Paper Info
Title
Attacks and Defence on Android Free Floating Windows.
Abstract
Nowadays, the popular Android is so closely involved in people's daily lives that people rely on Android to perform critical operations and trust Android with sensitive information. It is of great importance to guarantee the usability and security of Android which, however, is such a huge system that a potential threat may arise from any part of it. In this paper, we focus on the Free Floating window (FF window) which is a category of windows that can appear freely above any other applications. It can share the screen space with other FF windows, dialogs, and activities. An FF window is flexible in both its appearance and behaviour features. We analyse the behaviour features of FF windows, including the priority in display layer and the capability of processing user-generated events. Three types of attacks via FF windows with delicate design in their appearance and behaviour features are demonstrated, i.e., DoS attack against Android system, GUI hijacking by targeting overlap, and input inference using FF windows as a side channel. To address the threat caused by FF windows, we design a priority framework for FF windows, which protects a sensitive activity/FF window declared by developers from being attacked by any malicious FF windows. A complementary solution is proposed to mitigate the confusion attack from malicious activities. Finally, we provide Android with suggestions on how to manage FF windows.
Year
DOI
Venue
2016
10.1145/2897845.2897897
AsiaCCS
Keywords
Field
DocType
Android, free floating window, DoS attack, GUI hijacking, input inference
Confusion,Android (operating system),Denial-of-service attack,Computer science,Computer security,Usability,Side channel attack,Information sensitivity,Screen space,Windows Vista
Conference
Citations 
PageRank 
References 
2
0.36
11
Authors
6
Name
Order
Citations
PageRank
Lingyun Ying1243.41
Yao Cheng2366.21
Yemian Lu351.44
Yacong Gu451.78
Purui Su59413.71
Deng-Guo Feng61991190.95