Peep with a mirror: Breaking the integrity of Android app sandboxing via unprivileged cache side channel

Application sandboxing is a well-established security principle employed in the Android platform to safeguard sensitive information. However, hardware resources, specifically the CPU caches, are beyond the protection of this software-based mechanism, leaving room for potential side-channel attacks....

Full description

Saved in:
Bibliographic Details
Main Authors: LIN, Yan, WONG, Joshua, LI, Xiang, MA, Haoyu, GAO, Debin
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2024
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/9354
https://ink.library.smu.edu.sg/context/sis_research/article/10354/viewcontent/usenixsecurity24_lin_yan.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-10354
record_format dspace
spelling sg-smu-ink.sis_research-103542024-10-17T03:20:52Z Peep with a mirror: Breaking the integrity of Android app sandboxing via unprivileged cache side channel LIN, Yan WONG, Joshua LI, Xiang MA, Haoyu GAO, Debin Application sandboxing is a well-established security principle employed in the Android platform to safeguard sensitive information. However, hardware resources, specifically the CPU caches, are beyond the protection of this software-based mechanism, leaving room for potential side-channel attacks. Existing attacks against this particular weakness of app sandboxing mainly target shared components among apps, hence can only observe system-level program dynamics (such as UI tracing). In this work, we advance cache side-channel attacks by demonstrating the viability of non-intrusive and fine-grained probing across different app sandboxes, which have the potential to uncover app-specific and private program behaviors, thereby highlighting the importance of further research in this area. In contrast to conventional attack schemes, our proposal leverages a user-level attack surface within the Android platform, namely the dynamic inter-app component sharing with package context (also known as DICI), to fully map the code of targeted victim apps into the memory space of the attacker's sandbox. Building upon this concept, we have developed a proof-of-concept attack demo called ANDROSCOPE and demonstrated its effectiveness with empirical evaluations where the attack app was shown to be able to successfully infer private information pertaining to individual apps, such as driving routes and keystroke dynamics with considerable accuracy. 2024-08-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/9354 https://ink.library.smu.edu.sg/context/sis_research/article/10354/viewcontent/usenixsecurity24_lin_yan.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Information Security
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Information Security
spellingShingle Information Security
LIN, Yan
WONG, Joshua
LI, Xiang
MA, Haoyu
GAO, Debin
Peep with a mirror: Breaking the integrity of Android app sandboxing via unprivileged cache side channel
description Application sandboxing is a well-established security principle employed in the Android platform to safeguard sensitive information. However, hardware resources, specifically the CPU caches, are beyond the protection of this software-based mechanism, leaving room for potential side-channel attacks. Existing attacks against this particular weakness of app sandboxing mainly target shared components among apps, hence can only observe system-level program dynamics (such as UI tracing). In this work, we advance cache side-channel attacks by demonstrating the viability of non-intrusive and fine-grained probing across different app sandboxes, which have the potential to uncover app-specific and private program behaviors, thereby highlighting the importance of further research in this area. In contrast to conventional attack schemes, our proposal leverages a user-level attack surface within the Android platform, namely the dynamic inter-app component sharing with package context (also known as DICI), to fully map the code of targeted victim apps into the memory space of the attacker's sandbox. Building upon this concept, we have developed a proof-of-concept attack demo called ANDROSCOPE and demonstrated its effectiveness with empirical evaluations where the attack app was shown to be able to successfully infer private information pertaining to individual apps, such as driving routes and keystroke dynamics with considerable accuracy.
format text
author LIN, Yan
WONG, Joshua
LI, Xiang
MA, Haoyu
GAO, Debin
author_facet LIN, Yan
WONG, Joshua
LI, Xiang
MA, Haoyu
GAO, Debin
author_sort LIN, Yan
title Peep with a mirror: Breaking the integrity of Android app sandboxing via unprivileged cache side channel
title_short Peep with a mirror: Breaking the integrity of Android app sandboxing via unprivileged cache side channel
title_full Peep with a mirror: Breaking the integrity of Android app sandboxing via unprivileged cache side channel
title_fullStr Peep with a mirror: Breaking the integrity of Android app sandboxing via unprivileged cache side channel
title_full_unstemmed Peep with a mirror: Breaking the integrity of Android app sandboxing via unprivileged cache side channel
title_sort peep with a mirror: breaking the integrity of android app sandboxing via unprivileged cache side channel
publisher Institutional Knowledge at Singapore Management University
publishDate 2024
url https://ink.library.smu.edu.sg/sis_research/9354
https://ink.library.smu.edu.sg/context/sis_research/article/10354/viewcontent/usenixsecurity24_lin_yan.pdf
_version_ 1814047932196847616