Before unrooting your android phone, patching up permission system first!

Abstract

A common attack goal on Android phones is to steal private data, which is primarily protected by permission system. Therefore, permission system is more vulnerable to attackers, especially when a phone is rooted (which is common nowadays). On rooted phones, malware is able to run with root privilege. Three weak points of permission system have been identified, which can be used to carry out various permission escalation attacks by malware with root privilege. Unrooting a phone can make malware lose root privilege, but it cannot solve the security issues caused by these attacks. In this paper, we present a scheme that aims at patching up the three weak points of permission system. We expect that the scheme is used in the scenario where a user wants to unroot his phone and get his phone under protection. The scheme can apply to any version of Android system. In order to facilitate the scheme’s deployment, we develop an app to automatically do the patching work. Moreover, the evaluation result shows that the scheme is small-footprint and only introduces 1.8% overhead.