System service call-oriented symbolic execution of Android Framework with applications to vulnerability discovery and exploit generation

Lannan Luo, Qiang Zeng, Chen Cao, Kai Chen, Jian Liu, Limin Liu, Neng Gao, Min Yang, Xinyu Xing, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Scopus citations

Abstract

Android Application Framework is an integral and foundational part of the Android system. Each of the 1.4 billion Android devices relies on the system services of Android Framework to manage applications and system resources. Given its critical role, a vulnerability in the framework can be exploited to launch large-scale cyber attacks and cause severe harms to user security and privacy. Recently, many vulnerabilities in Android Framework were exposed, showing that it is vulnerable and exploitable. However, most of the existing research has been limited to analyzing Android applications, while there are very few techniques and tools developed for analyzing Android Framework. In particular, to our knowledge, there is no previous work that analyzes the framework through symbolic execution, an approach that has proven to be very powerful for vulnerability discovery and exploit generation. We design and build the first system, Centaur, that enables symbolic execution of Android Framework. Due to some unique characteristics of the framework, such as its middleware nature and extraordinary complexity, many new challenges arise and are tackled in Centaur. In addition, we demonstrate how the system can be applied to discovering new vulnerability instances, which can be exploited by several recently uncovered attacks against the framework, and to generating PoC exploits.

Original languageEnglish (US)
Title of host publicationMobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services
PublisherAssociation for Computing Machinery, Inc
Pages225-238
Number of pages14
ISBN (Electronic)9781450349284
DOIs
StatePublished - Jun 16 2017
Event15th ACM International Conference on Mobile Systems, Applications, and Services, MobiSys 2017 - Niagara Falls, United States
Duration: Jun 19 2017Jun 23 2017

Publication series

NameMobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services

Other

Other15th ACM International Conference on Mobile Systems, Applications, and Services, MobiSys 2017
CountryUnited States
CityNiagara Falls
Period6/19/176/23/17

All Science Journal Classification (ASJC) codes

  • Information Systems
  • Computer Networks and Communications
  • Software
  • Hardware and Architecture

Fingerprint Dive into the research topics of 'System service call-oriented symbolic execution of Android Framework with applications to vulnerability discovery and exploit generation'. Together they form a unique fingerprint.

  • Cite this

    Luo, L., Zeng, Q., Cao, C., Chen, K., Liu, J., Liu, L., Gao, N., Yang, M., Xing, X., & Liu, P. (2017). System service call-oriented symbolic execution of Android Framework with applications to vulnerability discovery and exploit generation. In MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services (pp. 225-238). (MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services). Association for Computing Machinery, Inc. https://doi.org/10.1145/3081333.3081361