Publication Type

Journal Article

Version

publishedVersion

Publication Date

4-2021

Abstract

Android platform is gaining explosive popularity. This leads developers to invest resources to maintain the upward trajectory of the demand. Unfortunately, as the profit potential grows higher, the chances of these Apps getting attacked also get higher. Therefore, developers improved the security of their Apps, which limits attackers ability to compromise upgraded versions of the Apps. However, developers cannot enhance the security of earlier versions that have been released on the Play Store. The earlier versions of the App can be subject to reverse engineering and other attacks. In this paper, we find that attackers can use these earlier versions as attack vectors, which threatens well protected upgraded versions. We show how to attack the upgraded versions of some popular Apps, including Facebook, Sina Weibo and Qihoo360-Cloud-Driven by analyzing the vulnerabilities existing in their earlier versions. We design and implement a tool named DroidSkynet to analyze and find out vulnerable apps from the Play Store. Among 1,500 mainstream Apps collected from the real world, our DroidSkynet indicates the success rate of attacking an App using an earlier version is 34 percent. We also explore possible mitigation solutions to achieve a balance between utility and security of the App update process.

Keywords

Android, early version, attack vector, reverse engineering, code protection

Discipline

Information Security | Software Engineering

Research Areas

Cybersecurity

Publication

IEEE Transactions on Dependable and Secure Computing

Volume

18

Issue

2

First Page

652

Last Page

666

ISSN

1545-5971

Identifier

10.1109/TDSC.2019.2914202

Publisher

Institute of Electrical and Electronics Engineers

Download

Share

COinS