Real-Time Detection and Reaction to Activity Hijacking Attacks in Android Smartphones (Short Paper).

Most Android users are required to communicate sensitive data (passwords, usernames, security codes, and credit card numbers) with applications. Hacker can launch phishing attacks to compromise user data confidentiality. He/She stealthily injects into the foreground a hijacking Activity at the right timing to acquire private information. In this paper, we propose an effective approach that uses the similarity between launched Activities in order to detect and reacts to hijacking attacks during runtime time. We demonstrate the effectiveness of our solution by quantifying the number of false positives that can be generated by our system. We observe that, in the worst case, our solution generates 4.2% of false positives and incurs only 0.39% performance overhead on a CPU-bound micro-benchmark.