| With the smart phone stepping into all aspects of people’s lives,the user’s various sensitive data is also stored on the phone,such as e-mail content,health care,account password.etc.Normally,The security mechanism of Android system can ensure the security of these sensitive data.However,recent studies have shown that an attacker can infer the user’s privacy information through the side channel information of foreground application.In all these attacks,a malicious app needs to run side-by-side with the target application(the victim)to collect its runtime,then infer the user’s privacy information.Such exposed process information has been a serious threat to the user.Therefore,the application of Android side channel attack has an important practical significance.In this paper,we study the security problem of Android applications in two aspects: On the one hand,we propose a method of Activity inference attack,which is based on the side channel information of the foreground application.The proposed approach further exposes the importance of application side channel information threats.On the other hand,a general protection scheme is proposed for this kind of attack.It is revealed that the attacker can effectively infer the behavior of the foreground application and enhance the concealment of the attack.Firstly,we find that the transition of Activity application will cause the system to allocate and recycle the shared memory,which is based on the analysis of window activity events and shared memory side channel information in Android applications.Secondly,we propose to mark the activity signature by using network data traffic,memory usage and CPU usage time,through the analysis of the other side channel information of the application process during the Activity transition process.Secondly,we use shared memory changes to infer whether there is an Activity transition event.Finally,we infer the activity of the foreground application by using Activity signature database,which is based on side channel information of Activity.We proposes a general scheme to defend against this new category of attacks.First of all,we determine the suspicious applications in background by using the usage time and frequency scheduling times of CPU.then,the user can further narrow the scope of security applications based on security requirements.Finally,we restart the foreground application Activity,increase the uncertainty of application process state information,disturb the accuracy of foreground application process which is collected the malicious application,and so as to resist the Android application side channel attacks. |
PDF Full Text Request