Would you mind forking this process?

A Denial of Service attack on Android (and some countermeasures)


Authors: Alessandro Armando (University of Genova and FBK, Italy), Alessio Merlo (eCampus University and University of Genova, Italy), Mauro Migliardi (University of Padova and University of Genova, Italy) and Luca Verderame (University of Genova).

Abstract: We present a previously undisclosed vulnerability of Android OS which can be exploited by mounting a Denial-of-Service attack that makes devices become totally unresponsive. We discuss the characteristics of the vulnerability – which affects all versions of Android – and propose two different fixes, each involving little patching implementing a few architectural countermeasures. We also provide experimental evidence of the effectiveness of the exploit as well as of the proposed countermeasures.

A pre-print version in available here.

This paper will appear in Proceedings of the IFIP International Information Security and Privacy Conference 2012 (IFIP-SEC 2012), June 3 - June 6, 2012, Heraklion (Greece).

Univesity Press Releases

University of Genova

University of Padova

University eCampus





Download video demo here (66 Mb)

Further information

National Vulnerability Database: CVE-2011-3918

Common Vulnerabilities and Exposures: CVE-2011-3918

On the press:

Ansa.itSecoloXIXilSole24orel'Avvenirela Stampal'Unitàla RepubblicaCorriere del TrentinoIl mattino di Padova, l'Adigel'ArenaL'eco di Bergamoil Gazzettino di Padovail mattino di Padova,TrentinoIvgGiornale di PugliaCorriereWeb.

On sites/blogs:

Punto-InformaticoTech Week EuropeGekissimoTutto AndroidAndroidianiAGIGenova TodayGenova 24The next web,  Babboleo,  FocusTechI love TechAndroid ItalyAndroid worldxtreme openourceSeogateGmanetworkAndroider, Notebook ItaliaInternational Businnes Times,Key 4 bizPrimoCanale.