Attacks and defence on android free floating windows
Nowadays, the popular Android is so closely involved in people's daily lives that people rely on Android to perform critical operations and trust Android with sensitive information. It is of great importance to guarantee the usability and security of Android which, however, is such a huge syste...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2016
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/3722 https://ink.library.smu.edu.sg/context/sis_research/article/4724/viewcontent/Attacks_and_Defence_on_Android_Free_Floating_Windows__ASIACCS_2016_.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-4724 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-47242017-09-13T04:55:52Z Attacks and defence on android free floating windows YING, Lingyun CHENG, Yao LU, Yemian GU, Yacong SU, Purui FENG, Dengguo Nowadays, the popular Android is so closely involved in people's daily lives that people rely on Android to perform critical operations and trust Android with sensitive information. It is of great importance to guarantee the usability and security of Android which, however, is such a huge system that a potential threat may arise from any part of it. In this paper, we focus on the Free Floating window (FF window) which is a category of windows that can appear freely above any other applications. It can share the screen space with other FF windows, dialogs, and activities. An FF window is flexible in both its appearance and behaviour features. We analyse the behaviour features of FF windows, including the priority in display layer and the capability of processing user-generated events. Three types of attacks via FF windows with delicate design in their appearance and behaviour features are demonstrated, i.e., DoS attack against Android system, GUI hijacking by targeting overlap, and input inference using FF windows as a side channel. To address the threat caused by FF windows, we design a priority framework for FF windows, which protects a sensitive activity/FF window declared by developers from being attacked by any malicious FF windows. A complementary solution is proposed to mitigate the confusion attack from malicious activities. Finally, we provide Android with suggestions on how to manage FF windows. 2016-05-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/3722 info:doi/10.1145/2897845.2897897 https://ink.library.smu.edu.sg/context/sis_research/article/4724/viewcontent/Attacks_and_Defence_on_Android_Free_Floating_Windows__ASIACCS_2016_.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Android; DoS attack; Free floating window; GUI hijacking; Input inference Technology and Innovation |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Android; DoS attack; Free floating window; GUI hijacking; Input inference Technology and Innovation |
| spellingShingle |
Android; DoS attack; Free floating window; GUI hijacking; Input inference Technology and Innovation YING, Lingyun CHENG, Yao LU, Yemian GU, Yacong SU, Purui FENG, Dengguo Attacks and defence on android free floating windows |
| description |
Nowadays, the popular Android is so closely involved in people's daily lives that people rely on Android to perform critical operations and trust Android with sensitive information. It is of great importance to guarantee the usability and security of Android which, however, is such a huge system that a potential threat may arise from any part of it. In this paper, we focus on the Free Floating window (FF window) which is a category of windows that can appear freely above any other applications. It can share the screen space with other FF windows, dialogs, and activities. An FF window is flexible in both its appearance and behaviour features. We analyse the behaviour features of FF windows, including the priority in display layer and the capability of processing user-generated events. Three types of attacks via FF windows with delicate design in their appearance and behaviour features are demonstrated, i.e., DoS attack against Android system, GUI hijacking by targeting overlap, and input inference using FF windows as a side channel. To address the threat caused by FF windows, we design a priority framework for FF windows, which protects a sensitive activity/FF window declared by developers from being attacked by any malicious FF windows. A complementary solution is proposed to mitigate the confusion attack from malicious activities. Finally, we provide Android with suggestions on how to manage FF windows. |
| format |
text |
| author |
YING, Lingyun CHENG, Yao LU, Yemian GU, Yacong SU, Purui FENG, Dengguo |
| author_facet |
YING, Lingyun CHENG, Yao LU, Yemian GU, Yacong SU, Purui FENG, Dengguo |
| author_sort |
YING, Lingyun |
| title |
Attacks and defence on android free floating windows |
| title_short |
Attacks and defence on android free floating windows |
| title_full |
Attacks and defence on android free floating windows |
| title_fullStr |
Attacks and defence on android free floating windows |
| title_full_unstemmed |
Attacks and defence on android free floating windows |
| title_sort |
attacks and defence on android free floating windows |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2016 |
| url |
https://ink.library.smu.edu.sg/sis_research/3722 https://ink.library.smu.edu.sg/context/sis_research/article/4724/viewcontent/Attacks_and_Defence_on_Android_Free_Floating_Windows__ASIACCS_2016_.pdf |
| _version_ |
1770573702666125312 |