Android inter-app communication threats and detection techniques

Abstract

With the digital breakthrough, smart phones have become very essential component for many routine tasks like shopping, paying bills, transferring money, instant messaging, emails etc. Mobile devices are very attractive attack surface for cyber thieves as they hold personal details (accounts, locations, contacts, photos) and have potential capabilities for eavesdropping (with cameras/microphone, wireless connections). Android, being the most popular, is the target of malicious hackers who are trying to use Android app as a tool to break into and control device. Android malware authors use many anti-analysis techniques to hide from analysis tools. Academic researchers and commercial anti-malware companies are putting great effort to detect such malicious apps. They are making use of the combinations of static, dynamic and behavior-based analysis techniques.Despite of all the security mechanisms provided by Android, apps can carry out malicious actions through inter-app communication. One such inter-app communication threats is collusion. In collusion, malicious functionality is divided across multiple apps. Each participating app accomplishes its part and communicate information to another app through Inter Component Communication (ICC). ICC does not require any special permissions. Also there is no compulsion to inform user about the communication. Each participating app needs to request a minimal set of privileges, which may make it appear benign to current state-of-the-art techniques that analyze one app at a time.There are many surveys on app analysis techniques in Android; however they focus on single-app analysis. This survey highlights several inter-app communication threats, in particular collusion among multiple-apps. In this paper, we present Android vulnerabilities that may be exploited for carrying privilege escalation attacks, privacy leakage and collusion attacks. We cover the existing threat analysis, scenarios, and a detailed comparison of tools for intra- and inter-app analysis. To the best of our knowledge this is the first survey on inter-app communication threats, app collusion and state-of-the-art detection tools in Android.