NDSS 2025 – ScopeVerif: Analyzing The Security Of Android’s Scoped Storage Via Differential Analysis
None
<p>Session 9A: Android Security 2 </p><p></p><center data-preserve-html-node="true"><iframe allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen="" src="https://www.youtube-nocookie.com/embed/drOtBSMA4q8?si=RSIykIQoIEqbRE1L" width="560" frameborder="0" data-preserve-html-node="true" title="YouTube video player" height="315"></iframe> <p></p><center data-preserve-html-node="true">Authors, Creators & Presenters: Zeyu Lei (Purdue University), Güliz Seray Tuncay (Google), Beatrice Carissa Williem (Purdue University), Z. Berkay Celik (Purdue University), Antonio Bianchi (Purdue University) <p></p><center data-preserve-html-node="true">PAPER<br> <center data-preserve-html-node="true">ScopeVerif: Analyzing the Security of Android’s Scoped Storage via Differential Analysi <p></p><center data-preserve-html-node="true">Storage on Android has evolved significantly over the years, with each new Android version introducing changes aimed at enhancing usability, security, and privacy. While these updates typically help with restricting app access to storage through various mechanisms, they may occasionally introduce new complexities and vulnerabilities. A prime example is the introduction of scoped storage in Android 10, which fundamentally changed how apps interact with files. While intended to enhance user privacy by limiting broad access to shared storage, scoped storage has also presented developers with new challenges and potential vulnerabilities to address. However, despite its significance for user privacy and app functionality, no systematic studies have been performed to study Android’s scoped storage at depth from a security perspective. In this paper, we present the first systematic security analysis of the scoped storage mechanism. To this end, we design and implement a testing tool, named ScopeVerif, that relies on differential analysis to uncover security issues and implementation inconsistencies in Android’s storage. Specifically, ScopeVerif takes a list of security properties and checks if there are any file operations that violate any security properties defined in the official Android documentation. Additionally, we conduct a comprehensive analysis across different Android versions as well as a cross-OEM analysis to identify discrepancies in different implementations and their security implications. Our study identifies both known and unknown issues of scoped storage. Our cross-version analysis highlights undocumented changes as well as partially fixed security loopholes across versions. Additionally, we discovered several vulnerabilities in scoped storage implementations by different OEMs. These vulnerabilities stem from deviations from the documented and correct behavior, which potentially poses security risks. The affected OEMs and Google have acknowledged our findings and offered us bug bounties in response. <hr> <p></p><center data-preserve-html-node="true">ABOUT NDSS<br> <center data-preserve-html-node="true">The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies. <hr> <p>Our thanks to the <a href="https://www.ndss-symposium.org/">Network and Distributed System Security (NDSS) Symposium</a> for publishing their Creators, Authors and Presenter’s superb <a href="https://www.youtube.com/@NDSSSymposium">NDSS Symposium 2025 Conference</a> content on the <a href="https://www.ndss-symposium.org/">Organizations’</a> <a href="https://youtube.com/@ndsssymposium?si=lLtn9sVVEwmZ8J9h3">YouTube Channel</a>. </p> <p></p></center></center></center></center></center></center></center><p><a href="https://www.infosecurity.us/blog/2026/1/17/ndss-2025-scopeverif-analyzing-the-security-of-androids-scoped-storage-via-differential-analysis">Permalink</a></p><p> </p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/01/ndss-2025-scopeverif-analyzing-the-security-of-androids-scoped-storage-via-differential-analysis/" data-a2a-title="NDSS 2025 – ScopeVerif: Analyzing The Security Of Android’s Scoped Storage Via Differential Analysis"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fndss-2025-scopeverif-analyzing-the-security-of-androids-scoped-storage-via-differential-analysis%2F&linkname=NDSS%202025%20%E2%80%93%20ScopeVerif%3A%20Analyzing%20The%20Security%20Of%20Android%E2%80%99s%20Scoped%20Storage%20Via%20Differential%20Analysis" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fndss-2025-scopeverif-analyzing-the-security-of-androids-scoped-storage-via-differential-analysis%2F&linkname=NDSS%202025%20%E2%80%93%20ScopeVerif%3A%20Analyzing%20The%20Security%20Of%20Android%E2%80%99s%20Scoped%20Storage%20Via%20Differential%20Analysis" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fndss-2025-scopeverif-analyzing-the-security-of-androids-scoped-storage-via-differential-analysis%2F&linkname=NDSS%202025%20%E2%80%93%20ScopeVerif%3A%20Analyzing%20The%20Security%20Of%20Android%E2%80%99s%20Scoped%20Storage%20Via%20Differential%20Analysis" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fndss-2025-scopeverif-analyzing-the-security-of-androids-scoped-storage-via-differential-analysis%2F&linkname=NDSS%202025%20%E2%80%93%20ScopeVerif%3A%20Analyzing%20The%20Security%20Of%20Android%E2%80%99s%20Scoped%20Storage%20Via%20Differential%20Analysis" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fndss-2025-scopeverif-analyzing-the-security-of-androids-scoped-storage-via-differential-analysis%2F&linkname=NDSS%202025%20%E2%80%93%20ScopeVerif%3A%20Analyzing%20The%20Security%20Of%20Android%E2%80%99s%20Scoped%20Storage%20Via%20Differential%20Analysis" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.infosecurity.us/">Infosecurity.US</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Marc Handelman">Marc Handelman</a>. Read the original post at: <a href="https://www.youtube-nocookie.com/embed/drOtBSMA4q8?si=RSIykIQoIEqbRE1L">https://www.youtube-nocookie.com/embed/drOtBSMA4q8?si=RSIykIQoIEqbRE1L</a> </p>