Hit by the Bus: QoS Degradation Attack on Android

Mehmet Sinan Inci, Thomas Eisenbarth, Berk Sunar


Mobile apps need optimal performance and responsiveness to rise amongst numerous rivals on the market. Further, some apps like media streaming or gaming apps cannot even function properly with a performance below a certain threshold. In this work, we present the first performance degradation attack on Android OS that can target rival apps using a combination of logical channel leakages and low-level architectural bottlenecks in the underlying hardware. To show the viability of the attack, we design a proof-of-concept app and test it on various mobile platforms. The attack runs covertly and brings the target to the level of unresponsiveness. With less than 10% CPU time in the worst case, it requires minimal computational effort to run as a background service, and requires only the UsageStats permission from the user. We quantify the impact of our attack using 11 popular benchmark apps, running 44 different tests.} The measured QoS degradation varies across platforms and applications, reaching a maximum of 90\% in some cases. The attack combines the leakage from logical channels with low-level architectural bottlenecks to design a malicious app that can covertly degrade Quality of Service (QoS) of any targeted app. Furthermore, our attack code has a small footprint and is not detected by the Android system as malicious. Finally, our app can pass the Google Play Store malware scanner, Google Bouncer, as well as the top malware scanners in the Play Store.
Original languageEnglish
Title of host publicationProceedings of the 2017 ACM on Asia Conference on Computer and Communications Security
Number of pages12
Place of PublicationNew York, NY, USA
Publication date02.04.2017
ISBN (Print)978-1-4503-4944-4
Publication statusPublished - 02.04.2017
EventProceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - Abu Dhabi, United Arab Emirates
Duration: 02.04.201706.04.2017


Dive into the research topics of 'Hit by the Bus: QoS Degradation Attack on Android'. Together they form a unique fingerprint.

Cite this