Beyond the Surface: Uncovering the Unprotected Components of Android Against Overlay Attack
Hao Zhou
Network and Distributed System Security (NDSS) Symposium 2024 · Day 1 · Android & IoT Security
The Android operating system, renowned for its flexibility and user experience, incorporates a powerful feature known as **overlays** or **floating windows**. This functionality allows applications to draw content on top of other running applications, facilitating concurrent interaction and enhancing usability, as seen in popular features like Facebook Messenger chat heads or YouTube's picture-in-picture mode. However, this very capability, while beneficial, has become a notorious vector for **overlay attacks**, commonly referred to as **tapjacking**. Malicious applications exploit overlays to obscure critical user interface (UI) elements, tricking users into revealing sensitive information or unknowingly granting dangerous permissions. Given that system applications manage many security-sensitive operations, their protection against such attacks is paramount.