A New Security Defense Approach for Android Via Proactive Restart | ||||
Journal of Computing and Communication | ||||
Article 3, Volume 1, Issue 2, August 2022, Page 24-43 PDF (1.07 MB) | ||||
Document Type: Original Article | ||||
DOI: 10.21608/jocc.2022.254993 | ||||
View on SCiNiTO | ||||
Authors | ||||
Zhiyong Shan 1; Iulian neamtiu2 | ||||
1School of Computing, Wichita State University | ||||
2Department of Computer Science, New Jersey Institute of Technology, New Jersey, USA | ||||
Abstract | ||||
The pervasive use of smartphones requires novel approaches to defend against many zero-day smartphone attacks. In this work, we propose a novel proactive approach to stop certain categories of attacks on smartphone apps. The key insight of our approach is to exploit the asymmetry between the high-level state where user-app interaction takes place and the low-level state that attackers target. Specifically, we leverage a smartphone's native support for quick and lossless restarts -- an action that is minimally intrusive for users but disruptive and confusing for attackers. We show how our approach thwarts two classes of attacks -- Activity Inference and Task Hijacking. Experiments on 34 popular Android apps using three proactive restart strategies have revealed that our approach is effective at reducing side-channel time series predictability (hence increasing attacker's burden) and efficient at imposing an acceptable overhead. Restarts also can change back stack contents and thus can help detect Task Hijacking attacks. We propose a time-series entropy metric to quantify resilience to known and unknown attacks. Our experiments show that our tool can detect four types of Task Hijacking attacks. | ||||
Keywords | ||||
Security Defense; Android; Proactive Restart | ||||
Statistics Article View: 145 PDF Download: 243 |
||||