Yajin Zhou,Kunal Patel,Lei Wu,Zhi Wang,Xuxian Jiang

DOI: https://doi.org/10.1145/2714576.2714598

2015-01-01

Abstract:ABSTRACTUsers of Android phones increasingly entrust personal information to third-party apps. However, recent studies reveal that many apps, even benign ones, could leak sensitive information without user awareness or consent. Previous solutions either require to modify the Android framework thus significantly impairing their practical deployment, or could be easily defeated by malicious apps using a native library. In this paper, we propose AppCage, a system that thoroughly confines the run-time behavior of third-party Android apps without requiring framework modifications or root privilege. AppCage leverages two complimentary user-level sandboxes to interpose and regulate an app's access to sensitive APIs. Specifically, dex sandbox hooks into the app's Dalvik virtual machine instance and redirects each sensitive framework API to a proxy which strictly enforces the user-defined policies, and native sandbox leverages software fault isolation to prevent the app's native libraries from directly accessing the protected APIs or subverting the dex sandbox. We have implemented a prototype of AppCage. Our evaluation shows that AppCage can successfully detect and block attempts to leak private information by third-party apps, and the performance overhead caused by AppCage is negligible for apps without native libraries and minor for apps with them.

Yajin Zhou,Xinwen Zhang,Xuxian Jiang,Vincent W. Freeh

DOI: https://doi.org/10.1007/978-3-642-21599-5_7

2011-01-01

Abstract:Smartphones have been becoming ubiquitous and mobile users are increasingly relying on them to store and handle personal information. However, recent studies also reveal the disturbing fact that users' personal information is put at risk by (rogue) smartphone applications. Existing solutions exhibit limitations in their capabilities in taming these privacy-violating smartphone applications. In this paper, we argue for the need of a new privacy mode in smartphones. The privacy mode can empower users to flexibly control in a fine-grained manner what kinds of personal information will be accessible to an application. Also, the granted access can be dynamically adjusted at runtime in a fine-grained manner to better suit a user's needs in various scenarios (e.g., in a different time or location). We have developed a system called TISSA that implements such a privacy mode on Android. The evaluation with more than a dozen of information-leaking Android applications demonstrates its effectiveness and practicality. Furthermore, our evaluation shows that TISSA introduces negligible performance overhead.

Tien-Duy B. Le,Lingfeng Bao,David Lo,Debin Gao,Li

DOI: https://doi.org/10.1109/iceccs2018.2018.00014

2018-01-01

Abstract:Android is the most widely used mobile operating system with billions of users and devices. The popularity of Android apps have enticed malware writers to target them. Recently, Jamrozik et al. proposed an approach, named Boxmate, to mine sandboxes to protect Android users from malicious behaviors. In a nutshell, Boxmate analyzes the execution of an app, and collects a list of sensitive APIs that are invoked by that app in a monitoring phase. Then, it constructs a sandbox that can restrict accesses to sensitive APIs not called by the app. In such a way, malicious behaviors that are not observed in the monitoring phase - occurring, for example, due to malicious code injection during an attack - can be prevented. Nevertheless, Boxmate only focuses on a specific API type (i.e., sensitive APIs); it also ignores parameter values of many API methods and requested permissions during the execution of a target app. As a result, Boxmate is not able to detect malicious behaviors in many cases. In this work, we address the limitation of Jamrozik et al.'s work by considering input parameters of many different types of API methods for mining a more comprehensive sandbox. Given a benign app, we first extract a list of Android permissions that the app may request during its execution. Next, we leverage an automated test case generation tool, named Droidbot, to generate a rich set of GUI test cases for exploring behaviors of the app. During the execution of these test cases, we analyze the execution of four different types of API methods. Furthermore, we record input parameters to these API methods, and classify those into four different categories. We leverage the collected parameter values, and the list of requested permissions to create a sandbox that can protect users from malicious behaviors. Our experiments on 25 pairs of real benign and malicious apps show that our approach is more effective than the coarse-and fine-grained variants of Boxmate by 267.37% and 81.64% in terms of F-measure respectively.

René Mayrhofer,Jeffrey Vander Stoep,Chad Brubaker,Dianne Hackborn,Bram Bonné,Güliz Seray Tuncay,Roger Piqueras Jover,Michael A. Specter

DOI: https://doi.org/10.1145/3448609

2024-01-09

Abstract:Android is the most widely deployed end-user focused operating system. With its growing set of use cases encompassing communication, navigation, media consumption, entertainment, finance, health, and access to sensors, actuators, cameras, or microphones, its underlying security model needs to address a host of practical threats in a wide variety of scenarios while being useful to non-security experts. To support this flexibility, Android's security model must strike a difficult balance between security, privacy, and usability for end users; provide assurances for app developers; and maintain system performance under tight hardware constraints. This paper aims to both document the assumed threat model and discuss its implications, with a focus on the ecosystem context in which Android exists. We analyze how different security measures in past and current Android implementations work together to mitigate these threats, and, where there are special cases in applying the security model in practice; we discuss these deliberate deviations and examine their impact.

Cryptography and Security,Operating Systems

A. Shabtai,Y. Fledel,U. Kanonov,Y. Elovici,S. Dolev

DOI: https://doi.org/10.48550/arXiv.0912.5101

2009-12-27

Cryptography and Security

Abstract:Google's Android is a comprehensive software framework for mobile communication devices (i.e., smartphones, PDAs). The Android framework includes an operating system, middleware and a set of key applications. The incorporation of integrated access services to the Internet on such mobile devices, however, increases their exposure to damages inflicted by various types of malware. This paper provides a comprehensive security assessment of the Android framework and the security mechanisms incorporated into it. A methodological qualitative risk analysis that we conducted identifies the high-risk threats to the framework and any potential danger to information or to the system resulting from vulnerabilities that have been uncovered and exploited. Our review of current academic and commercial solutions in the area of smartphone security yields a list of applied and recommended defense mechanisms for hardening mobile devices in general and the Android in particular. Lastly, we present five major (high-risk) threats to the Android framework and propose security solutions to mitigate them. We conclude by proposing a set of security mechanisms that should be explored and introduced into Android-powered devices.

Chen Zhong

2005-01-01

Abstract:In this paper,a policy-based secure application framework for mobile devices is proposed.This framework uses XML to describe access control policy,integrates authentication,trusted channel and other security mechanisms to control the user’s secure access to the device’s resources and network services through devices.

Wei Wang,Tao Zhou,Weili Han

DOI: https://doi.org/10.3969/j.issn.1000-386x.2016.08.067

2016-01-01

Abstract:Sensitive data and perception capacities in Android devices face severe security threats.Current security mechanism cannot efficiently protect the sensitive data of users and perception capacity of devices,because it only provides a coarse-grained access control on application level.Therefore,this paper proposes an access control enhancement mechanism for sensitive data and capacities in Android, which is based on cryptography and fine-grained security policy drive.First,with the help of key management and fine-grained encryption policy,it leverages a high-strength symmetric encryption algorithm to encrypt the sensitive data and this solves the secure storage problem of sensitive data;Then,the mechanism leverages a fine-grained security policy-based access control mechanism to control the access privilege of perception capacities on layer of Android platform to reach the goal of perception data protection.Through prototype system and performance testing,the proposed access control enhancement mechanism for sensitive data and capacity of Android is able to operate on current Android platform with acceptable performance.

Zheran Fang,Weili Han,Yingjiu Li

DOI: https://doi.org/10.1016/j.cose.2014.02.007

IF: 5.105

2014-01-01

Computers & Security

Abstract:Android security has been a hot spot recently in both academic research and public concerns due to numerous instances of security attacks and privacy leakage on Android platform. Android security has been built upon a permission based mechanism which restricts accesses of third-party Android applications to critical resources on an Android device. Such permission based mechanism is widely criticized for its coarse-grained control of application permissions and difficult management of permissions by developers, marketers, and end-users. In this paper, we investigate the arising issues in Android security, including coarse granularity of permissions, incompetent permission administration, insufficient permission documentation, over-claim of permissions, permission escalation attack, and TOCTOU (Time of Check to Time of Use) attack. We illustrate the relationships among these issues, and investigate the existing countermeasures to address these issues. In particular, we provide a systematic review on the development of these countermeasures, and compare them according to their technical features. Finally, we propose several methods to further mitigate the risk in Android security.

Futai Zou,Siyu Zhang,Tianqi Wan,Li Pan

DOI: https://doi.org/10.1049/ic.2014.0155

2014-01-01

Abstract:Mobile devices have become high-value attacked targets since they contain numerous private or business information. Android, the most popular mobile computing platform, also known for its openness, is facing various threats from system vulnerabilities to malicious applications. After analyzing Android's security model and threat, we summarize the technic possibility for remote or physical attacks, privacy stealing, communication hijacking and malware C&C. According to these threatens, research progress in malware detection technologies and systems strengthening methods is also reviewed.

Rui Chang,Liehui Jiang,Wenzhi Chen,Hong-qi He,Shuiqiao Yang,Hang Jiang,Wei Liu,Yong Liu

DOI: https://doi.org/10.1002/cpe.4180

2018-01-01

Abstract:This paper discusses security issues on the user equipment, which is the last mile of social networks. One of the main Achilles' heel of social networks is not the organization of networks themselves, but the user devices, typically Android ones. The existing system of privileges makes it easy to infiltrate the network via applications installed on users' devices. Conventional signature-based and static analysis methods are vulnerable. Access to privacy- and security-relevant parts of the application programming interface is controlled by the corresponding permission in a manifest file. While requesting access to permissions, it may offer opportunities to malicious codes, which will cause security issues. Few works among permission analysis, however, pay attention to the prevention of permission leakage on both hardware and software frameworks. In this paper we tackle the challenge of providing our multilayered permission-based security extension scheme on Android platforms. We propose a usage and access control model and an effective method of preventing permission leakage based on ARM TrustZone security extension mechanism. In contrast to previous work, the proposed security architecture provides a permission-based mandatory access control on Android middleware, Linux kernel, and hardware layers. The evaluation results demonstrate the effectiveness of the proposed scheme in mitigating permission leakage vulnerabilities.

Xiaoyu Sun

DOI: https://doi.org/10.48550/arXiv.2302.07467

2023-02-15

Abstract:Never before has any OS been so popular as Android. Existing mobile phones are not simply devices for making phone calls and receiving SMS messages, but powerful communication and entertainment platforms for web surfing, social networking, etc. Even though the Android OS offers powerful communication and application execution capabilities, it is riddled with defects (e.g., security risks, and compatibility issues), new vulnerabilities come to light daily, and bugs cost the economy tens of billions of dollars annually. For example, malicious apps (e.g., back-doors, fraud apps, ransomware, spyware, etc.) are reported [Google, 2022] to exhibit malicious behaviours, including privacy stealing, unwanted programs installed, etc. To counteract these threats, many works have been proposed that rely on static analysis techniques to detect such issues. However, static techniques are not sufficient on their own to detect such defects precisely. This will likely yield false positive results as static analysis has to make some trade-offs when handling complicated cases (e.g., object-sensitive vs. object-insensitive). In addition, static analysis techniques will also likely suffer from soundness issues because some complicated features (e.g., reflection, obfuscation, and hardening) are difficult to be handled [Sun et al., 2021b, Samhi et al., 2022].

Cryptography and Security,Software Engineering

Yan Yu,Feng Jin,Jiashun Wu

DOI: https://doi.org/10.14177/j.cnki.32-1397n.2016.40.02.003

2016-01-01

Abstract:Aiming at the drawbacks of the Android permission model’s coarse-grained access control and the over-privileged deficiencies,an Android application fine-grained access control method based on the self-defined security policy is proposed. This method applies the security code redirection technology to control the Android application access to the sensitive system resources based on security policies defined and described by users,and remove the over-granted permissions. The ex-perimental results show that the method has good compatibility to different versions of the Android system,and it can limit application access to the sensitive system resources flexibly and effectively.

Michael Backes,Sven Bugiel,Sebastian Gerling,Philipp von Styp-Rekowsky

DOI: https://doi.org/10.48550/arXiv.1404.1395

2014-04-04

Cryptography and Security

Abstract:We introduce the Android Security Framework (ASF), a generic, extensible security framework for Android that enables the development and integration of a wide spectrum of security models in form of code-based security modules. The design of ASF reflects lessons learned from the literature on established security frameworks (such as Linux Security Modules or the BSD MAC Framework) and intertwines them with the particular requirements and challenges from the design of Android's software stack. ASF provides a novel security API that supports authors of Android security extensions in developing their modules. This overcomes the current unsatisfactory situation to provide security solutions as separate patches to the Android software stack or to embed them into Android's mainline codebase. As a result, ASF provides different practical benefits such as a higher degree of acceptance, adaptation, and maintenance of security solutions than previously possible on Android. We present a prototypical implementation of ASF and demonstrate its effectiveness and efficiency by modularizing different security models from related work, such as context-aware access control, inlined reference monitoring, and type enforcement.

Rui Chang,Liehui Jiang,Wenzhi Chen,Hongqi He,Shuiqiao Yang

DOI: https://doi.org/10.1109/cit.2016.14

2016-01-01

Abstract:As the number of smart devices continues to grow dramatically, programmes and data handled by such smart devices have become the primary targets of hackers and malwares. ARM-Android is the most widespread platform for smart devices. Access to privacy-and security-relevant parts of the API is controlled by the corresponding permission in a manifest. However, while requesting access to permissions, these applications may offer opportunities to malicious codes to gain access to other inaccessible resources which will cause a series of security issues. Recently, many researchers focus on the permission-based mechanism which restricts accesses of users and applications to critical resources on an ARM-Android device. Few works among permission analysis, however, pay attention to the prevention of permission leakage on both hardware and software frameworks. In this paper we tackle the challenge of providing our permission-based security architecture on ARM-Android platform. We propose an usage and access control model and an effective method of preventing permission leakage based on ARM TrustZone security extension. In contrast to previous work, the proposed security architecture provides a flexible mandatory access control on Android middleware, Linux kernel, and hardware layers. The evaluation results demonstrate the effectiveness in mitigating permission leakage vulnerabilities.

Wei Guo

DOI: https://doi.org/10.1145/3321408.3321418

2019-05-17

Abstract:Most mobile Internet application security issues are introduced in the development process. How to effectively prevent security problems and solve them as soon as possible in the development process of mobile application development is the key to the security of mobile Internet. This paper introduces the design and implementation of a management and control platform for secure mobile application development. For Android applications and iOS applications, security standards are provided for different application types in the form of security baselines, and the application security baseline standards are managed in the form of security knowledge base. The security baseline points are mapped to specific application security technical specifications and security verification technical points. It provides an effective solution for secure mobile application development.

Guan-Shi ZHENG,Zheng ZHANG,Wei-Hua ZHANG

DOI: https://doi.org/10.15888/j.cnki.csa.005354

2016-01-01

Abstract:The popularity of mobile system has attracted malware developers. To ensure the security of users’ privacy and property, there has been numerous solutions targeting current security issues of mobile system. In this paper, it introduces the prevalent mobile operating systems and the mobile application security analysis methodologies. In addition, it makes analysis and discussion. At last, it proposes the prospects of possible directions of mobile application analysis approaches and endswith a conclusion.

ZHANG Yi,SHI Yong,XUE Zhi

DOI: https://doi.org/10.3969/j.issn.1009-8054.2013.11.011

2013-01-01

Abstract:Permission-based security policy plays a very important role in Android system,and'specifies various access privileges for the application of Android.This paper analyzes the principle and defect of permission-based security policy,and then gives the cause of privilege escalation on Android.And based on this,it proposes a new dynamic protection model,thus to implement the supervision of IPC(InterProcess Communication)pulicy and prevent the privilege escalation on Android.Finally,the experiment on the Android platform indicates that the dynamic protection is feasible and effective.

Yang Luo,Qixun Zhang,Qingni Shen,Hongzhi Liu,Zhonghai Wu

DOI: https://doi.org/10.48550/arXiv.1712.02217

2017-12-06

Abstract:With the expansion of the market share occupied by the Android platform, security issues (especially application security) have become attention focus of researchers. In fact, the existing methods lack the capabilities to manage application permissions without root privilege. This study proposes a dynamic management mechanism of Android application permissions based on security policies. The paper first describes the permissions by security policies, then implementes permission checking code and request evaluation algorithm in Android framework layer. Experimental results indicate that the presented approach succeeds in permission management of Android applications, and its system overhead is low, which makes it an effective method for Android permission management.

Cryptography and Security

NIE Ju-Hu,ZHOU Xue-Hai,YU Yan-Wei,WU Zhi-Zhong

DOI: https://doi.org/10.3969/j.issn.1003-3254.2011.10.018

2011-01-01

Abstract:To protect the Android-powered smartphones,a security reinforcement technology based on mandatory access control is proposed.It is implemented as follows: first,a platform-independent mandatory access control framework is added to the Android kernel;then,security attributes are attached to system objects;finally,a set of fine-grained access rules are made to control applications' permissions.The effectiveness of the technology is proved through the test in an emulator environment.

Ruicong Huang

DOI: https://doi.org/10.48550/arXiv.2109.00805

2021-09-02

Cryptography and Security

Abstract:Due to the continuous improvement of performance and functions, Android remains the most popular operating system on mobile phone today. However, various malicious applications bring great threats to the system. Over the past few years, significant changes occured in both malwares and counter measures. Specifically, malwares are continuously evolving, and advanced approaches are adopted for more accurate detection. To keep up with the latest situation, in this paper, we conduct a wide range of analysis, including latest malwares, Android security features, and approaches. We also provide some finding when we are gathering information and carrying on experiments, which we think is useful for further researches and has not been mentioned in previous works.