RoppDroid: Robust permission re-delegation prevention in Android inter-component communication

摘要

Android is designed such that Android applications (Apps) can provide functions to each other by providing a complex inter-component communication (ICC) model. While app interactions make it convenient and easy for one app to delegate functionality to another app, it also leads to permission re-delegation among Android apps which can cause privilege escalation. One approach taken by existing work tries to mitigate privilege escalation by enforcing tightened permissions. Unfortunately, preventing privilege escalation often renders the recipient apps unusable (for example, causing the app to crash). In this work, we propose another approach to address the privilege escalation problem from Android app ICC which intends to better preserve app functionality. We propose a context specific resource virtualization to eliminate privilege escalation by taking into account the interaction of ICCs among apps. We evaluated our prototype system, RoppDroid, on real-world Android apps and showed the effectiveness in providing robust protection for those apps. Our prototype also has low performance overheads.