging the VpnService API on Android,
MopEye, our measurement app, intercepts all network traffic and then relays
them to their destinations using socket APIs. Therefore, not only MopEye can
measure the round-trip time accurately, it can do so without injecting
additional traffic. As a result, the bandwidth cost (and monetary cost of data
usage) for conducting such a measurement is eliminated, and the measurement can
be conducted free of user intervention. Our evaluation shows that MopEye's RTT
measurement is very close to result of tcpdump and is more accurate than
MobiPerf. We have used MopEye to conduct a one-week measurement revealing
multiple interesting findings on different apps' performance.Comment: This is the copy of our CoNEXT'15 poster, published in December 1,
2015. MopEye is available on Google Play at
https://play.google.com/store/apps/details?id=com.mopey
- …