research-article

Certified Copy? Understanding Security Risks of Wi-Fi Hotspot based Android Data Clone Services

Authors:

Elisa BertinoAuthors Info & Claims

ACSAC '20: Proceedings of the 36th Annual Computer Security Applications Conference

Pages 320 - 331

https://doi.org/10.1145/3427228.3427263

Published: 08 December 2020 Publication History

Abstract

Wi-Fi hotspot-based data clone services are increasingly used by Android users to transfer their user data and preferred configurations while upgrading obsolete phones to new models. Unfortunately, since the data clone services need to manipulate sensitive information protected by the Android system, vulnerabilities in the design or implementation of these services may result in data privacy breaches. In this paper we present an empirical security analysis of eight widely used Wi-Fi hotspot-based data clone services deployed to millions of Android phones. Our study evaluates those services with respect to data export/import, data transmission, and Wi-Fi configuration with respect to security requirements that the data clone procedure should satisfy. Since data clone services are closed source, we design Poirot, an analysis system to recover workflows of the data clone services and detect potential flaws. Our study reveals a series of critical security issues in the data clone services. We demonstrate two types of attacks that exploit the data clone service as a new attack surface. A vulnerable data clone service allows attackers to retrieve sensitive user data without permissions, and even inject malicious contents to compromise the system.

References

[1]

2012. Android. http://www.android.com/.

[2]

2019. tcpdump. http://www.tcpdump.org/.

[3]

2020. ADB (Android Debug Bridge) - Android Developers. https://developer.android.google.cn/studio/command-line/adb.

[4]

2020. Drozer. https://github.com/FSecureLABS/drozer.

[5]

Accessed 2020. Apache MINA. http://mina.apache.org/.

[6]

Accessed 2020. binwalk. https://github.com/ReFirmLabs/binwalk.

[7]

Accessed 2020. JEB. https://www.pnfsoftware.com/.

[8]

Accessed 2020. Netty Project. https://netty.io/.

[9]

Accessed 2020. Wireshark. https://www.wireshark.org/.

[10]

Yousra Aafer, Nan Zhang, Zhongwen Zhang, Xiao Zhang, Kai Chen, XiaoFeng Wang, Xiao-yong Zhou, Wenliang Du, and Michael Grace. 2015. Hare Hunting in the Wild Android: A Study on the Threat of Hanging Attribute References. In Proc. 22nd ACM Conference on Computer and Communications Security (CCS). ACM, Denver, CO, USA.

Digital Library

[11]

Yousra Aafer, Xiao Zhang, and Wenliang Du. 2016. Harvesting Inconsistent Security Configurations in Custom Android ROMs via Differential Analysis. In Proc. 25th USENIX Security Symposium (Usenix Security). USENIX Association, Austin, TX, USA.

[12]

Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick D. McDaniel. 2014. FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps. In Proc. 35th Conference on Programming Language Design and Implementation (PLDI). ACM, Edinburgh, United Kingdom.

Digital Library

[13]

Manuel Egele, David Brumley, Yanick Fratantonio, and Christopher Kruegel. 2013. An empirical study of cryptographic misuse in android applications. In Proc. 20th ACM Conference on Computer and Communications Security (CCS).

Digital Library

[14]

Manuel Egele, Christopher Kruegel, Engin Kirda, and Giovanni Vigna. 2011. PiOS: Detecting Privacy Leaks in iOS Applications. In Proc. 18th Annual Network and Distributed System Security Symposium (NDSS). Internet Society, San Diego, California, USA,.

[15]

William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick D. McDaniel, and Anmol N. Sheth. 2014. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. ACM Trans. Comput. Syst. 32, 2 (2014), 5:1–5:29.

Digital Library

[16]

Adrienne Porter Felt, Helen J. Wang, Alexander Moshchuk, Steve Hanna, and Erika Chin. 2011. Permission Re-Delegation: Attacks and Defenses. In Proc. 20th USENIX Security Symposium (Usenix Security). USENIX, San Francisco, CA, USA.

[17]

Roberto Gallo, Patricia Hongo, Ricardo Dahab, Luiz C. Navarro, Henrique Kawakami, Kaio Galvão, Glauber Junqueira, and Luander Ribeiro. 2015. Security and System Architecture: Comparison of Android Customizations. In Proc. 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec). ACM, New York, NY, USA.

Digital Library

[18]

J. Gamba, M. Rashed, A. Razaghpanah, J. Tapiador, and N. Vallina-Rodriguez. 2020. An Analysis of Pre-installed Android Software. In Proc. 41th IEEE Symposium on Security and Privacy (SP). IEEE Computer Society, Los Alamitos, CA, USA.

[19]

Michael C. Grace, Yajin Zhou, Zhi Wang, and Xuxian Jiang. 2012. Systematic Detection of Capability Leaks in Stock Android Smartphones. In Proc. 19th Annual Network and Distributed System Security Symposium (NDSS). Internet Society, San Diego, California, USA.

[20]

Stefan Krüger, Johannes Späth, Karim Ali, Eric Bodden, and Mira Mezini. 2019. Crysl: An extensible approach to validating the correct usage of cryptographic apis. IEEE Transactions on Software Engineering(2019).

[21]

Changyu Li, Quanpu Cai, Juanru Li, Hui Liu, Yuanyuan Zhang, Dawu Gu, and Yu Yu. 2018. Passwords in the Air: Harvesting Wi-Fi Credentials from SmartCfg Provisioning. In Proc. 11thACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec). ACM, Stockholm, Sweden.

Digital Library

[22]

L. Li, A. Bartel, T. F. Bissyandé, J. Klein, Y. Le Traon, S. Arzt, S. Rasthofer, E. Bodden, D. Octeau, and P. McDaniel. 2015. IccTA: Detecting Inter-Component Privacy Leaks in Android Apps. In Proc. 37th International Conference on Software Engineering (ICSE). IEEE Computer Society, Florence, Italy.

[23]

Kecheng Liu, Wenlong Shen, Yu Cheng, Lin X Cai, Qing Li, Sheng Zhou, and Zhisheng Niu. 2018. Security Analysis of Mobile Device-to-Device Network Applications. IEEE Internet of Things Journal 6, 2 (2018), 2922–2932.

[24]

René Mayrhofer, Jeffrey Vander Stoep, Chad Brubaker, and Nick Kralevich. 2019. The Android Platform Security Model. CoRR abs/1904.05572(2019).

[25]

Duc Cuong Nguyen, Dominik Wermke, Yasemin Acar, Michael Backes, Charles Weir, and Sascha Fahl. 2017. A stitch in time: Supporting android developers in writingsecure code. In Proc. 24th ACM Conference on Computer and Communications Security (CCS). Dallas, USA, 1065–1077.

Digital Library

[26]

Sazzadur Rahaman, Ya Xiao, Sharmin Afrose, Fahad Shaon, Ke Tian, Miles Frantz, Murat Kantarcioglu, and Danfeng (Daphne) Yao. 2019. CryptoGuard: High Precision Detection of Cryptographic Vulnerabilities in Massive-sized Java Projects. In Proc. 26th ACM Conference on Computer and Communications Security (CCS). ACM, London, UK.

Digital Library

[27]

Laiju K Raju and Reena Nair. 2015. Secure Hotspot a novel approach to secure public Wi-Fi hotspot. In Proc. 3rd International Conference on Control, Communication and Computing India (ICCC). IEEE, Trivandrum India.

[28]

Yuru Shao, Qi Alfred Chen, Zhuoqing Morley Mao, Jason Ott, and Zhiyun Qian. 2016. Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework. In Proc. 23rd Annual Network and Distributed System Security Symposium (NDSS). Internet Society, San Diego, California, USA.

[29]

Wenlong Shen, Bo Yin, Xianghui Cao, Lin X Cai, and Yu Cheng. 2016. Secure Device-to-Device Communications over WiFi Direct. IEEE Network 30, 5 (2016), 4–9.

[30]

Junliang Shu, Juanru Li, Yuanyuan Zhang, and Dawu Gu. 2018. Burn After Reading: Expunging Execution Footprints of Android Apps. In Proc. 12thInternational Conference on Network and System Security (NSS). Springer, Hong Kong, China.

[31]

Seyed Mohammadjavad Seyed Talebi, Hamid Tavakoli, Hang Zhang, Zheng Zhang, Ardalan Amiri Sani, and Zhiyun Qian. 2018. Charm: Facilitating Dynamic Analysis of Device Drivers of Mobile Systems. In Proc. 27th USENIX Security Symposium (Usenix Security). USENIX, Baltimore, MD, USA.

[32]

Narseo Vallina-Rodriguez, Johanna Amann, Christian Kreibich, Nicholas Weaver, and Vern Paxson. 2014. A Tangled Mass: The Android Root Certificate Stores. In Proc. 10th International Conference on emerging Networking EXperiments and Technologies (CoNEXT). ACM, Sydney, Australia.

Digital Library

[33]

Mingjun Wang and Zheng Yan. 2017. A Survey on Security in D2D Communications. Mobile Networks and Applications 22, 2 (2017), 195–208.

Digital Library

[34]

Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, and Xuxian Jiang. 2013. The Impact of Vendor Customizations on Android Security. In Proc 20th ACM Conference on Computer and Communications Security (CCS). ACM, Berlin, Germany.

Digital Library

[35]

Shengqian Yang, Dacong Yan, Haowei Wu, Yan Wang, and Atanas Rountev. 2015. Static Control-Flow Analysis of User-Driven Callbacks in Android Applications. In Proc. 37th International Conference on Software Engineering (ICSE). IEEE Computer Society, Florence, Italy.

[36]

Ka-Ping Yee. 2004. Aligning security and usability. IEEE Security & Privacy 2, 5 (2004), 48–55.

Digital Library

[37]

Lei Zhang, Zhemin Yang, Yuyu He, Zhenyu Zhang, Zhiyun Qian, Geng Hong, Yuan Zhang, and Min Yang. 2018. Invetter: Locating Insecure Input Validations in Android Services. In Proc. 25th ACM Conference on Computer and Communications Security (CCS). ACM, Toronto, ON, Canada.

Digital Library

[38]

Qingchuan Zhao, Chaoshun Zuo, Brendan Dolan-Gavitt, Giancarlo Pellegrino, and Zhiqiang Lin. 2020. Automatic Uncovering of Hidden Behaviors From Input Validation in Mobile Apps. In Proc. 41th IEEE Symposium on Security and Privacy (SP). IEEE Computer Society, Los Alamitos, CA, USA.

[39]

Xiaoyong Zhou, Yeonjoon Lee, Nan Zhang, Muhammad Naveed, and XiaoFeng Wang. 2014. The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations. In Proc. 35th IEEE Symposium on Security and Privacy (SP). IEEE, Berkeley, CA, USA.

Digital Library

Cited By

Wang XZhang YWang XJia YXing LCalandrino JTroncoso C(2023)Union under duressProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620428(3403-3420)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620428
Wong YShen QLi CLiu CAi T(2023)Detecting Malicious Migration on Edge to Prevent Running Data LeakageICASSP 2023 - 2023 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)10.1109/ICASSP49357.2023.10095432(1-5)Online publication date: 4-Jun-2023
https://doi.org/10.1109/ICASSP49357.2023.10095432
Karmakar AGhosh PHirsch MBanerjee PDe DCristian MAlejandro Z(2023)DewMonitor: Dew Computing Monitoring System for Sustainable IoTDew Computing10.1007/978-981-99-4590-0_3(61-78)Online publication date: 3-Sep-2023
https://doi.org/10.1007/978-981-99-4590-0_3
Show More Cited By

Index Terms

Certified Copy? Understanding Security Risks of Wi-Fi Hotspot based Android Data Clone Services

Index terms have been assigned to the content through auto-classification.

Recommendations

Understanding the security management of global third-party Android marketplaces
WAMA 2017: Proceedings of the 2nd ACM SIGSOFT International Workshop on App Market Analytics

As an open platform, Android enables the introduction of a variety of third-party marketplaces in which developers can provide mo- bile apps that are not provided in the official marketplace. Since the initial release of Android OS in 2008, many third-...
Dangerous Wi-Fi access point: attacks to benign smartphone applications

Personalization by means of third party application is one of the greatest advantages of smartphones. For example, when a user looks for a path to destination, he can download and install a navigation application with ease from official online market ...
Android: Changing the Mobile Landscape

The mobile phone landscape changed last year with the introduction of smart phones running Android, a platform marketed by Google. Android phones are the first credible threat to the iPhone market. Not only did Google target the same consumers as iPhone,...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ACSAC '20: Proceedings of the 36th Annual Computer Security Applications Conference

December 2020

962 pages

ISBN:9781450388580

DOI:10.1145/3427228

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 December 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

Conference

ACSAC '20

ACSAC '20: Annual Computer Security Applications Conference

December 7 - 11, 2020

Austin, USA

Acceptance Rates

Overall Acceptance Rate 104 of 497 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
233
Total Downloads

Downloads (Last 12 months)38
Downloads (Last 6 weeks)4

Reflects downloads up to 16 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Wang XZhang YWang XJia YXing LCalandrino JTroncoso C(2023)Union under duressProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620428(3403-3420)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620428
Wong YShen QLi CLiu CAi T(2023)Detecting Malicious Migration on Edge to Prevent Running Data LeakageICASSP 2023 - 2023 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)10.1109/ICASSP49357.2023.10095432(1-5)Online publication date: 4-Jun-2023
https://doi.org/10.1109/ICASSP49357.2023.10095432
Karmakar AGhosh PHirsch MBanerjee PDe DCristian MAlejandro Z(2023)DewMonitor: Dew Computing Monitoring System for Sustainable IoTDew Computing10.1007/978-981-99-4590-0_3(61-78)Online publication date: 3-Sep-2023
https://doi.org/10.1007/978-981-99-4590-0_3
Ray PSkala K(2022)Internet of Things Aware Secure Dew Computing Architecture for Distributed Hotspot Network: A Conceptual StudyApplied Sciences10.3390/app1218896312:18(8963)Online publication date: 6-Sep-2022
https://doi.org/10.3390/app12188963
Tran Le DTran TDang KAlkanhel RMuthanna A(2022)Malware Spreading Model for Routers in Wi-Fi NetworksIEEE Access10.1109/ACCESS.2022.318224310(61873-61891)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3182243
Song WMing JJiang LYan HXiang YChen YFu JPeng G(2021)App's Auto-Login Function Security Testing via Android OS-Level VirtualizationProceedings of the 43rd International Conference on Software Engineering10.1109/ICSE43902.2021.00149(1683-1694)Online publication date: 22-May-2021
https://dl.acm.org/doi/10.1109/ICSE43902.2021.00149

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Table of Contents