Anonymous attackers have been targeting the Android ecosystem for performing severe malicious activities. Despite the complement of various vulnerabilities by security researchers, new vulnerabilities are continuously emerging. In this paper, we introduce a new type of vulnerability that can be exploited to hide data in an application file, bypassing the Android's signing policy. Specifically, we exploit padding areas that can be created by using the alignment option when applications are packaged. We present a proof-of-concept implementation for exploiting the vulnerability. Finally, we demonstrate the effectiveness of VeileDroid by using a synthetic application that hides data in the padding area and updates the data without re-signing and updating the application on an Android device.
Geochang JEON
Soongsil University
Jeong Hyun YI
Soongsil University
Haehyun CHO
Soongsil University
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Geochang JEON, Jeong Hyun YI, Haehyun CHO, "Hiding Data in the Padding Area of Android Applications without Re-Packaging" in IEICE TRANSACTIONS on Information,
vol. E105-D, no. 11, pp. 1928-1929, November 2022, doi: 10.1587/transinf.2022NGL0003.
Abstract: Anonymous attackers have been targeting the Android ecosystem for performing severe malicious activities. Despite the complement of various vulnerabilities by security researchers, new vulnerabilities are continuously emerging. In this paper, we introduce a new type of vulnerability that can be exploited to hide data in an application file, bypassing the Android's signing policy. Specifically, we exploit padding areas that can be created by using the alignment option when applications are packaged. We present a proof-of-concept implementation for exploiting the vulnerability. Finally, we demonstrate the effectiveness of VeileDroid by using a synthetic application that hides data in the padding area and updates the data without re-signing and updating the application on an Android device.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2022NGL0003/_p
Copy
@ARTICLE{e105-d_11_1928,
author={Geochang JEON, Jeong Hyun YI, Haehyun CHO, },
journal={IEICE TRANSACTIONS on Information},
title={Hiding Data in the Padding Area of Android Applications without Re-Packaging},
year={2022},
volume={E105-D},
number={11},
pages={1928-1929},
abstract={Anonymous attackers have been targeting the Android ecosystem for performing severe malicious activities. Despite the complement of various vulnerabilities by security researchers, new vulnerabilities are continuously emerging. In this paper, we introduce a new type of vulnerability that can be exploited to hide data in an application file, bypassing the Android's signing policy. Specifically, we exploit padding areas that can be created by using the alignment option when applications are packaged. We present a proof-of-concept implementation for exploiting the vulnerability. Finally, we demonstrate the effectiveness of VeileDroid by using a synthetic application that hides data in the padding area and updates the data without re-signing and updating the application on an Android device.},
keywords={},
doi={10.1587/transinf.2022NGL0003},
ISSN={1745-1361},
month={November},}
Copy
TY - JOUR
TI - Hiding Data in the Padding Area of Android Applications without Re-Packaging
T2 - IEICE TRANSACTIONS on Information
SP - 1928
EP - 1929
AU - Geochang JEON
AU - Jeong Hyun YI
AU - Haehyun CHO
PY - 2022
DO - 10.1587/transinf.2022NGL0003
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E105-D
IS - 11
JA - IEICE TRANSACTIONS on Information
Y1 - November 2022
AB - Anonymous attackers have been targeting the Android ecosystem for performing severe malicious activities. Despite the complement of various vulnerabilities by security researchers, new vulnerabilities are continuously emerging. In this paper, we introduce a new type of vulnerability that can be exploited to hide data in an application file, bypassing the Android's signing policy. Specifically, we exploit padding areas that can be created by using the alignment option when applications are packaged. We present a proof-of-concept implementation for exploiting the vulnerability. Finally, we demonstrate the effectiveness of VeileDroid by using a synthetic application that hides data in the padding area and updates the data without re-signing and updating the application on an Android device.
ER -