Hao Zhou,Haoyu Wang,Xiapu Luo,Ting Chen,Yajin Zhou,Ting Wang

DOI: https://doi.org/10.14722/ndss.2022.23166

2022-01-01

Abstract:—Due to the complexity resulted from the huge code base and the multi-context nature of Android, inconsistent access control enforcement exists in Android, which can be exploited by malware to bypass the access control and perform unauthorized security-sensitive operations. Unfortunately, existing studies only focus on the inconsistent access control enforcement in the Java context of Android. In this paper, we conduct the first systematic investigation on the inconsistent access control enforcement across the Java context and native context of Android. In particular, to automatically discover cross-context inconsistencies, we design and implement IAceFinder , a new tool that extracts and contrasts the access control enforced in the Java context and native context of Android. Applying IAceFinder to 14 open-source Android ROM s, we find that it can effectively uncover their cross-context inconsistent access control enforcement. Specifically, IAceFinder discovers 23 inconsistencies that can be abused by attackers to compromise the device and violate user privacy.

Yajin Zhou,Xinwen Zhang,Xuxian Jiang,Vincent W. Freeh

DOI: https://doi.org/10.1007/978-3-642-21599-5_7

2011-01-01

Abstract:Smartphones have been becoming ubiquitous and mobile users are increasingly relying on them to store and handle personal information. However, recent studies also reveal the disturbing fact that users' personal information is put at risk by (rogue) smartphone applications. Existing solutions exhibit limitations in their capabilities in taming these privacy-violating smartphone applications. In this paper, we argue for the need of a new privacy mode in smartphones. The privacy mode can empower users to flexibly control in a fine-grained manner what kinds of personal information will be accessible to an application. Also, the granted access can be dynamically adjusted at runtime in a fine-grained manner to better suit a user's needs in various scenarios (e.g., in a different time or location). We have developed a system called TISSA that implements such a privacy mode on Android. The evaluation with more than a dozen of information-leaking Android applications demonstrates its effectiveness and practicality. Furthermore, our evaluation shows that TISSA introduces negligible performance overhead.

Zhiyuan Wan,Lingfeng Bao,Debin Gao,Eran Toch,Xin Xia,Tamir Mendel,David Lo

DOI: https://doi.org/10.1145/3369819

2019-01-01

Proceedings of the ACM on Interactive Mobile Wearable and Ubiquitous Technologies

Abstract:The rapid adoption of Smartphone devices has caused increasing security and privacy risks and breaches. Catching up with ever-evolving contemporary smartphone technology challenges leads older adults (aged 50+) to reduce or to abandon their use of mobile technology. To tackle this problem, we present AppMoD, a community-based approach that allows delegation of security and privacy decisions a trusted social connection, such as a family member or a close friend. The trusted social connection can assist in the appropriate decision or make it on behalf of the user. We implement the approach as an Android app and describe the results of three user studies (n=50 altogether), in which pairs of older adults and family members used the app in a controlled experiment. Using app anomalies as an ongoing case study, we show how delegation improves the accuracy of decisions made by older adults. Also, we show how combining decision-delegation with crowdsourcing can enhance the advice given and improve the decision-making process. Our results suggest that a community-based approach can improve the state of mobile security and privacy.

Yajin Zhou,Kapil Singh,Xuxian Jiang

DOI: https://doi.org/10.1007/978-3-319-08593-7_4

2014-01-01

Abstract:Modern smartphone apps tend to contain and use vast amounts of data that can be broadly classified as structured and unstructured. Structured data, such as an user's geolocation, has predefined semantics that can be retrieved by well-defined platform APIs. Unstructured data, on the other hand, relies on the context of the apps to reflect its meaning and value, and is typically provided by the user directly into an app's interface. Recent research has shown that third-party apps are leaking highly-sensitive unstructured data, including user's banking credentials. Unfortunately, none of the current solutions focus on the protection of unstructured data. In this paper, we propose an owner-centric solution to protect unstructured data on smartphones. Our approach allows the data owners to specify security policies when providing their untrusted data to third-party apps. It tracks the flow of information to enforce the owner's policies at strategic exit points. Based on this approach, we design and implement a system, called <Literal>DataChest</Literal>. We develop several mechanisms to reduce user burden and keep interruption to the minimum, while at the same time preventing the malicious apps from tricking the user. We evaluate our system against a set of real-world malicious apps and a series of synthetic attacks to show that it can successfully prevent the leakage of unstructured data while incurring reasonable performance overhead.

Jian Yu,Quan Z. Sheng,Wei Qi Yan,Chris Wang,Olayinka Adeleye

DOI: https://doi.org/10.1145/3144457.3144509

2017-01-01

Abstract:Mobile devices have become major sources of context-aware data due to their ubiquity and sensing capabilities. However, deploying mobile devices as dynamic, unabridged context data provider either locally or remotely is still challenging due to their limited computing capability. Furthermore, integrating physical sensor data with social context data from online social networks is necessary for rich context data provisioning. In this paper, we present AndroCon, an Android-based context-aware middleware framework that enables mobile devices to acquire, integrate, manage, and provision context data. We have applied AndroCon to manage social and physical context data from various sources and have evaluated its performance in terms of power consumption and CPU utilization.

Guangdong Bai,Liang Gu,Tao Feng,Yao Guo,Xiangqun Chen

DOI: https://doi.org/10.1007/978-3-642-16161-2_19

2010-01-01

Abstract:The security of smart phones is increasingly important due to their rapid popularity. Mobile computing on smart phones introduces many new characteristics such as personalization, mobility, pay-for-service and limited resources. These features require additional privacy protection and resource usage constraints in addition to the security and privacy concerns on traditional computers. As one of the leading open source mobile platform, Android is also facing security challenges from the mobile environment. Although many security measures have been applied in Android, the existing security mechanism is coarse-grained and does not take into account the context information, which is of particular interest because of the mobility and personality of a smart phone device.

Chaohao Li,Xiaoyu Ji,Bin Wang,Kai Wang,Wenyuan Xu

DOI: https://doi.org/10.1145/3449071

2021-01-01

ACM Transactions on Sensor Networks

Abstract:Editorial NotesThe authors have requested minor, non-substantive changes to the VoR and, in accordance with ACM policies, a Corrected VoR was published on September 28, 2021. For reference purposes the VoR may still be accessed via the Supplemental Material section on this page.AbstractIndoor proximity verification has become an increasingly useful primitive for the scenarios where access is granted to the previously unknown users when they enter a given area (e.g., a hotel room). Existing solutions either rely on homogeneous sensing modalities shared by two parties or require additional human interactions. In this article, we propose a context-based indoor proximity verification scheme, called SenCS, to enable real-time autonomous access for mobile devices, utilizing the available heterogeneous sensors at the user side and at the room side. The intuition is that only when the user is within a room can sensors from both sides observe the same events in the room. Yet such a solution is challenging, because the events may not provide enough entropy within the required time and the heterogeneity in sensing modalities may not always agree on the sensed events. To overcome the challenges, we exploit the time intervals between successively human actions to create heterogeneous contextual fingerprints (HCF) at a millisecond level. By comparing the contextual similarity between the HCF s from both the room and user sides, SenCS accomplishes the indoor proximity verification. Through proof-of-concept implementation and evaluations on 30 participants, SenCS achieves an accuracy of 99.77% and an equal error rate (EER) of 0.23% across various hardware configurations.

Rui Chang,Liehui Jiang,Wenzhi Chen,Hong-qi He,Shuiqiao Yang,Hang Jiang,Wei Liu,Yong Liu

DOI: https://doi.org/10.1002/cpe.4180

2018-01-01

Abstract:This paper discusses security issues on the user equipment, which is the last mile of social networks. One of the main Achilles' heel of social networks is not the organization of networks themselves, but the user devices, typically Android ones. The existing system of privileges makes it easy to infiltrate the network via applications installed on users' devices. Conventional signature-based and static analysis methods are vulnerable. Access to privacy- and security-relevant parts of the application programming interface is controlled by the corresponding permission in a manifest file. While requesting access to permissions, it may offer opportunities to malicious codes, which will cause security issues. Few works among permission analysis, however, pay attention to the prevention of permission leakage on both hardware and software frameworks. In this paper we tackle the challenge of providing our multilayered permission-based security extension scheme on Android platforms. We propose a usage and access control model and an effective method of preventing permission leakage based on ARM TrustZone security extension mechanism. In contrast to previous work, the proposed security architecture provides a permission-based mandatory access control on Android middleware, Linux kernel, and hardware layers. The evaluation results demonstrate the effectiveness of the proposed scheme in mitigating permission leakage vulnerabilities.

Guangdong Bai,Lin Yan,Liang Gu,Yao Guo,Xiangqun Chen

DOI: https://doi.org/10.1002/sec.424

IF: 1.968

2012-01-01

Security and Communication Networks

Abstract:The Web of Things (WoT), inherited from the Internet of Things (IoT), encapsulates functionalities into publishable services on the Web to enable the IoT a seamless integration with the Web. The openness of the Web, in turn, directly exposes WoT to existing attacks from the Web. In addition, WoT possesses characteristics of high security and privacy concerns, mobility, and limited capabilities, which require specific and additional security and privacy protection beyond existing mechanisms. More importantly, WoT is inherently connected to its context, so context information must be taken into account in its security and privacy measures. To address these challenges, we propose a context-aware usage control model (ConUCON), which leverages the context information to enhance data, resource, and service protection for WoT. On the basis of ConUCON, we also design and implement a context-aware usage control framework on the middleware layer in our ongoing SmartHome project, to provide security and privacy protection. ConUCON is designed specifically to express the context-aware usage policy specification, such that security and privacy requirements can be easily specified and enforced with the proposed model and framework. Finally, we apply ConUCON to a remote appliance management prototype, as a case study, to demonstrates its feasibility in a real environment. Copyright © 2012 John Wiley & Sons, Ltd.

Amit Kumar Sikder,Hidayet Aksu,A. Selcuk Uluagac

DOI: https://doi.org/10.48550/arXiv.1910.11138

2019-10-23

Abstract:Sensors (e.g., light, gyroscope, accelerometer) and sensing-enabled applications on a smart device make the applications more user-friendly and efficient. However, the current permission-based sensor management systems of smart devices only focus on certain sensors and any App can get access to other sensors by just accessing the generic sensor Application Programming Interface (API). In this way, attackers can exploit these sensors in numerous ways: they can extract or leak users' sensitive information, transfer malware, or record or steal sensitive information from other nearby devices. In this paper, we propose 6thSense, a context-aware intrusion detection system which enhances the security of smart devices by observing changes in sensor data for different tasks of users and creating a contextual model to distinguish benign and malicious behavior of sensors. 6thSense utilizes three different Machine Learning-based detection mechanisms (i.e., Markov Chain, Naive Bayes, and LMT). We implemented 6thSense on several sensor-rich Android-based smart devices (i.e., smart watch and smartphone) and collected data from typical daily activities of 100 real users. Furthermore, we evaluated the performance of 6thSense against three sensor-based threats: (1) a malicious App that can be triggered via a sensor, (2) a malicious App that can leak information via a sensor, and (3) a malicious App that can steal data using sensors. Our extensive evaluations show that the 6thSense framework is an effective and practical approach to defeat growing sensor-based threats with an accuracy above 96% without compromising the normal functionality of the device. Moreover, our framework reveals minimal overhead.

Cryptography and Security

Binyong Li,Fan Yang,Shaowei Zhang

DOI: https://doi.org/10.3390/math12162541

IF: 2.4

2024-08-19

Mathematics

Abstract:Traditional access control systems exhibit limitations in providing flexible authorization and fine-grained access in the face of increasingly complex and dynamic access scenarios. This paper proposes a context-aware risk access control model to address these challenges. By developing a multi-level contextual risk indicator system, the model comprehensively considers real-time contextual information associated with access requests, dynamically evaluates the risk level of these requests, and compares the outcomes with predefined risk policies to facilitate access decisions. This approach enhances the dynamism and flexibility of access control. To improve the accuracy and reliability of risk assessments, we propose a combination weighting method grounded in game theory. This method reconciles subjective biases and the limitations of objective data by integrating both subjective and objective weighting techniques, thus optimizing the determination process for risk factor weights. Furthermore, smart contracts are introduced to monitor user behavior during access sessions, thereby preventing malicious attacks and the leakage of sensitive information. Finally, the model's performance and authorization granularity are assessed through empirical experiments. The results indicate that the model effectively addresses the requirements of dynamic and fine-grained access scenarios, improving the system's adaptability to risk fluctuations while safeguarding sensitive information.

mathematics

Jiayi Chen,Urs Hengartner,Hassan Khan

DOI: https://doi.org/10.1145/3648372

IF: 2.717

2024-02-15

ACM Transactions on Privacy and Security

Abstract:Adaptive authentication enables smartphones and enterprise apps to decide when and how to authenticate users based on contextual and behavioral factors. In practice, a system may employ multiple policies to adapt its authentication mechanisms and access controls to various scenarios. However, existing approaches suffer from contradictory or insecure adaptations, which may enable attackers to bypass the authentication system. Besides, most existing approaches are inflexible and do not provide desirable access controls. We design and build a multi-stage risk-aware adaptive authentication and access control framework (MRAAC), which provides the following novel contributions: Multi-stage: MRAAC organizes adaptation policies in multiple stages to handle different risk types and progressively adapts authentication mechanisms based on context, resource sensitivity, and user authenticity. Appropriate access control: MRAAC provides libraries to enable sensitive apps to manage the availability of their in-app resources based on MRAAC’s risk awareness. Extensible: While existing proposals are tailored to cater to a single use case, MRAAC supports a variety of use cases with custom risk models. We exemplify these advantages of MRAAC by deploying it for three use cases: an enhanced version of Android Smart Lock, guest-aware continuous authentication, and corporate app for BYOD. We conduct experiments to quantify the CPU, memory, latency, and battery performance of MRAAC. Our evaluation shows that MRAAC enables various stakeholders (device manufacturers, enterprise and secure app developers) to provide complex adaptive authentication workflows on COTS Android with low processing and battery overhead.

computer science, information systems

Yang Xu,Guojun Wang,Ju Ren,Yaoxue Zhang

DOI: https://doi.org/10.1016/j.future.2018.09.042

IF: 7.307

2018-01-01

Future Generation Computer Systems

Abstract:Android is a successful mobile platform with a thriving application ecosystem. However, despite its security precautions like permission mechanism, it is still vulnerable to privilege escalation threats and particularly confused deputy attacks that exploit the permission leak vulnerabilities of Android applications. Worse, most existing detection and protection techniques have become costly and unresponsive in current Android dynamic permission environments. In this paper, we propose a configurable Android security framework to prevent the exploitation of permission leak vulnerabilities of third-party applications via confused deputy attacks. Our framework collects the runtime states of applications and enforces policy and capability-based access control to restrain riskful inter-application communications, so as to provide more responsive, adaptive, and flexible application protection. Besides, our framework provides users with a flexible runtime policy configuration together with a complementary security mechanism to mitigate risks induced by inappropriate policies. Additionally, we present a sophisticated access decision cache system with a proactive maintenance method that ensures the efficiency and dependability of decision services. Theoretical analysis and experimental evaluation demonstrate that our approach provides configurable and effective protections for third-party applications against permission leak vulnerabilities at small performance and usability costs.

Wei Yang,Xusheng Xiao,Benjamin Andow,Sihan Li,Tao Xie,William Enck

DOI: https://doi.org/10.1109/icse.2015.50

2015-01-01

Abstract:Mobile malware attempts to evade detection during app analysis by mimicking security-sensitive behaviors of benign apps that provide similar functionality (e.g., sending SMS messages), and suppressing their payload to reduce the chance of being observed (e.g., executing only its payload at night). Since current approaches focus their analyses on the types of security-sensitive resources being accessed (e.g., network), these evasive techniques in malware make differentiating between malicious and benign app behaviors a difficult task during app analysis. We propose that the malicious and benign behaviors within apps can be differentiated based on the contexts that trigger security-sensitive behaviors, i.e., the events and conditions that cause the security-sensitive behaviors to occur. In this work, we introduce AppContext, an approach of static program analysis that extracts the contexts of security-sensitive behaviors to assist app analysis in differentiating between malicious and benign behaviors. We implement a prototype of AppContext and evaluate AppContext on 202 malicious apps from various malware datasets, and 633 benign apps from the Google Play Store. AppContext correctly identifies 192 malicious apps with 87.7% precision and 95% recall. Our evaluation results suggest that the maliciousness of a security-sensitive behavior is more closely related to the intention of the behavior (reflected via contexts) than the type of the security-sensitive resources that the behavior accesses.

Xiangjun Chen,Yaduan Ruan,Jianqiao Yu,Qimei Chen

2014-01-01

Abstract:Video surveillance is a basic mean for fields monitoring, but in uncertain plots for emergency, it is usually impossible to construct a delivery channel for video surveillance. With the wide spreading of 3G network and smart phones equipped with powerful processor and context-aware sensors, it is possible to build a context-aware based mobile surveillance. This work provided a mobile video surveillance solution combined with mobile context-awareness realized on Android smartphones. The present paper discussed a context-awareness framework of smart phone and relevant technology firstly. Then, it introduced mobile surveillance architecture and the realization process. Experiment result and use case showed the methods for video collection and delivery and QoS were feasible. This proposed system is constructed with inner sensors of smartphones and no need to construct a fixed delivery channel. Compared with traditional video surveillance system, the system realized with our solution is more flexible, pervasive, and cheaper.

Kristopher Micinski,Jonathan Fetter-Degges,Jinseong Jeon,Jeffrey S. Foster,Michael R. Clarkson

DOI: https://doi.org/10.48550/arXiv.1504.03711

2015-04-14

Cryptography and Security

Abstract:Mobile apps can access a wide variety of secure information, such as contacts and location. However, current mobile platforms include only coarse access control mechanisms to protect such data. In this paper, we introduce interaction-based declassification policies, in which the user's interactions with the app constrain the release of sensitive information. Our policies are defined extensionally, so as to be independent of the app's implementation, based on sequences of security-relevant events that occur in app runs. Policies use LTL formulae to precisely specify which secret inputs, read at which times, may be released. We formalize a semantic security condition, interaction-based noninterference, to define our policies precisely. Finally, we describe a prototype tool that uses symbolic execution to check interaction-based declassification policies for Android, and we show that it enforces policies correctly on a set of apps.

Michał Drozdowicz,Maria Ganzha,Marcin Paprzycki

DOI: https://doi.org/10.1109/TETC.2020.2996974

2021-01-09

Abstract:Personal and home sensors generate valuable information that could be used in Smart Cities. Unfortunately, typically, this data is locked out and used only by application/system developer. While vendors are to blame, one should consider also the "binary nature" of data access. Specifically, either owner has full control over her data (e.g. in a "closed system"), or she completely looses control, when the data is "opened". In this context, we propose, a semantic technologies-based, authorization and privacy control framework that enables user to maintain flexible, yet manageable data access control policies. The proposed approach is described in detail, including implementation and testing.

Cryptography and Security

Wenyun Dai,Longbin Chen,Meikang Qiu,Ana Wu,Meiqin Liu

DOI: https://doi.org/10.1109/smartcloud.2017.45

2017-01-01

Abstract:In this mobile period, users enjoy various functions and convenience from mobile devices, but the coarse-grained data access permission of current mobile operating system brings about serious risk of privacy leakage. In other words, users mobile data are over-collected by apps. This study focuses on a new framework to provide fine-grained data access mechanism for mobile systems. With the help of cloud storage, we separate mobile data by types, contents, and privacy levels. We design and implement the DASS system to provide fine-grained data access management, while keep it transparent to users. Experimental results show that our system can protect users’ privacy greatly while keep the extra cost within a reasonable range.

Surendra Tyagi,Devesh C. Jinwala,Subhasis Bhattacharjee

DOI: https://doi.org/10.1504/ijahuc.2024.137602

2024-03-29

International Journal of Ad Hoc and Ubiquitous Computing

Abstract:In internet of things (IoT), the context awareness in resolving the access control aids to finer resolution in deciding whether to grant access or not. In this paper, our focus is on the context aware access control for IoT devices, specifically on decentralised access control mechanism. We are taking the smart home as a use case for this application. However, the mechanism to implement a context aware access control requires the information about the context of the subjects in such an application. This information can best be shared using the ontologies. Motivated by the same, we propose here an ontology for decentralised context aware access control for smart home. To the best of our knowledge, this is a unique attempt to propose the design of an ontology for decentralised context-aware access control in the loT. We validate our proposed design by simulation using Protege.

computer science, information systems,telecommunications

tao feng,xi zhao,nicholas desalvo,zhimin gao,xi wang,weidong shi

DOI: https://doi.org/10.1109/THS.2015.7225268

2015-01-01

Abstract:Coinciding with the surge in popularity and adoption of mobile devices and the ever-expanding capabilities of these devices, the amount of sensitive information accessed and stored has increased exponentially. Inasmuch, these advancements have, and continue to demand great efforts from researchers and the industry alike in terms of improving security therein. Existing technologies either conduct user identity verification via a login stage or request authentication every time the user accesses a sensitive app. We propose, in this paper, an IdentityTracker. This framework is dedicated to tracking the user's identity, performing app-level access control management. Continuous and implicit tracking of the user's identity is accomplished through monitoring fingerprint authentication logs as well as detecting events when the phone has left the user's hand. This approach leverages multiple onboard sensors. We conducted two user-studies acquiring smartphone users' usage statistics to investigate security and usability needs of our solution. To monitor these subtle gestures in real-world uncontrolled environments, multi-session data collection has been conducted to iteratively improve system performance. The evaluation results have demonstrated the feasibility of IdentityTracker.