Inference attack in android activity based on program fingerprint
Version 2 2024-06-06, 03:19Version 2 2024-06-06, 03:19
Version 1 2023-10-24, 21:48Version 1 2023-10-24, 21:48
conference contribution
posted on 2023-10-24, 21:48 authored by L Yang, T Wei, J Ma, Shui Yu, C Yang© 2018 IEEE. Private breach has always been an important threat to mobile security. Recent studies show that an attacker can infer user private information through side channels, such as the use of runtime memory and network usage. For side-channel attacks, malicious applications generally run parallel in the background with a foreground application and stealthily collect side-channel information. In this paper, we analyze the relationship between memory changes and activity transition, then use side-channel information to label an Activity and build an Activity signature database. We show how to use the runtime memory exposure to infer the Activity transition of the current application and use other side channels to infer its Activity interface. We demonstrate the effectiveness of the attacks with 5 popular applications that contain user sensitive information, and successfully inferred the most of Activity transition and Activity interface process. Moreover, we propose a protection scheme which can effectively resist side-channel attacks.
History
Location
Beijing, ChinaPublisher DOI
Start date
2018-05-30End date
2018-06-01ISBN-13
9780000000000.0Publication classification
EN Other conference paperTitle of proceedings
2018 IEEE Conference on Communications and Network Security (CNS)Usage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorksRefWorks
BibTeXBibTeX
Ref. managerRef. manager
EndnoteEndnote
DataCiteDataCite
NLMNLM
DCDC