Understanding Android VoIP security: A system-level vulnerability assessment

Author

En HE, OPPO ZIWU Cyber Security Lab
Daoyuan WU, Chinese University of Hong Kong
Robert H. DENG, Singapore Management UniversityFollow

Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

6-2020

Abstract

VoIP is a class of new technologies that deliver voice calls over the packet-switched networks, which surpasses the legacy circuit-switched telecom telephony. Android provides the native support of VoIP, including the recent VoLTE and VoWiFi standards. While prior works have analyzed the weaknesses of VoIP network infrastructure and the privacy concerns of third-party VoIP apps, no efforts were attempted to investigate the (in)security of Android’s VoIP integration at the system level. In this paper, we first demystify Android VoIP’s protocol stack and all its four attack surfaces. We then propose a novel vulnerability assessment approach that assembles on-device Intent/API fuzzing, network-side packet fuzzing, and targeted code auditing. By testing Android from version 7.0 to the recent 9.0, we have discovered 8 zero-day Android VoIP vulnerabilities, all of which were confirmed by Google with bug bounty awards. The security consequences are serious, including denying voice calls, caller ID spoofing, unauthorized call operations, and remote code execution. To mitigate these vulnerabilities and further improve Android VoIP security, we uncover a new root cause that requires developers’ attention during their design and implementation.

Keywords

Android (operating system), Internet telephony, Malware, Network security, Packet switching, Telephone circuits, Voice/data communication systems

Discipline

Information Security

Research Areas

Cybersecurity

Publication

Detection of Intrusions and Malware, and Vulnerability Assessment: Proceedings of the 17th International Conference, DIMVA 2020, Lisbon, Portugal; June 24-26

Volume

12223

First Page

110

Last Page

131

ISBN

9783030526825

Identifier

10.1007/978-3-030-52683-2_6

Publisher

Springer

City or Country

Cham

Embargo Period

5-10-2021

Citation

HE, En; WU, Daoyuan; and DENG, Robert H.. Understanding Android VoIP security: A system-level vulnerability assessment. (2020). Detection of Intrusions and Malware, and Vulnerability Assessment: Proceedings of the 17th International Conference, DIMVA 2020, Lisbon, Portugal; June 24-26. 12223, 110-131.
Available at: https://ink.library.smu.edu.sg/sis_research/5924

Copyright Owner and License

Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1007/978-3-030-52683-2_6