NINJA: A New Android UI State Inference Attack and Defense Mechanism

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：7

、訪客IP：3.129.249.105

姓名

吳昊澄(Hao-Cheng Wu) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

(NINJA: A New Android UI State Inference Attack and Defense Mechanism)

相關論文

★ USB WORM KILLER: Cure USB Flash Worms Through a USB Flash Worm	★ Discoverer- Rootkit即時偵測系統
★ 一項Android手機上詐騙簡訊的偵測與防禦機制	★ SRA系統防禦ARP欺騙劫持路由器
★ A Solution for Detecting and Defending ARP Spoofing on Virtual Machines	★ 針對遠端緩衝區溢位攻擊之自動化即時反擊系統
★ 即時血清系統: 具攻性防壁之自動化蠕蟲治癒系統	★ DNSPD: Entrap Botnets Through DNS Cache Poisoning Detection
★ TransSQL: A Translation and Validation-based Solution for SQL-Injection Attacks	★ A Spam Mail-based Solution for Botnet Detection and Network Bandwidth Protection
★ Shark: Phishing Information Recycling from Spam Mails	★ FFRTD: Beat Fast-Flux by Response Time Differences
★ Antivirus Software Shield against Antivirus Terminators	★ MAC-YURI : My ACcount, YoUr ResponsIbility
★ KKBB: Kernel Keylogger Bye-Bye	★ CIDP Treatment: An Innovative Mobile Botnet Covert Channel based on Caller IDs with P8 Treatment

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

UI( User Interface ) State Inference Attack 是一種最近在手機上新起的攻擊模式，攻擊者事先做好偽造的UI，偵測使用者目前正要執行哪個activity，針對目標惡意的app會跳出相對於這個activity的偽造UI，導致使用者洩漏一些較敏感的資料給攻擊者。
舉例而言，假設使用者現在正要開啟一個登入的頁面，被攻擊者偵測到了並跳出事先偽造好的UI，來奪取使用者的帳號以及密碼。
使用這種方法，使用者很難察覺到手機有何異狀，就算真的被使用者發現，攻擊者所要的結果也已經達成。
這篇論文提出一種新型的方式來達到UI State Inference Attack，並且提出一種防禦機制，可以簡單的實做在現有的手機上。

摘要(英)

關鍵字(中)

★ 手機惡意軟體

關鍵字(英)

★ Android
★ Malicious apps
★ UI State Inference Attack

論文目次

CONTENTS
中文摘要 i
ABSTRACT ii
致謝 iii
CONTENTS iv
LIST OF FIGURES vi
LIST OF TABLES vii
Chapter 1 INTRODUCTION 1
Chapter 2 RELATED WORK 5
2.1 UI State Inference Attack 5
2.2 Two Major Step of Chen’s Method 6
2.3 Chen’s UI State Inference Attack Overview : 6
Chapter 3 BACKGROUND KNOWLEDGE 9
3.1 Add View on Android 9
3.2 Get Outside Touch 11
3.3 Hook Click Event 12
3.4 Search Running App 13
3.5 Android Webview 14
3.6 Android Camera 16
Chapter 4 THREAT MODEL 17
4.1 Our Attack: NINJA 17
4.2 NINJA Overview 18
4.3 Inject Javascript in Webview 19
4.4 Other Useful Attack 22
Chapter 5 DEFENSE MECHANISM 24
5.1 ViewGuard Overview 24
5.2 ViewGuard 26
Chapter 6 EVALUATION 28
6.1 Attack Evaluation 28
6.2 Defense mechanism evaluation 29
Chapter 7 CONCLUSION 31
REFERENCES 32

參考文獻

REFERENCES
[1] Qi Alfred Chen, Zhiyun Qian, Sanae Rosen, Yuanyuan Zhou, and Z. Morley Mao. “When to Attack? Android UI Context Inference as an Attack Building Block,” in Poster at 22nd USENIX Security Symposium, Washington, D.C., August 2013.
[2] T. Fischer, A.-R. Sadeghi, and M. Winandy, “A pattern for secure graphical user interface systems,” in 20th International Workshop on Database and Expert Systems Application. IEEE, 2009.
[3] S. Chen, J. Meseguer, R. Sasse, H. J. Wang, and Y.-M. Wang, “A Systematic Approach to Uncover Security Flaws in GUI Logic,” in IEEE Symposium on Security and Privacy, 2007.
[4] C.-C. Lin, H. Li, X. Zhou, and X. Wang, “Screenmilker: How to Milk Your Android Screen for Secrets,” in NDSS, 2014.
[5] Google. Uistateinferenceattack [Online]. Available: https://sites.google.com/site/uistateinferenceattack/
[6] Android Developer, Manifest.permission [Online].Available: http://developer.android.com/reference/android/Manifest.permission.html
[7] Android Developer, User Interface [Online]. Available: https://developer.android.com/guide/topics/ui/index.html
[8] S. Chen, J. Meseguer, R. Sasse, H. J. Wang, and Y.-M. Wang, “A Systematic Approach to Uncover Security Flaws in GUI Logic,” in IEEE Symposium on Security and Privacy, 2007.
[9]X. Zhou, S. Demetriou, D. He, M. Naveed, X. Pan, X. Wang, C. A. Gunter, and K. Nahrstedt, “Identity, Location, Disease and More: Inferring Your Secrets from Android Public Resources,” in CCS, 2013.
[10] Android Developer, ViewGroup [Online]. Available: http://developer.android.com/reference/android/view/ViewGroup.html
[11] Laura Suciu. Android Add Views into a ViewGroup Dynamically [Online]. Available: http://www.myandroidsolutions.com/2013/02/10/android-add-views-into-view-dynamically/
[12]Android developer, View [Online]. Available: http://developer.android.com/reference/android/view/View.html
[13] Android developer, WindowManager.LayoutParams [Online]. Available: http://developer.android.com/reference/android/view/WindowManager.LayoutParams.html
[14] Nick Pozoulakis. Sensing All Touch Events in Android OS [Online]. Available: https://www.youtube.com/watch?v=TKcC3Q9Ss6o
[15] Android developer, View.OnClickListener [Online]. Available: http://developer.android.com/reference/android/view/View.OnClickListener.html

[16] Android developer, ActivityManager.RunningTaskInfo [Online]. Available: http://developer.android.com/reference/android/app/ActivityManager.RunningTaskInfo.html
[17] Java Runtime.getRuntime [Online]. Available: http://www.tutorialspoint.com/java/lang/runtime_getruntime.htm
[18] Android developer, Webview [Online]. Available: http://developer.android.com/reference/android/webkit/WebView.html
[19] Android developer, Camera [Online]. Available: http://developer.android.com/reference/android/hardware/Camera.html
[20] Martin Georgiev, Suman Jana, Vitaly Shmatikov, Breaking and Fixing, “Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks,” in NDSS Symposium 2014.
[21] Genymotion [Online]. Available: https://www.genymotion.com/
[22] Content Security Policy [Online]. Available: http://www.w3.org/TR/CSP2/
[23] AnTuTu [Online]. Available: http://www.antutu.com/index.shtml

指導教授

許富皓(Fu-Hau Hsu)

審核日期

2015-7-22

推文