Active warden attack: On the (in)effectiveness of Android app repackage-proofing
App repackaging has raised serious concerns to the Android ecosystem with the repackage-proofing technology attracting attention in the Android research community. In this paper, we first show that existing repackage-proofing schemes rely on a flawed security assumption, and then propose a new class...
Saved in:
Main Authors: | , , , , , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2022
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/6703 https://ink.library.smu.edu.sg/context/sis_research/article/7706/viewcontent/tdsc_2021_1.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
id |
sg-smu-ink.sis_research-7706 |
---|---|
record_format |
dspace |
spelling |
sg-smu-ink.sis_research-77062024-03-04T08:43:52Z Active warden attack: On the (in)effectiveness of Android app repackage-proofing MA, Haoyu LI, Shijia GAO, Debin WU, Daoyuan JIA, Qiaowen JIA, Chunfu App repackaging has raised serious concerns to the Android ecosystem with the repackage-proofing technology attracting attention in the Android research community. In this paper, we first show that existing repackage-proofing schemes rely on a flawed security assumption, and then propose a new class of active warden attack that intercepts and falsifies the metrics used by repackage-proofing for detecting the integrity violations during repackaging. We develop a proof-of-concept toolkit to demonstrate that all the existing repackage-proofing schemes can be bypassed by our attack toolkit. On the positive side, our analysis further identifies a new integrity metric in the Android ART runtime that can robustly and efficiently indicate bytecode tampering caused by either repackaging or active warden attacks. By associating this new metric with two supplemental verification mechanisms, we construct a multi-party verification framework that significantly raises the bar of repackage-proofing and identify conditions under which the proposed framework could detect app repackaging without getting compromised by active warden attacks. 2022-05-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/6703 info:doi/10.1109/TDSC.2021.3100877 https://ink.library.smu.edu.sg/context/sis_research/article/7706/viewcontent/tdsc_2021_1.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Android security app repackage-proofing active warden attack Information Security Software Engineering |
institution |
Singapore Management University |
building |
SMU Libraries |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
SMU Libraries |
collection |
InK@SMU |
language |
English |
topic |
Android security app repackage-proofing active warden attack Information Security Software Engineering |
spellingShingle |
Android security app repackage-proofing active warden attack Information Security Software Engineering MA, Haoyu LI, Shijia GAO, Debin WU, Daoyuan JIA, Qiaowen JIA, Chunfu Active warden attack: On the (in)effectiveness of Android app repackage-proofing |
description |
App repackaging has raised serious concerns to the Android ecosystem with the repackage-proofing technology attracting attention in the Android research community. In this paper, we first show that existing repackage-proofing schemes rely on a flawed security assumption, and then propose a new class of active warden attack that intercepts and falsifies the metrics used by repackage-proofing for detecting the integrity violations during repackaging. We develop a proof-of-concept toolkit to demonstrate that all the existing repackage-proofing schemes can be bypassed by our attack toolkit. On the positive side, our analysis further identifies a new integrity metric in the Android ART runtime that can robustly and efficiently indicate bytecode tampering caused by either repackaging or active warden attacks. By associating this new metric with two supplemental verification mechanisms, we construct a multi-party verification framework that significantly raises the bar of repackage-proofing and identify conditions under which the proposed framework could detect app repackaging without getting compromised by active warden attacks. |
format |
text |
author |
MA, Haoyu LI, Shijia GAO, Debin WU, Daoyuan JIA, Qiaowen JIA, Chunfu |
author_facet |
MA, Haoyu LI, Shijia GAO, Debin WU, Daoyuan JIA, Qiaowen JIA, Chunfu |
author_sort |
MA, Haoyu |
title |
Active warden attack: On the (in)effectiveness of Android app repackage-proofing |
title_short |
Active warden attack: On the (in)effectiveness of Android app repackage-proofing |
title_full |
Active warden attack: On the (in)effectiveness of Android app repackage-proofing |
title_fullStr |
Active warden attack: On the (in)effectiveness of Android app repackage-proofing |
title_full_unstemmed |
Active warden attack: On the (in)effectiveness of Android app repackage-proofing |
title_sort |
active warden attack: on the (in)effectiveness of android app repackage-proofing |
publisher |
Institutional Knowledge at Singapore Management University |
publishDate |
2022 |
url |
https://ink.library.smu.edu.sg/sis_research/6703 https://ink.library.smu.edu.sg/context/sis_research/article/7706/viewcontent/tdsc_2021_1.pdf |
_version_ |
1794549748059865088 |