Colluded Applications Vulnerabilities in Android Devices

Modern smartphones may store user's very private information whose leakage may cause bad or even dramatic privacy and security violations. In this paper, we describe in details possible vulnerabilities whose exploitation can lead to a privacy leakage. These vulnerabilities depend on communication between colluded applications, which can employ either an overt or covert mode communication to bypass permission security mechanisms of the Android OS. Covert communication can even conceal the very fact of their communication act to help avoid a detection by anti-malware software. In the reported empirical study, we simulated various cases of both attack types on the Android device. By employing Android system monitor tools, signals characterizing applications allocated memory consumption and overall memory consumption as well as a CPU utilization have been recorded and analyzed over periods of time that included various attacks and only normal situation. The samples of recorded signals are presented. In these signals, distinctive patterns that can be used for the detection of colluded application attacks were identified.