{"id":1097,"date":"2014-08-31T04:44:33","date_gmt":"2014-08-31T02:44:33","guid":{"rendered":"http:\/\/sseblog.ec-spride.de\/?p=1097"},"modified":"2014-08-31T04:44:33","modified_gmt":"2014-08-31T02:44:33","slug":"denial-of-app-attack-spsm-2014","status":"publish","type":"post","link":"https:\/\/blogs.uni-paderborn.de\/sse\/2014\/08\/31\/denial-of-app-attack-spsm-2014\/","title":{"rendered":"Denial-of-App Attack on Android will be presented at SPSM 2014"},"content":{"rendered":"<div class=\"twoclick_social_bookmarks_post_1097 social_share_privacy clearfix 1.6.4 locale-en_US sprite-en_US\"><\/div><div class=\"twoclick-js\"><script type=\"text\/javascript\">\/* <![CDATA[ *\/\njQuery(document).ready(function($){if($('.twoclick_social_bookmarks_post_1097')){$('.twoclick_social_bookmarks_post_1097').socialSharePrivacy({\"txt_help\":\"Wenn Sie diese Felder durch einen Klick aktivieren, werden Informationen an Facebook, Twitter, Flattr, Xing, t3n, LinkedIn, Pinterest oder Google eventuell ins Ausland \\u00fcbertragen und unter Umst\\u00e4nden auch dort gespeichert. N\\u00e4heres erfahren Sie durch einen Klick auf das <em>i<\\\/em>.\",\"settings_perma\":\"Dauerhaft aktivieren und Daten\\u00fcber-tragung zustimmen:\",\"info_link\":\"http:\\\/\\\/www.heise.de\\\/ct\\\/artikel\\\/2-Klicks-fuer-mehr-Datenschutz-1333879.html\",\"uri\":\"https:\\\/\\\/blogs.uni-paderborn.de\\\/sse\\\/2014\\\/08\\\/31\\\/denial-of-app-attack-spsm-2014\\\/\",\"post_id\":1097,\"post_title_referrer_track\":\"Denial-of-App+Attack+on+Android+will+be+presented+at+SPSM+2014\",\"display_infobox\":\"on\"});}});\n\/* ]]> *\/<\/script><\/div><p>On 7th November, we are presenting our &#8220;Denial-of-App Attack&#8221; at the <em>SPSM 2014 workshop<\/em>\u00a0<span style=\"color: #000000\">in\u00a0Scottsdale, Arizona (USA).\u00a0<\/span><\/p>\n<p><!--more--><\/p>\n<p><em><strong>Abstract:<\/strong><\/em><\/p>\n<div class=\"page\" title=\"Page 1\">\n<div class=\"layoutArea\">\n<div class=\"column\">\n<p><em>We describe a novel class of attacks called denial-of-app that allows adversaries to inhibit the future installation of attacker- selected applications on mobile phones. Adversaries can use such attacks to entrap users into installing attacker-preferred applications, for instance to generate additional revenue from advertisements on a competitive app market or to increase the rate of malware installation. Another possibility is to block anti-virus applications or security workarounds to complicate malware detection and removal.<\/em><\/p>\n<p><em>We demonstrate such an attack that works on arbitrary unmodified stock Android phones. It is even possible to block many applications from a list predefined by the attacker in- stead of just a single app. Even more, we propose an attack for banning applications from Google Play Store regardless of the user\u2019s phone by exploiting similar vulnerabilities in the market\u2019s app vetting process. Unblocking an application blocked by our attack requires either root privileges or a complete device reset. The Android security team has confirmed and fixed the vulnerability in Android 4.4.3 (bug 13416059) and has given consent to this publication within a responsible-disclosure process. To the best of our knowledge, the attack applies to all versions prior to Android 4.4.3.\u00a0<\/em><\/p>\n<p><strong>The Paper<\/strong> can be downloaded <a href=\"https:\/\/www.informatik.tu-darmstadt.de\/fileadmin\/user_upload\/Group_EC-Spride\/Publikationen\/denial-of-app-attack-spsm.pdf\">here<\/a>.<\/p>\n<p><strong>The PoC Exploit<\/strong> can be downloaded <a href=\"https:\/\/github.com\/secure-software-engineering\/denial-of-app-attack\">here<\/a>.<\/p>\n<p>The Android Security Team\u00a0released a <strong>fix<\/strong> in Android 4.4.3. Details about the fix are\u00a0<a href=\"https:\/\/android.googlesource.com\/platform\/frameworks\/base\/+\/52af2ca919c068f1c9389fa4c979d2fe3105af40\">here<\/a>.<\/p>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>On 7th November, we are presenting our &#8220;Denial-of-App Attack&#8221; at the SPSM 2014 workshop\u00a0in\u00a0Scottsdale, Arizona (USA).\u00a0<\/p>\n","protected":false},"author":6581,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,61],"tags":[],"class_list":["post-1097","post","type-post","status-publish","format-standard","hentry","category-android","category-security-vulnerability"],"_links":{"self":[{"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/posts\/1097","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/users\/6581"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/comments?post=1097"}],"version-history":[{"count":0,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/posts\/1097\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/media?parent=1097"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/categories?post=1097"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.uni-paderborn.de\/sse\/wp-json\/wp\/v2\/tags?post=1097"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}