When Android Apps Open Ports to Handle Network Requests: Functionality or Security Vulnerability?

Abstract

Large amounts of Android apps (applications) are found to open network ports to handle network requests to realize some specific functions, e.g., access from web page to Android app, communication between computer and Android device, file transmission in LAN (Local Area Network) environment, etc. However, an opened network port also provides an interface for attackers to visit the app. If a network request can trigger sensitive behaviors of a port-opening app without being e ff ective authorized by the app, it would pose security threats to the user, and we consider this app has port-opening vulnerability. In this paper, we first study the universality of port-opening apps in current Android app stores, the purposes of opening network ports and the possible attacks that the vulnerable apps may su ff er from. Then we propose a detection method of port-opening vulnerability of Android app based on static analysis and implement a detection tool— APOVD (Android Port-Opening Vulnerability Detection). APOVD first judges whether an opened port can lead to the occurrence of sensitive behaviors by the method of reachability analysis and taint analysis. Then the technique of static program slicing is used to judge whether there exists adequate access controls in the paths to reach each sensitive behavior. If there exists a path to reach a sensitive behavior and no adequate access control in this path, APOVD considers that the app under test has port-opening vulnerability. 1187 port-opening Android apps are found in 15600 popular apps, and 407 of them are identified as having port-opening vulnerability with the help of APOVD. The result shows that APOVD is e ff ective in detecting port-opening vulnerability.