No Pardon for the Interruption: New Inference Attacks on Android Through Interrupt Timing Analysis
Refereed conference paper presented and published in conference proceedings

Times Cited
Altmetrics Information

Other information
AbstractMany new specialized hardware components have been integrated into Android smartphones to improve mobility and usability, such as touchscreen, Bluetooth module, and NFC controller. At the system level, the kernel of Android is built on Linux and inherits its device management mechanisms. However, the security implications surfaced from the integration of new hardware components and the tailored Linux kernel are not fully understood. In this paper, we make the first attempt to evaluate such implications. As a result, we identify a critical information leakage channel from the interrupt handling mechanism, which can be exploited to launch inference attacks without any permission. On Android, all reported interrupts are counted by Linux kernel and the statistical information is logged in a system file /proc/interrupts, which is public to any process. Such statistical information reveals the running status of all integrated devices, and could be exploited by attackers to infer sensitive information passing through them. To assess this new threat, we propose a general attack approach - interrupt timing analysis and apply it to interrupt logs. As showcases, we present two concrete inference attacks against user's unlock pattern and foreground app status respectively. Through analyzing the interrupt time series produced from touchscreen controller, attacker's chance of cracking user's unlock pattern is increased substantially. The interrupt time series produced from Display Sub-System reveals unique UI refreshing patterns and could be leveraged as fingerprints to identify the app running in the foreground. Such information can serve as the stepping stone for the subsequent phishing attacks. The experiment results suggest our inference attacks are highly effective, and the risks should be mitigated immediately.
All Author(s) ListDiao W., Liu X., Li Z., Zhang K.
Name of Conference2016 IEEE Symposium on Security and Privacy, SP 2016
Start Date of Conference23/05/2016
End Date of Conference25/05/2016
Place of ConferenceSan Jose
Country/Region of ConferenceUnited States of America
Detailed descriptionorganized by IEEE Computer Society's Technical Committee on Security and Privacy,
Pages414 - 432
LanguagesEnglish-United Kingdom
Keywordshardware interrupt, procfs, timing analysis

Last updated on 2020-24-11 at 01:17