Parjanya Vyas, Haseeb Ur Rehman Faheem, Yousra Aafer, and N. Asokan, University of Waterloo
Vendor customization of the Android framework is known to introduce security concerns. One type of customization is data-driven, involving changes to access-controlled framework variables, which we call data holders. Analyzing the security of data-driven customization has not been explored in prior work because it faces several challenges as it requires modeling implicit access control (AC) relations among Java objects and their corresponding operation semantics. Existing Android AC inconsistency detection approaches struggle to discover data-driven AC inconsistencies.
We propose a novel approach, Ariadne, to address these challenges by (1) constructing an abstract representation, the AC dependency graph, to model AC relationships among framework data holders, and (2) using it to detect missing AC enforcement in data holders and their corresponding APIs. Using two AOSP and 11 custom ROMs, we show that Ariadne detects 30 unique data-driven AC inconsistencies which cannot be detected by existing approaches. Therefore Ariadne can offer more comprehensive protection by effectively complementing existing AC inconsistency detection approaches.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Parjanya Vyas and Haseeb Ur Rehman Faheem and Yousra Aafer and N. Asokan},
title = {Ariadne: Navigating through the Labyrinth of {Data-Driven} Customization Inconsistencies in Android},
booktitle = {34th USENIX Security Symposium (USENIX Security 25)},
year = {2025},
isbn = {978-1-939133-52-6},
address = {Seattle, WA},
pages = {4245--4264},
url = {https://www.usenix.org/conference/usenixsecurity25/presentation/vyas},
publisher = {USENIX Association},
month = aug
}
