SAUSAGE: Security Analysis of Unix domain Socket Usage in Android

by   Mounir Elgharabawy, et al.

The Android operating system is currently the most popular mobile operating system in the world. Android is based on Linux and therefore inherits its features including its Inter-Process Communication (IPC) mechanisms. These mechanisms are used by processes to communicate with one another and are extensively used in Android. While Android-specific IPC mechanisms have been studied extensively, Unix domain sockets have not been examined comprehensively, despite playing a crucial role in the IPC of highly privileged system daemons. In this paper, we propose SAUSAGE, an efficient novel static analysis framework to study the security properties of these sockets. SAUSAGE considers access control policies implemented in the Android security model, as well as authentication checks implemented by the daemon binaries. It is a fully static analysis framework, specifically designed to analyze Unix domain socket usage in Android system daemons, at scale. We use this framework to analyze 200 Android images across eight popular smartphone vendors spanning Android versions 7-9. As a result, we uncover multiple access control misconfigurations and insecure authentication checks. Our notable findings include a permission bypass in highly privileged Qualcomm system daemons and an unprotected socket that allows an untrusted app to set the scheduling priority of other processes running on the system, despite the implementation of mandatory SELinux policies. Ultimately, the results of our analysis are worrisome; all vendors except the Android Open Source Project (AOSP) have access control issues, allowing an untrusted app to communicate to highly privileged daemons through Unix domain sockets introduced by hardware manufacturer or vendor customization.


A Framework for Formal Specification and Verification of Security Properties of the Android Permissions System

Android is a widely deployed operating system that employs a permission-...

Neural-Augmented Static Analysis of Android Communication

We address the problem of discovering communication links between applic...

A Survey of Collection Methods and Cross-Data Set Comparison of Android Unlock Patterns

Android's graphical password unlock remains one of the most widely used ...

The Android Platform Security Model

Android is the most widely deployed end-user focused operating system. W...

Brief View and Analysis to Latest Android Security Issues and Approaches

Due to the continuous improvement of performance and functions, Android ...

Software implementation of the SNOW 3G Generator on iOS and Android platforms

The standard for wireless communication of high-speed data in mobile pho...

Mobile Access Control System Based on RFID Tags And Facial Information

RFID tags see a widespread use in modern security systems, including hom...

Please sign up or login with your details

Forgot password? Click here to reset