TY - JOUR
T1 - Web access monitoring mechanism via Android WebView for threat analysis
AU - Imamura, Yuta
AU - Orito, Rintaro
AU - Uekawa, Hiroyuki
AU - Chaikaew, Kritsana
AU - Leelaprute, Pattara
AU - Sato, Masaya
AU - Yamauchi, Toshihiro
N1 - Funding Information:
Toshihiro Yamauchi has received research grants from National Institute of Information and Communications Technology (NICT), Japan, Japan Science and Technology Agency, and SECOM CO., LTD., Japan. He is a visiting scholar of Advanced Telecommunications Research Institute International (ATR), Japan.
Publisher Copyright:
© 2021, The Author(s).
PY - 2021
Y1 - 2021
N2 - Many Android apps employ WebView, a component that enables the display of web content in the apps without redirecting users to web browser apps. However, WebView might also be used for cyberattacks. Moreover, to the best of our knowledge, although some countermeasures based on access control have been reported for attacks exploiting WebView, no mechanism for monitoring web access via WebView has been proposed and no analysis results focusing on web access via WebView are available. In consideration of this limitation, we propose a web access monitoring mechanism for Android WebView to analyze web access via WebView and clarify attacks exploiting WebView. In this paper, we present the design and implementation of this mechanism by modifying Chromium WebView without any modifications to the Android framework or Linux kernel. The evaluation results of the performance achieved on introducing the proposed mechanism are also presented here. Moreover, the result of threat analysis of displaying a fake virus alert while browsing websites on Android is discussed to demonstrate the effectiveness of the proposed mechanism.
AB - Many Android apps employ WebView, a component that enables the display of web content in the apps without redirecting users to web browser apps. However, WebView might also be used for cyberattacks. Moreover, to the best of our knowledge, although some countermeasures based on access control have been reported for attacks exploiting WebView, no mechanism for monitoring web access via WebView has been proposed and no analysis results focusing on web access via WebView are available. In consideration of this limitation, we propose a web access monitoring mechanism for Android WebView to analyze web access via WebView and clarify attacks exploiting WebView. In this paper, we present the design and implementation of this mechanism by modifying Chromium WebView without any modifications to the Android framework or Linux kernel. The evaluation results of the performance achieved on introducing the proposed mechanism are also presented here. Moreover, the result of threat analysis of displaying a fake virus alert while browsing websites on Android is discussed to demonstrate the effectiveness of the proposed mechanism.
KW - Android
KW - Fake virus alert
KW - Threat analysis
KW - Web access monitoring
KW - Web security
KW - WebView
UR - http://www.scopus.com/inward/record.url?scp=85099533459&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85099533459&partnerID=8YFLogxK
U2 - 10.1007/s10207-020-00534-3
DO - 10.1007/s10207-020-00534-3
M3 - Article
AN - SCOPUS:85099533459
SN - 1615-5262
JO - International Journal of Information Security
JF - International Journal of Information Security
ER -