The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Penyerang tanpa nama telah menyasarkan ekosistem Android untuk melakukan aktiviti berniat jahat yang teruk. Walaupun pelengkap pelbagai kelemahan oleh penyelidik keselamatan, kelemahan baharu terus muncul. Dalam kertas kerja ini, kami memperkenalkan jenis kerentanan baharu yang boleh dieksploitasi untuk menyembunyikan data dalam fail aplikasi, memintas dasar penandatanganan Android. Khususnya, kami mengeksploitasi kawasan padding yang boleh dibuat dengan menggunakan pilihan penjajaran apabila aplikasi dibungkus. Kami membentangkan pelaksanaan bukti konsep untuk mengeksploitasi kelemahan. Akhir sekali, kami menunjukkan keberkesanan VeileDroid dengan menggunakan aplikasi sintetik yang menyembunyikan data dalam kawasan padding dan mengemas kini data tanpa menandatangani semula dan mengemas kini aplikasi pada peranti Android.
Geochang JEON
Soongsil University
Jeong Hyun YI
Soongsil University
Haehyun CHO
Soongsil University
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Salinan
Geochang JEON, Jeong Hyun YI, Haehyun CHO, "Hiding Data in the Padding Area of Android Applications without Re-Packaging" in IEICE TRANSACTIONS on Information,
vol. E105-D, no. 11, pp. 1928-1929, November 2022, doi: 10.1587/transinf.2022NGL0003.
Abstract: Anonymous attackers have been targeting the Android ecosystem for performing severe malicious activities. Despite the complement of various vulnerabilities by security researchers, new vulnerabilities are continuously emerging. In this paper, we introduce a new type of vulnerability that can be exploited to hide data in an application file, bypassing the Android's signing policy. Specifically, we exploit padding areas that can be created by using the alignment option when applications are packaged. We present a proof-of-concept implementation for exploiting the vulnerability. Finally, we demonstrate the effectiveness of VeileDroid by using a synthetic application that hides data in the padding area and updates the data without re-signing and updating the application on an Android device.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2022NGL0003/_p
Salinan
@ARTICLE{e105-d_11_1928,
author={Geochang JEON, Jeong Hyun YI, Haehyun CHO, },
journal={IEICE TRANSACTIONS on Information},
title={Hiding Data in the Padding Area of Android Applications without Re-Packaging},
year={2022},
volume={E105-D},
number={11},
pages={1928-1929},
abstract={Anonymous attackers have been targeting the Android ecosystem for performing severe malicious activities. Despite the complement of various vulnerabilities by security researchers, new vulnerabilities are continuously emerging. In this paper, we introduce a new type of vulnerability that can be exploited to hide data in an application file, bypassing the Android's signing policy. Specifically, we exploit padding areas that can be created by using the alignment option when applications are packaged. We present a proof-of-concept implementation for exploiting the vulnerability. Finally, we demonstrate the effectiveness of VeileDroid by using a synthetic application that hides data in the padding area and updates the data without re-signing and updating the application on an Android device.},
keywords={},
doi={10.1587/transinf.2022NGL0003},
ISSN={1745-1361},
month={November},}
Salinan
TY - JOUR
TI - Hiding Data in the Padding Area of Android Applications without Re-Packaging
T2 - IEICE TRANSACTIONS on Information
SP - 1928
EP - 1929
AU - Geochang JEON
AU - Jeong Hyun YI
AU - Haehyun CHO
PY - 2022
DO - 10.1587/transinf.2022NGL0003
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E105-D
IS - 11
JA - IEICE TRANSACTIONS on Information
Y1 - November 2022
AB - Anonymous attackers have been targeting the Android ecosystem for performing severe malicious activities. Despite the complement of various vulnerabilities by security researchers, new vulnerabilities are continuously emerging. In this paper, we introduce a new type of vulnerability that can be exploited to hide data in an application file, bypassing the Android's signing policy. Specifically, we exploit padding areas that can be created by using the alignment option when applications are packaged. We present a proof-of-concept implementation for exploiting the vulnerability. Finally, we demonstrate the effectiveness of VeileDroid by using a synthetic application that hides data in the padding area and updates the data without re-signing and updating the application on an Android device.
ER -