Deakin University
Browse

File(s) under permanent embargo

Inference attack in Android Activity based on program fingerprint

Version 2 2024-06-06, 03:18
Version 1 2019-08-22, 08:43
journal contribution
posted on 2024-06-06, 03:18 authored by L Yang, Y Zhi, T Wei, S Yu, J Ma
Private breach has always been an important threat to mobile security. Recent studies show that an attacker can infer users’ private information through side channels, such as the use of runtime memory and network usage. For side-channel attacks, malicious applications generally run parallel in the background with a foreground application and stealthily collect side-channel information. In this paper, we analyze the relationship between memory changes and Activity transition, then use side-channel information to label an Activity and build an Activity signature database. We show how to use the runtime memory exposure to infer the Activity transition of the current application and use other side channels to infer its Activity interface. We demonstrate the effectiveness of the attacks with 5 popular applications that contain user sensitive information, and successfully inferred most of the Activity transition and Activity interface process. Moreover, we propose a protection scheme which can effectively resist side-channel attacks.

History

Journal

Journal of network and computer applications

Volume

127

Pagination

92-106

Location

Amsterdam, The Netherlands

ISSN

1084-8045

eISSN

1095-8592

Language

eng

Publication classification

C1 Refereed article in a scholarly journal

Copyright notice

2018, Elsevier Ltd

Publisher

Elsevier