NativeX: Native Executioner Freezes Android

Abstract

Android is a Linux-based multi-thread open-source operating system that dominates 85% of the worldwide smartphone market share. Though Android has its established management for its framework layer processes, we discovered for the first time that the weak management of native processes is posing tangible threats to Android systems from version 4.2 to 9.0. As a consequence, any third-party application without any permission can freeze the system or force the system to go through a reboot by starving or significantly delaying the critical system services using Android commands in its native processes. We design NativeX to systematically analyze the Android source code to identify the risky Android commands. For each identified risky command, NativeX can automatically generate the PoC (Proof-of-Concept) application, and verify the effectiveness of the generated PoC. We conduct manual vulnerability analysis to reveal two root causes beyond the superficial attack consequences. We further carry out quantitative experiments to demonstrate the attack consequences, including the device temperature surge, the battery degeneration, and the computing performance decrease, based on which, three representative PoC attacks are engineered. Finally, we discuss possible defense approaches to improve the management of Android native processes.