000000310 001__ 310
000000310 005__ 20151014075400.0
000000310 037__ $$aLERSSE-RefConfPaper-2015-007
000000310 100__ $$aSan-Tsai Sun
000000310 245__ $$aAndroid Rooting: Methods, Detection, and Evasion
000000310 260__ $$c2015-10-14
000000310 300__ $$a12
000000310 520__ $$aAndroid rooting enables device owners to freely customize their own devices and run useful apps that require root privileges. While useful, rooting weakens the security of Android devices and opens the door for malware to obtain privileged access easily. Thus, several rooting prevention mechanisms have been introduced by vendors, and sensitive or high-value mobile apps perform rooting detection to mitigate potential security exposures on rooted devices. However, there is a lack of understanding whether existing rooting prevention and detection methods are effective. To fill this knowledge gap, we studied existing Android rooting methods and per- formed manual and dynamic analysis on 182 selected apps, in order to identify current rooting detection methods and evaluate their effectiveness. Our results suggest that these methods are ineffective. We conclude that reliable methods for detecting rooting must come from integrity-protected kernels or trusted execution environments, which are difficult to bypass.
000000310 6531_ $$aAndroid OS
000000310 6531_ $$aRooting
000000310 6531_ $$aDetection
000000310 6531_ $$aEvasion
000000310 700__ $$aAndrea Cuadros
000000310 700__ $$aKonstantin Beznosov
000000310 8560_ $$flersse-it@ece.ubc.ca
000000310 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/310/files/p3.pdf
000000310 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/310/files/p3.pdf?subformat=pdfa$$xpdfa
000000310 909C4 $$pSan-Tsai Sun, Andrea Cuadros and Konstantin Beznosov. Android Rooting: Methods, Detection, and Evasion. Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, October 2015.
000000310 980__ $$aRefConfPaper