The International Arab Journal of Information Technology (IAJIT)

..............................
..............................
..............................


Preventing Collusion Attack in Android

#
 Globally, the number of Smartphone users has risen  above a billion, and most of users use them to do their  day-to- day  activities.  Therefore,  the  security  of  smartpho nes  turns  to  a  great  concern.  Recently,  Android  as  the  most  popular  smartphone platform has been targeted by the attack ers. Many severe attacks to Android are caused by m alicious applications  which  acquire  excessive  privileges  at  install  time.   Moreover  some  applications  are  able  to  collude  tog ether  in  order  to  increase  their  privileges  by  sharing  their  permissi ons.  This  paper  proposes  a  mechanism  for  preventing   this  kind  of  collusion  attack on Android by detecting the applications whi ch are able to share their acquired permissions. By applying the proposed  mechanism  on  a  set  of  290  applications  downloaded  f rom  the  Android  official  market,  Google  Play,  the  number  of  detected  applications  which  potentially  are  able  to  conduct  malicious  activities  increased  by  12.90%  in  compare   to  the  existing  detection  mechanism.  Results  showed  that  there  were   4  applications  among  the  detected  applications  which  were  able  to  collude together in order to acquire excessive priv ileges and were totally ignored by the existing method.   


[1] Bartel A., Klein J., Le Y., and Monperrus M., Automatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android, in Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering , USA, pp. 274- 277, 2012.

[2] Bradley T., DroidDream Becomes Android Market Nightmare, available at: http://www.pcworld.com/businesscenter/article/2 21247/droiddream_2015becomes_android_marke t_nightmare.html, last visited 2015.

[3] Bugiel S., Davi L., Dmitrienko A., Fischer T., and Sadeghi A., Xmandroid: A New Android Evolution to Mitigate Privilege Escalation Attacks, Technical Report, Technische Universit t Darmstadt , Germany, 2011

[4] Chan P., Hui L., and Yiu S., A Privilege Escalation Vulnerability Checking System for Android Applications, in Proceedings of the 13th International Conference on Communication Technology , Jinan, pp. 681-686, 2011.

[5] Davi L., Dmitrienko A., Sadeghi A., and Winandy M., Privilege Escalation Attacks on Android, in Proceedings of the 13th International Conference on Information Security , Boca Raton, USA, pp. 346-360, 2010.

[6] Egele M., Kruegel C., Kirda E., and Vigna G., PiOS: Detecting Privacy Leaks in iOS Applications, in Proceedings of the 18th Annual Network and Distributed System Security Symposium , San Diego, USA, pp. 1-15, 2011.

[7] Enck W., Gilbert P., Chun B., Cox L., Jung J., McDaniel P., and Sheth A., TaintDroid: An Information-Flow Tracking System for Real-time Privacy Monitoring on Smartphones, in Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation, Vancouver , Canada, pp. 99-106, 2010.

[8] Enck W., Ongtang M., and McDaniel P., On Lightweight Mobile Phone Application, in Proceedings of the 16th ACM Conference on Computer and Communications Security , Chicago, USA, pp. 235-245, 2009.

[9] Fang Z., Han W., and Li Y., Permission Based Android Security: Issues and Countermeasures, Computer and Security, vol. 43, pp. 205-218, 2014.

[10] Faruki P., Bharmal A., Laxmi V., Ganmoor V., Gaur M., Conti M., and Rajarajan M., Android Security: A Survey of Issues, Malware Penetration and Defenses, Communications Surveys and Tutorials , vol. 17, no. 2, pp. 998- 1022, 2014.

[11] Fragkaki E., Bauer L., Jia L., and Swasey D., Modeling and Enhancing Android s Permission System, in Proceedings of the 17th European Symposium on Research in Computer Security , pp. 1-18, 2012.

[12] Google Inc., Android Security Overview, Security and Permissions, available at: http://source.android.com/tech/security/#android- application-security, last visited 2015.

[13] Hsiao Sh-W., Hung S-H, Chien R., and Yeh C- W., PasDroid: Real-time Security Enhancement for Android, in Proceedings of the 8th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing , Birmingham, England, pp. 229-235, 2014. 726 The International Arab Journal of Information Techn ology, Vol. 12, No. 6A, 2015

[14] Kashefi I. and Salleh M., A Survey on Mitigating Attacks Related to Shortcomings of Andoid Permission Framework, Journal of Theoretical and Applied Information Technology , vol. 55, no. 2, pp. 1-9, 2013.

[15] Mahaffey K. and Hering J, App Attack: Surviving the Explosive Growth of Mobile Apps, pp. 1-93, 2010.

[16] Mittal P., Dhruv B., Kumar P., and Rawat S., Analysis of Security Trends and Control Methods in Android Platform, in Proceedings of International Conference on Innovative Applications of Computational Intelligence on Power, Energy and Controls with their Impact on Humanity , Ghaziabad, pp. 75-79, 2014.

[17] Nauman M. and Khan S., Design and Implementation of a Fine-grained Resource Usage Model for the Android Platform, the International Arab Journal of Information Technology , vol. 8, no. 4, pp. 440-448, 2011.

[18] Nauman M., Khan S., and Zhang X., Apex: Extending Android Permission Model and Enforcement with User-Defined Runtime Constraints, in Proceedings of the 5th ACM Symposium on Information , New York, USA, pp. 328-332, 2010.

[19] Pettey C., Gartner Says 428 Million Mobile Communication Devices Sold Worldwide in First Quarter 2011, a 19 Percent Increase Year-on- Year, available at: http://www.gartner.com/it/ page.jsp?id=1689814, last visited 2011.

[20] Sarma B., Li N., Gates C., Potharaju R., Nita- Rotaru C., and Molloy I, Android Permissions: A Perspective Combining Risks and Benefits, in Proceedings of the 17th ACM Symposium on Access Control Models and Technologies , New York, USA, pp. 13-22, 2012.

[21] Shabtai A., Fledel Y., Kanonov U., Elovici Y., and Dolev S., Google Android: A state-of-the- Art Review of Security Mechanisms, available at: http://arxiv.org/abs/0912.5101, last visited 2009.

[22] Shabtai A., Fledel Y., Kanonov U., Elovici Y., Dolev S., and Glezer C, Google Android: A Comprehensive Security Assessment, IEEE Security and Privacy , vol. 8, no. 2, pp. 35-44, 2010.

[23] Thurm S. and Kane Y., Your Apps Are Watching You, The Wall Street Journal, available at: http://online.wsj.com/article/ SB1000142405274870469400457602008370357 4602.html, last visited 2015.

[24] Zhou X., Lee Y., Zhang N., Naveed M., and Wang X., The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations, in Proceedings of IEEE Symposium on Security and Privacy , Washington, USA, pp. 409-423, 2014.

[25] Zhou Y., Zhang X., Jiang X., and Freeh V., Taming Information-Stealing Smartphone Applications (on Android), in Proceedings of the 4th International Conference on Trust and Trustworthy Computing , Pittsburgh, PA, USA, pp. 93-107, 2011. Iman Kashefi received his MS degree in computer science at Universiti Teknologi Malaysia (UTM) in the field of information security in connection with the years of related work experience in IT Development Center of Iran. The Best Student award of the UTM was granted to him and he was honored to receive the Pro-Chancellor award among the eight best PhD and MS graduates of the UTM. He received his Bachelor s degree in the field of computer engineering from Islamic Azad University of Tehran and has published Journal papers in the field of network security and Android security. Along with conducting research on smartphones security, currently he works as Solutio n Manager in Mobile Communication Company of Iran (MCCI). Maryam Kassiri is a lecturerat Islamic Azad University (IAU), lecturing under the Department of Computer and Information Technology. She received her MS degree in Management of Information Technology from Payam-e-Noor University, and her BS degree in Information Technology Engineering from Islamic Azad University. She also serves as an IT expert in the eLearning sector of IT Development Center of Iran, affiliated to Industrial Development and Renovation Organization of Iran. She has published some Journal and Conference papers related to her research works including eLearning and Network Security. Preventing Collusion Attack in Android 727 Mazleena Salleh is an associate professor at Universiti Teknologi Malaysia (UTM), lecturing under the Department of Computer Science, Faculty of Computing. She has taught several courses in the area of computer hardware system, cryptography and computer security. She received he r PhD in Computer Science at UTM in the field of computer networking while her Master s degree from Virginia Polytechnic State University in the field of electrical engineering. She has published several journal and conference papers related to her research works that include watermarking, steganography, chaos image encryption, network analysis, e-learnin g and knowledge management. Her current research is on computer security related issues namely data survivability and availability in cloud, elliptic curve cryptography, body sensor network and detection of misuse in computer forensic.