An Encryption Technique to Thwart Android Binder Exploits

  • Yadu Kaladharan
  • Prabhaker Mateti
  • K. P. Jevitha
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 385)

Abstract

Binder handles the interprocess communication in Android. Whether the communication is between the components of the same application or different applications, it happens through Binder. Hence captivating it can expose all the communications. Man-in-the-Binder is one such exploit that can subvert the Binder mechanism. In this paper, we propose an encryption mechanism that can provide confidentiality to app communications to prevent such exploits.

Keywords

Android Binder Inter process communication Man-in-the-binder Encryption XBRF 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Khan, S.J., Cavallaro, L., Fattori, A., Tam, K., Reina, A.: On the reconstruction of android malware behaviors (2014)Google Scholar
  2. 2.
    Artenstein, N., Revivo, I.: Man in the Binder: He who controls IPC, controls the droid (2014). https://www.blackhat.com/docs/eu-14/materials/eu-14-/Artenstein-/Man-In-The-Binder-/He-Who-Controls-/IPC-Controls-The-Droid-wp.pdf
  3. 3.
    Azzola, F.: Android Bound Service: IPC with Messenger. SurvivingWithAndroid.com (2014). http://www.survivingwithandroid.com/2014/01/android-bound-service-ipc-with-messenger.html
  4. 4.
    developer.android.com. Binder (2014)Google Scholar
  5. 5.
    elinux.org. Android binder. eLinux.org (2014). http://elinux.org/Android_Binder
  6. 6.
    Gargenta, A.: Deep dive into Android IPC/Binder framework. In: AnDevCon: The Android Developer Conference (2012). https://thenewcircle.com/s/post/1340/deep_dive_into_android_ipc_binder_framework_at_andevcon_iv
  7. 7.
    Jia, P., He, X., Liu, L., Gu, B., Fang, Y.: A framework for privacy information protection on Android. In: 2015 International Conference on Computing, Networking and Communications (ICNC), vol. 2, pp. 1127–1131. IEEE (2015)Google Scholar
  8. 8.
    Katagi, M., Moriai, S.: Lightweight cryptography for the internet of things (2008)Google Scholar
  9. 9.
    Rosa, T.: Android binder security note: On passing binder through another binderGoogle Scholar
  10. 10.
    Schreiber, T.: Android binder. Master’s thesis, Ruhr University, Bochum, Germany, October 2011. http://www.ruhr-uni-bochum.de/. http://www.nds.rub.de/media/attachments/files/2012/03/binder.pdf
  11. 11.
    Shirai, T., Shibutani, K., Akishita, T., Moriai, S., Iwata, T.: The 128-bit blockcipher clefia (2007)Google Scholar
  12. 12.
    Yaghmour, K.: Embedded Android: Porting, Extending, and Customizing. O’Reilly Media Inc., Sebastopol (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Yadu Kaladharan
    • 1
  • Prabhaker Mateti
    • 2
  • K. P. Jevitha
    • 3
  1. 1.TIFAC-CORE in Cyber SecurityAmrita Vishwa VidyapeethamCoimbatoreIndia
  2. 2.Department of Computer Science and EngineeringWright State UniversityDaytonUSA
  3. 3.Department of Computer ScienceAmrita Vishwa VidyapeethamCoimbatoreIndia

Personalised recommendations