Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

1-2017

Abstract

The Binder framework is at the core of Android systems due to its fundamental role for interprocess communications. Applications use the Binder to perform high level tasks such as accessing location information. The importance of the Binder makes it an attractive target for attackers. Rootkits on Android platforms can arbitrarily access any Binder transaction data and therefore have system-wide security impact. In this paper, we propose H-Binder to secure the Binder IPC channel between two applications. It runs transparently with Android and COTS applications without making changes on their binaries. In this work, we design a bare-metal ARM hypervisor with a tiny code base at runtime. The hypervisor interposes on the main steps of a Binder transaction by leveraging ARM hardware virtualization techniques. It protects secrecy and integrity of the Binder transaction data. We have implemented a prototype of the H-Binder hypervisor and tested its performance. The experiment results show that H-Binder incurs an insignificant overhead to the applications.

Keywords

Android, Binder, Virtualization, ARM, System security, Hypervisor

Discipline

Information Security

Research Areas

Cybersecurity

Publication

Security and privacy in communication networks: 12th International Conference, SecureComm 2016, Guangzhou, China, October 10-12, Proceedings

Volume

198

First Page

24

Last Page

43

ISBN

9783319596082

Identifier

10.1007/978-3-319-59608-2_2

Publisher

Springer

City or Country

Cham

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1007/978-3-319-59608-2_2

Download

Share

COinS