Call Me Back! Attacks on System Server and System Apps in Android through Synchronous Callback

Explore a critical security analysis of Android's system architecture in this conference talk presented at CCS 2016. Delve into the vulnerabilities of Android's System Server and System Apps, focusing on synchronous callback attacks. Understand the mechanics of how system services are provided and the role of callbacks during Inter-Process Communication (IPC). Examine various malicious callback techniques, including blocking, exception-throwing, and self-poisoning. Investigate the impact on other system apps and consider meaningful attack scenarios. Discuss potential defense approaches and address key research questions regarding detection methods and identified vulnerabilities. Gain valuable insights into Android security from experts Kai Wang, Yuqing Zhang, and Peng Liu as they present their findings at the 23rd ACM Conference on Computer and Communications Security.

Intro
Android System Server
How a System Service is provided
Callback during IPC
What is a Callback Handle
Malicious Callback: Block
Malicious Callback: Exception
Malicious Callback: Self-Poisoning
Other Victims System Apps
Research Questions
Meaningful Attacks
Defense Approaches
Question 1: How to Detect?
Question 2: Detected Vulnerabilities