TY - GEN
T1 - Exploit the Last Straw That Breaks Android Systems
AU - Zhang, Lei
AU - Lian, Keke
AU - Xiao, Haoyu
AU - Zhang, Zhibo
AU - Liu, Peng
AU - Zhang, Yuan
AU - Yang, Min
AU - Duan, Haixin
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - The Android system services usually play a critical role in running multiple important tasks, and delivering seamless user experiences, e.g., conveniently storing user data. In this paper, we conduct the first systematic security study on the data storing process in Android system services, and consequently discover a novel class of design flaws (named Straw), which can lead to serious DoS (Denial-of-Service) attacks, e.g., permanently crashing the whole victim Android device.Then we propose a novel directed fuzzing based approach, called StrawFuzzer, to automatically vet all system services against the straw vulnerabilities. StrawFuzzer balances the tradeoff between path exploration and vulnerability exploitation. By applying StrawFuzzer on three Android systems with the latest security updates, we identified 35 unique straw vulnerabilities affecting 474 interfaces across 77 system services and successfully generated corresponding exploits, which can be used to conduct various permanent/temporary DoS attacks. We have reported our findings with suggestions for repairing the vulnerabilities to corresponding vendors. Up to now, Google has rated our vulnerability as high severity.
AB - The Android system services usually play a critical role in running multiple important tasks, and delivering seamless user experiences, e.g., conveniently storing user data. In this paper, we conduct the first systematic security study on the data storing process in Android system services, and consequently discover a novel class of design flaws (named Straw), which can lead to serious DoS (Denial-of-Service) attacks, e.g., permanently crashing the whole victim Android device.Then we propose a novel directed fuzzing based approach, called StrawFuzzer, to automatically vet all system services against the straw vulnerabilities. StrawFuzzer balances the tradeoff between path exploration and vulnerability exploitation. By applying StrawFuzzer on three Android systems with the latest security updates, we identified 35 unique straw vulnerabilities affecting 474 interfaces across 77 system services and successfully generated corresponding exploits, which can be used to conduct various permanent/temporary DoS attacks. We have reported our findings with suggestions for repairing the vulnerabilities to corresponding vendors. Up to now, Google has rated our vulnerability as high severity.
UR - http://www.scopus.com/inward/record.url?scp=85135961819&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85135961819&partnerID=8YFLogxK
U2 - 10.1109/SP46214.2022.9833563
DO - 10.1109/SP46214.2022.9833563
M3 - Conference contribution
AN - SCOPUS:85135961819
T3 - Proceedings - IEEE Symposium on Security and Privacy
SP - 2230
EP - 2247
BT - Proceedings - 43rd IEEE Symposium on Security and Privacy, SP 2022
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 43rd IEEE Symposium on Security and Privacy, SP 2022
Y2 - 23 May 2022 through 26 May 2022
ER -