Privacy Leakage and Protection of InputConnection Interface in Android

Chi-Yu Li, Hsin Yi Wang, Wei Ching Wang, Chun-Ying Huang

研究成果: Article同行評審

摘要

Leakage of user credentials has been a conventional security threat for mobile users. In this work, we discover a new leakage threat caused by a vulnerability of the input method framework (IMF) on Android. The vulnerability lies in an IMF interface, called InputConnection, which is dynamically built to deliver user inputs from an active input method (e.g., software keyboard) to WebView, which is an essential Android component rendering Web pages. It allows the IMF interface of a WebView component to be hijacked by the app or the third-party library that embeds the WebView. Such hijacking can be exploited to steal user inputs on the Web pages loaded by the WebView. It can also eavesdrop on input fields of all the Web pages loaded by WebView without user awareness; the attack is self-contained and does not require any external dependency. It does not interrupt, delay, or change normal operations. More threateningly, this attack is easy to launch and works for most Android versions (from 4.4 to 11.0). We conduct a field study including more than 1500 tests on our developed IWH attack app. The result shows that the app can successfully steal user inputs in all the tests and identify the input strings with 98.0% accuracy. We further devise two solutions, a Web-based virtual keyboard and an IMF hijacking guardian, for mobile Web services and the Android platform, respectively. We finally prototype them on a Web server and on an Android framework, respectively, to confirm their effectiveness.

原文American English
文章編號9420693
頁(從 - 到)3309-3323
頁數15
期刊IEEE Transactions on Network and Service Management
18
發行號3
DOIs
出版狀態Published - 3 5月 2021

指紋

深入研究「Privacy Leakage and Protection of InputConnection Interface in Android」主題。共同形成了獨特的指紋。

引用此