| Title | A Hybrid Interface Recovery Method for Android Kernels Fuzzing |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Lu, Shuaibing, Kuang, Xiaohui, Nie, Yuanping, Lin, Zhechao |
| Conference Name | 2020 IEEE 20th International Conference on Software Quality, Reliability and Security (QRS) |
| Date Published | Dec. 2020 |
| Publisher | IEEE |
| ISBN Number | 978-1-7281-8913-0 |
| Keywords | Android security, composabilty, fuzzing, interface recovery, IoT security, Kernel, kernel fuzzing, Metrics, Operating Systems Security, pubcrawl, resilience, Resiliency, security, smart phones, software quality, software reliability, static analysis |
| Abstract | Android kernel fuzzing is a research area of interest specifically for detecting kernel vulnerabilities which may allow attackers to obtain the root privilege. The number of Android mobile phones is increasing rapidly with the explosive growth of Android kernel drivers. Interface aware fuzzing is an effective technique to test the security of kernel driver. Existing researches rely on static analysis with kernel source code. However, in fact, there exist millions of Android mobile phones without public accessible source code. In this paper, we propose a hybrid interface recovery method for fuzzing kernels which can recover kernel driver interface no matter the source code is available or not. In white box condition, we employ a dynamic interface recover method that can automatically and completely identify the interface knowledge. In black box condition, we use reverse engineering to extract the key interface information and use similarity computation to infer argument types. We evaluate our hybrid algorithm on on 12 Android smartphones from 9 vendors. Empirical experimental results show that our method can effectively recover interface argument lists and find Android kernel bugs. In total, 31 vulnerabilities are reported in white and black box conditions. The vulnerabilities were responsibly disclosed to affected vendors and 9 of the reported vulnerabilities have been already assigned CVEs. |
| URL | https://ieeexplore.ieee.org/document/9282786 |
| DOI | 10.1109/QRS51102.2020.00052 |
| Citation Key | lu_hybrid_2020 |
A Hybrid Interface Recovery Method for Android Kernels Fuzzing