A New Security Defense Approach for Android Via Proactive Restart

Shan, Zhiyong; Neamtiu, Iulian

doi:10.21608/jocc.2022.254993

|
|
|
How to cite
RIS EndNote BibTeX APA MLA Harvard Vancouver
|
Share

	A New Security Defense Approach for Android Via Proactive Restart
Article 3, Volume 1, Issue 2, August 2022, Page 24-43 PDF (1.07 MB)
Document Type: Original Article
DOI: 10.21608/jocc.2022.254993
View on SCiNiTO
Authors
Zhiyong Shan ¹; Iulian neamtiu²
¹School of Computing, Wichita State University
²Department of Computer Science, New Jersey Institute of Technology, New Jersey, USA
Abstract
The pervasive use of smartphones requires novel approaches to defend against many zero-day smartphone attacks. In this work, we propose a novel proactive approach to stop certain categories of attacks on smartphone apps. The key insight of our approach is to exploit the asymmetry between the high-level state where user-app interaction takes place and the low-level state that attackers target. Specifically, we leverage a smartphone's native support for quick and lossless restarts -- an action that is minimally intrusive for users but disruptive and confusing for attackers. We show how our approach thwarts two classes of attacks -- Activity Inference and Task Hijacking. Experiments on 34 popular Android apps using three proactive restart strategies have revealed that our approach is effective at reducing side-channel time series predictability (hence increasing attacker's burden) and efficient at imposing an acceptable overhead. Restarts also can change back stack contents and thus can help detect Task Hijacking attacks. We propose a time-series entropy metric to quantify resilience to known and unknown attacks. Our experiments show that our tool can detect four types of Task Hijacking attacks.
Keywords
Security Defense; Android; Proactive Restart


Statistics Article View: 193 PDF Download: 355