Visible to the public SCAnDroid: Automated Side-Channel Analysis of Android APIs

TitleSCAnDroid: Automated Side-Channel Analysis of Android APIs
Publication TypeConference Paper
Year of Publication2018
AuthorsSpreitzer, Raphael, Palfinger, Gerald, Mangard, Stefan
Conference NameProceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-5731-9
KeywordsAndroid API, APIs, automatic analysis, compositionality, Java API, pubcrawl, resilience, Resiliency, side-channel analysis

Although the Android system has been continuously hardened against side-channel attacks, there are still plenty of APIs available that can be exploited. However, most side-channel analyses in the literature consider specifically chosen APIs (or resources) in the Android framework, after a manual analysis of APIs for possible information leaks has been performed. Such a manual analysis is a tedious, time consuming, and error-prone task, meaning that information leaks tend to be overlooked. To overcome this tedious task, we introduce SCANDROID, a framework that automatically profiles the Java-based Android API for possible information leaks. Events of interest, such as website launches, Google Maps queries, or application starts, are triggered automatically, and while these events are being triggered, the Java-based Android API is analyzed for possible information leaks that allow inferring these events later on. To assess the Android API for information leaks, SCANDROID relies on dynamic time warping. By applying SCANDROID on Android 8 (Android Oreo), we identified several Android APIs that allow inferring website launches, Google Maps queries, and application starts. The triggered events are by no means exhaustive but have been chosen to demonstrate the broad applicability of SCANDROID. Among the automatically identified information leaks are, for example, the API, the API, and several methods within the Traffics tats API. Thereby, we identify the first side-channel leaks in the Android API on Android 8 (Android Oreo).

Citation Keyspreitzer_scandroid:_2018