ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2016, Vol. 53 ›› Issue (11): 2431-2445.doi: 10.7544/issn1000-1239.2016.20150528

• 信息安全 •    下一篇

Android应用第三方推送服务安全分析与安全增强

路晔绵1,李轶夫2,应凌云1,3,谷雅聪1,苏璞睿1,3,冯登国1   

  1. 1(中国科学院软件研究所可信计算与信息保障实验室 北京 100190); 2(国家计算机网络应急技术处理协调中心 北京 100029); 3(中国科学院大学计算机与控制学院 北京 101408) (luyemian@tca.iscas.ac.cn)
  • 出版日期: 2016-11-01
  • 基金资助: 
    国家“九七三”重点基础研究发展计划基金项目(2012CB315804); 国家自然科学基金项目(61502468); 北京市自然科学基金项目(4154089) This work was supported by the National Basic Research Program of China (973 Program) (2012CB315804), the National Natural Science Foundation of China (61502468), and the Beijing Muncipal Natural Science Foundation (4154089).

Security Analysis and Enhancement of Third-Party Android Push Service

Lu Yemian1, Li Yifu2, Ying Lingyun1,3, Gu Yacong1, Su Purui1,3, Feng Dengguo1   

  1. 1(Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing 100190); 2(National Computer Emergency Response Team and Coordination Center of China, Beijing 100029); 3(School of Computer and Control Engineering, University of Chinese Academy of Sciences, Beijing 101408)
  • Online: 2016-11-01

摘要: 推送服务已成为移动智能终端应用的一个基础服务,各大手机平台及互联网公司相继推出了各自的推送服务供应用程序开发者使用.为了降低资源消耗,部分第三方Android推送服务采用共享通道的设计方式,在设备上使用某个应用的推送后台组件作为其他应用推送数据的分发中心.由于缺乏针对数据机密性、完整性、不可伪造性等安全需求的设计与实现,数据分发环节面临多种攻击的威胁.分析了使用共享通道的第三方Android推送服务在数据分发环节存在的安全问题,通过在攻击程序中Hook相关API调用的方法,实现了针对其他应用推送数据的窃听、篡改、伪造和重放攻击,实验结果表明:大部分共享通道的第三方Android推送服务无法抵抗这些攻击,可能造成用户隐私数据泄露和钓鱼攻击等实际危害.在上述研究的基础上,设计并实现了Android应用推送服务安全增强方案SecPush,使用加密算法及HMAC运算提供推送数据分发环节的安全保护,实验结果表明:SecPush提高了推送数据的安全性,可有效抵挡窃听、篡改、伪造和重放等攻击行为.

关键词: 安卓, 推送服务, 数据分发, 共享通道, 安全分析, 安全增强

Abstract: Push service is becoming a basic service for smartphone applications. Many companies, including official and third parties, have released their push services. In order to reduce resource cost, some third-party push services share push channels among applications running on the same device and using the same push service, which means that the background push component of one application acts as the push data distribution center for other applications. Due to the lack of considering security attributes such as confidentiality and integrity, the distribution part faces a variety of attacks. In this work we analyze the security issues in the data distribution part of third-party push services on Android. We design a corresponding attack model and implement attacks including eavesdropping, data tampering, forgery and replay attacks. During our experiments, it shows that most of the third-party Android push services using shared channels are subject to these attacks. It may cause some security hazards such as user privacy leakage and phishing attack. To mitigate the above threats, we propose SecPush which is a security enhancement scheme for Android push service. SecPush secures data distribution by introducing encryption and HMAC algorithm. Experimental results show that SecPush can effectively protect push data against eavesdropping, data tampering, forgery and replay attacks.

Key words: Android, push service, data distribution, shared channel, security analysis, security enhancement

中图分类号: