ACSAC 2012, 28th Annual Computer Security Applications Conference, December 3-7, 2012, Orlando, Florida, USA
Modern smartphones that implement permission-based security mechanisms su er from attacks by colluding applications. Users are not made aware of possible implications
of application collusion attacks|quite the contrary|on existing platforms, users are implicitly led to believe that by approving the installation of each application independently, they can limit the damage that an application can cause. We implement and analyze a number of covert and overt communication channels that enable applications to collude and therefore indirectly escalate their permissions. Furthermore, we present and implement a covert channel between
an installed application and a web page loaded in the system browser. We measure the throughput of all these channels as well as their bit-error rate and required synchronization for
successful data transmission. The measured throughput of covert channels ranges from 3.7 bps to 3.27 kbps on a Nexus One phone and from 0.47 bps to 4.22 kbps on a Samsung
Galaxy S phone; such throughputs are sucient to eciently exchange users' sensitive information (e.g., GPS coordinates or contacts). We test two popular research tools that track information ow or detect communication channels on mobile platforms, and con rm that even if they detect some channels, they still do not detect all the channels and therefore fail to fully prevent application collusion. Attacks using covert communication channels remain, therefore, a real threat to smartphone security and an open problem for the research community.
© ACM, 2012. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in ACSAC 2012, 28th Annual Computer Security Applications Conference, December 3-7, 2012, Orlando, Florida, USA http://dx.doi.org/10.1145/2420950.2420958