Subjects
-Tags
-Abstract
The pervasive use of smartphones requires novel approaches to defend against many zero-day smartphone attacks. In this work, we propose a novel proactive approach to stop certain categories of attacks on smartphone apps. The key insight of our approach is to exploit the asymmetry between the high-level state where user-app interaction takes place and the low-level state that attackers target. Specifically, we leverage a smartphone's native support for quick and lossless restarts -- an action that is minimally intrusive for users but disruptive and confusing for attackers. We show how our approach thwarts two classes of attacks -- Activity Inference and Task Hijacking. Experiments on 34 popular Android apps using three proactive restart strategies have revealed that our approach is effective at reducing side-channel time series predictability (hence increasing attacker's burden) and efficient at imposing an acceptable overhead. Restarts also can change back stack contents and thus can help detect Task Hijacking attacks. We propose a time-series entropy metric to quantify resilience to known and unknown attacks. Our experiments show that our tool can detect four types of Task Hijacking attacks.
DOI
10.21608/jocc.2022.254993
Keywords
Security Defense, Android, Proactive Restart
Authors
MiddleName
-Affiliation
School of Computing, Wichita State University
Email
zhiyong.shan@wichita.edu
Orcid
-MiddleName
-Affiliation
Department of Computer Science, New Jersey Institute of Technology, New Jersey, USA
Email
iulian.neamtiu@wichita.edu
City
-Orcid
-Link
https://jocc.journals.ekb.eg/article_254993.html
Detail API
https://jocc.journals.ekb.eg/service?article_code=254993
Publication Title
Journal of Computing and Communication
Publication Link
https://jocc.journals.ekb.eg/
MainTitle
A New Security Defense Approach for Android Via Proactive Restart