Unix Domain Sockets Applied in Android Malware Should Not Be Ignored
Increasingly, malicious Android apps use various methods to steal private user data without their knowledge. Detecting the leakage of private data is the focus of mobile information security. An initial investigation found that none of the existing security analysis systems can track the flow of inf...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2018-03-01
|
| Series: | Information |
| Subjects: | |
| Online Access: | http://www.mdpi.com/2078-2489/9/3/54 |
| _version_ | 1828975656475557888 |
|---|---|
| author | Xu Jiang Dejun Mu Huixiang Zhang |
| author_facet | Xu Jiang Dejun Mu Huixiang Zhang |
| author_sort | Xu Jiang |
| collection | DOAJ |
| description | Increasingly, malicious Android apps use various methods to steal private user data without their knowledge. Detecting the leakage of private data is the focus of mobile information security. An initial investigation found that none of the existing security analysis systems can track the flow of information through Unix domain sockets to detect the leakage of private data through such sockets, which can result in zero-day exploits in the information security field. In this paper, we conduct the first systematic study on Unix domain sockets as applied in Android apps. Then, we identify scenarios in which such apps can leak private data through Unix domain sockets, which the existing dynamic taint analysis systems do not catch. Based on these insights, we propose and implement JDroid, a taint analysis system that can track information flows through Unix domain sockets effectively to detect such privacy leaks. |
| first_indexed | 2024-12-14T14:24:48Z |
| format | Article |
| id | doaj.art-92d04ba95f8e45c9bef56e971e2c1287 |
| institution | Directory Open Access Journal |
| issn | 2078-2489 |
| language | English |
| last_indexed | 2024-12-14T14:24:48Z |
| publishDate | 2018-03-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Information |
| spelling | doaj.art-92d04ba95f8e45c9bef56e971e2c12872022-12-21T22:58:00ZengMDPI AGInformation2078-24892018-03-01935410.3390/info9030054info9030054Unix Domain Sockets Applied in Android Malware Should Not Be IgnoredXu Jiang0Dejun Mu1Huixiang Zhang2School of Automation, Northwestern Polytechnical University, Xi’an 710072, ChinaSchool of Automation, Northwestern Polytechnical University, Xi’an 710072, ChinaSchool of Automation, Northwestern Polytechnical University, Xi’an 710072, ChinaIncreasingly, malicious Android apps use various methods to steal private user data without their knowledge. Detecting the leakage of private data is the focus of mobile information security. An initial investigation found that none of the existing security analysis systems can track the flow of information through Unix domain sockets to detect the leakage of private data through such sockets, which can result in zero-day exploits in the information security field. In this paper, we conduct the first systematic study on Unix domain sockets as applied in Android apps. Then, we identify scenarios in which such apps can leak private data through Unix domain sockets, which the existing dynamic taint analysis systems do not catch. Based on these insights, we propose and implement JDroid, a taint analysis system that can track information flows through Unix domain sockets effectively to detect such privacy leaks.http://www.mdpi.com/2078-2489/9/3/54Androidinformation flowsUnix domain socketsprivate datamalware |
| spellingShingle | Xu Jiang Dejun Mu Huixiang Zhang Unix Domain Sockets Applied in Android Malware Should Not Be Ignored Information Android information flows Unix domain sockets private data malware |
| title | Unix Domain Sockets Applied in Android Malware Should Not Be Ignored |
| title_full | Unix Domain Sockets Applied in Android Malware Should Not Be Ignored |
| title_fullStr | Unix Domain Sockets Applied in Android Malware Should Not Be Ignored |
| title_full_unstemmed | Unix Domain Sockets Applied in Android Malware Should Not Be Ignored |
| title_short | Unix Domain Sockets Applied in Android Malware Should Not Be Ignored |
| title_sort | unix domain sockets applied in android malware should not be ignored |
| topic | Android information flows Unix domain sockets private data malware |
| url | http://www.mdpi.com/2078-2489/9/3/54 |
| work_keys_str_mv | AT xujiang unixdomainsocketsappliedinandroidmalwareshouldnotbeignored AT dejunmu unixdomainsocketsappliedinandroidmalwareshouldnotbeignored AT huixiangzhang unixdomainsocketsappliedinandroidmalwareshouldnotbeignored |