Lingfeng Bao,David Lo,Xin Xia,Shanping Li

DOI: https://doi.org/10.1109/sate.2016.13

2016-01-01

Abstract:As Android is one of the most popular open source mobile platforms, ensuring security and privacy of Android applications is very important. Android provides a permission mechanism which requires developers to declare sensitive resources their applications need, and users need to agree with this request when they install (for Android API level 22 or lower) or run (for Android API level 23) these applications. Although Android provides very good official documents to explain how to properly use permissions, unfortunately misuses even for the most popular permissions have been reported. Recently, Karim et al. propose an association rule mining based approach to better infer permissions that an API needs. In this work, to improve the effectiveness of the prior work, we propose an approach which is based on collaborative filtering technique, one of popular techniques used to build recommendation systems. Our approach is designed based on the intuition that apps that have similar features - inferred from the APIs that they use - usually share similar permissions. We evaluate the proposed approaches on 936 Android apps from F-Droid, which is a repository of free and open source Android applications. The experimental results show that our proposed approaches achieve significant improvement in terms of the precision, recall, F1-score and MAP of the top-k results over Karim et al.'s approach.

Lingfeng Bao,David Lo,Xin Xia,Shanping Li

DOI: https://doi.org/10.1007/s11432-016-9072-3

2017-01-01

Abstract:The number of Android applications has increased rapidly as Android is becoming the dominant platform in the smartphone market. Security and privacy are key factors for an Android application to be successful. Android provides a permission mechanism to ensure security and privacy. This permission mechanism requires that developers declare the sensitive resources required by their applications. On installation or during runtime, users are required to agree with the permission request. However, in practice, there are numerous popular permission misuses, despite Android introducing official documents stating how to use these permissions properly. Some data mining techniques (e.g., association rule mining) have been proposed to help better recommend permissions required by an API. In this paper, based on popular techniques used to build recommendation systems, we propose two novel approaches to improve the effectiveness of the prior work. The first approach utilizes a collaborative filtering technique, which is inspired by the intuition that apps that have similar features — inferred from their APIs — usually share similar permissions. The second approach recommends permissions based on a text mining technique that uses a naive Bayes multinomial classification algorithm to build a prediction model by analyzing descriptions of apps. To evaluate these two approaches, we use 936 Android apps from F-Droid, which is a repository of free and open source Android applications. We find that our proposed approaches yield a significant improvement in terms of precision, recall, F1-score, and MAP of the top-k results over the baseline approach.

Rui Chang,Liehui Jiang,Wenzhi Chen,Hong-qi He,Shuiqiao Yang,Hang Jiang,Wei Liu,Yong Liu

DOI: https://doi.org/10.1002/cpe.4180

2018-01-01

Abstract:This paper discusses security issues on the user equipment, which is the last mile of social networks. One of the main Achilles' heel of social networks is not the organization of networks themselves, but the user devices, typically Android ones. The existing system of privileges makes it easy to infiltrate the network via applications installed on users' devices. Conventional signature-based and static analysis methods are vulnerable. Access to privacy- and security-relevant parts of the application programming interface is controlled by the corresponding permission in a manifest file. While requesting access to permissions, it may offer opportunities to malicious codes, which will cause security issues. Few works among permission analysis, however, pay attention to the prevention of permission leakage on both hardware and software frameworks. In this paper we tackle the challenge of providing our multilayered permission-based security extension scheme on Android platforms. We propose a usage and access control model and an effective method of preventing permission leakage based on ARM TrustZone security extension mechanism. In contrast to previous work, the proposed security architecture provides a permission-based mandatory access control on Android middleware, Linux kernel, and hardware layers. The evaluation results demonstrate the effectiveness of the proposed scheme in mitigating permission leakage vulnerabilities.

Mike Grace,Yajin Zhou,Zhi Wang,Xuxian Jiang

2011-01-01

Abstract:Recent years have witnessed increased popularity and adoption of smartphones partially due to the functionalities and convenience offered to their users (e.g., the ability to run third-party applications). To manage the amount of access given to smartphone applications, Android provides a permission-based security model, which requires each application to explicitly request permissions before it can be installed to run. In this paper, we systematically analyze eight flagship Android smartphones from leading manufacturers, including HTC, Motorola, and Samsung and found out that the stock phone images do not properly enforce the permission model. Several privileged permissions that protect the access to sensitive user data and dangerous features on the phones are unsafely exposed to other applications which do not need to request them for the actual use, a security violation termed capability leak in this paper. To facilitate identifying these capability leaks, we take a static analysis approach and have accordingly developed a system called Woodpecker. Our results with eight phone images show that among 13 privileged permissions examined so far, 11 were leaked, with individual phones leaking up to eight permissions. By exploiting these leaked capabilities, an untrusted application can manage to wipe out the user data, send out SMS messages (e.g., to premium numbers), record user conversation, or obtain user geo-locations on the affected phones – all without the need of asking for any permission.

Michael C. Grace,Yajin Zhou,Zhi Wang,Xuxian Jiang

2012-01-01

Abstract:Recent years have witnessed a meteoric increase in the adoption of smartphones. To manage information and features on such phones, Android provides a permission-based security model that requires each application to explicitly request permissions before it can be installed to run. In this paper, we analyze eight popular Android smartphones and discover that the stock phone images do not properly enforce the permission model. Several privileged permissions are unsafely exposed to other applications which do not need to request them for the actual use. To identify these leaked permissions or capabilities, we have developed a tool called Woodpecker. Our results with eight phone images show that among 13 privileged permissions examined so far, 11 were leaked, with individual phones leaking up to eight permissions. By exploiting them, an untrusted application can manage to wipe out the user data, send out SMS messages, or record user conversation on the affected phones – all without asking for any permission.

Hao Wu,Zheng Qin,Xuejin Tian,Edward Sun,Fengyuan Xu,Sheng Zhong

DOI: https://doi.org/10.1109/dsc47296.2019.8937600

2019-01-01

Abstract:Android, which accounts for 76.08% of the market(1), is the most popular and widely used mobile system today. Users install various applications from different sources and for different functionalities to get all sorts of services. Since smartphones carry a large amount of private user information, their security has been widely concerned in recent years. Android uses permissions to restrict the behaviors of applications and protect system resources and user privacy, such as location, password, and contact list carried on mobile devices. The research community has previously explored a variety of methods to enhance the permission system with the help of the system context and application program. However, such methods cannot address the permission violation issues raised by resources sharing, e.g., screen sharing and clipboard sharing, which are designed for more convenient human-computer interactions. In this work, we perform several proof-of-concept attacks on resources sharing to illustrate the deficiencies in the permission control system. We believe that the cause of these issues is that the permission control system does not fully understand the user's intentions. Then, we propose a non-intrusive user-action based permission control system, which can achieve more precise permission control by mining the user's intentions when operating the device.

Zheran Fang,Weili Han,Yingjiu Li

DOI: https://doi.org/10.1016/j.cose.2014.02.007

IF: 5.105

2014-01-01

Computers & Security

Abstract:Android security has been a hot spot recently in both academic research and public concerns due to numerous instances of security attacks and privacy leakage on Android platform. Android security has been built upon a permission based mechanism which restricts accesses of third-party Android applications to critical resources on an Android device. Such permission based mechanism is widely criticized for its coarse-grained control of application permissions and difficult management of permissions by developers, marketers, and end-users. In this paper, we investigate the arising issues in Android security, including coarse granularity of permissions, incompetent permission administration, insufficient permission documentation, over-claim of permissions, permission escalation attack, and TOCTOU (Time of Check to Time of Use) attack. We illustrate the relationships among these issues, and investigate the existing countermeasures to address these issues. In particular, we provide a systematic review on the development of these countermeasures, and compare them according to their technical features. Finally, we propose several methods to further mitigate the risk in Android security.

Rui Chang,Liehui Jiang,Wenzhi Chen,Hongqi He,Shuiqiao Yang

DOI: https://doi.org/10.1109/cit.2016.14

2016-01-01

Abstract:As the number of smart devices continues to grow dramatically, programmes and data handled by such smart devices have become the primary targets of hackers and malwares. ARM-Android is the most widespread platform for smart devices. Access to privacy-and security-relevant parts of the API is controlled by the corresponding permission in a manifest. However, while requesting access to permissions, these applications may offer opportunities to malicious codes to gain access to other inaccessible resources which will cause a series of security issues. Recently, many researchers focus on the permission-based mechanism which restricts accesses of users and applications to critical resources on an ARM-Android device. Few works among permission analysis, however, pay attention to the prevention of permission leakage on both hardware and software frameworks. In this paper we tackle the challenge of providing our permission-based security architecture on ARM-Android platform. We propose an usage and access control model and an effective method of preventing permission leakage based on ARM TrustZone security extension. In contrast to previous work, the proposed security architecture provides a flexible mandatory access control on Android middleware, Linux kernel, and hardware layers. The evaluation results demonstrate the effectiveness in mitigating permission leakage vulnerabilities.

Zhenjiang,Shen Dong,Hui *,Jianhuai Ye,Victoria C. Yan,Kan Wu,Shaoyin,Wood-Hi Cheng,Zhun Fan,Jiang Jiang

2013-01-01

Abstract:Android has a strict permission management mechanism. Any applications that try to run on the Android system need to obtain permission. In this paper, we propose an efficient method of detecting malicious applications in the Android system. First, hundreds of permissions are classified into different groups. The application programming interfaces (APIs) associated with permissions that can interact with the outside environment are called sink functions. The APIs associated with other permissions are called taint functions. e construct association tables for block variables and function variables of each application. Malicious applications can then be detected by using the static taint-propagation method to analyze these tables.

Jiawei Zhu,Zhi Guan,Yang,Liangwen Yu,Huiping Sun,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-34129-8_20

2012-01-01

Abstract:Android has become one of the most popular mobile operating system because of numerous applications it provides. Android Market is the official application store which allows users to search and install applications to their Android devices. However, with the increasingly number of applications, malware is also beginning to turn up in app stores. To mitigate the security problem brought by malware, we put forward a novel permission-based abnormal application detection framework which identifies potentially dangerous apps by the reliability of their permission lists. To judge the reliability of app's permissions, we make use of the relation between app's description text and its permission list. In detail, we use Naive Bayes with Multinomial Event Model algorithm to build the relation between the description and the permission list of an application. We evaluate this framework with 5,685 applications in Android Market and find it effective in identifying abnormal application in Android Market.

Yuan Zhang,Min Yang,Guofei Gu,Hao Chen

DOI: https://doi.org/10.1109/TIFS.2016.2581304

IF: 7.231

2016-01-01

IEEE Transactions on Information Forensics and Security

Abstract:To protect sensitive resources from unauthorized use, modern mobile systems, such as Android and iOS, design a permission-based access control model. However, current model could not enforce fine-grained control over the dynamic permission use contexts, causing two severe security problems. First, any code package in an application could use the granted permissions, inducing attackers to embed mal...

Yajin Zhou,Xinwen Zhang,Xuxian Jiang,Vincent W. Freeh

DOI: https://doi.org/10.1007/978-3-642-21599-5_7

2011-01-01

Abstract:Smartphones have been becoming ubiquitous and mobile users are increasingly relying on them to store and handle personal information. However, recent studies also reveal the disturbing fact that users' personal information is put at risk by (rogue) smartphone applications. Existing solutions exhibit limitations in their capabilities in taming these privacy-violating smartphone applications. In this paper, we argue for the need of a new privacy mode in smartphones. The privacy mode can empower users to flexibly control in a fine-grained manner what kinds of personal information will be accessible to an application. Also, the granted access can be dynamically adjusted at runtime in a fine-grained manner to better suit a user's needs in various scenarios (e.g., in a different time or location). We have developed a system called TISSA that implements such a privacy mode on Android. The evaluation with more than a dozen of information-leaking Android applications demonstrates its effectiveness and practicality. Furthermore, our evaluation shows that TISSA introduces negligible performance overhead.

Chalise Birendra

DOI: https://doi.org/10.48550/arXiv.1607.04256

2016-07-15

Abstract:The recent evolution on the smart phone technology has made its application market huge and less secure. Every single day large number of apps introduced in the android market (mostly on google play store) without any particular inspections which creates a lot of security issues and they remain unresolved. There are a lot of recent and increasing security issues which are mostly caused by the android apps. Mainly, the access of user data through the apps relied on the users given permission to <a class="link-external link-http" href="http://apps.So" rel="external noopener nofollow">this http URL</a>, it is always a big question that how different apps on the android smart phones bypass the android permission model to have root access and how user data compromised or stolen by its apps. It is not startling that the Google Play Store has massive number of malicious apps that may gain users attention to fall victim for one, but some time it might be even worse than we thought. In this paper, we will look at the security issues (i.e. rooting phone, malware bypassing and secondary storage) and how easy to get access to users phone by using its app. Furthermore, I will discuss the android update mechanism and its functionalities as well as vulnerability to possible third party bypassing and root access. Moreover, a key feature and source of the all possible access route to android applications I will discuss an android permission model. Finally, I will first time present concept of the feature based development model implementing a feature based permission selections as a solution to android application system and describe the purposed Feature based permission model in detail how it is the solution for current security issues caused by intentional (evil coded) or unintentional (poorly coded) coding using android permission models.

Cryptography and Security

Yang Luo,Qixun Zhang,Qingni Shen,Hongzhi Liu,Zhonghai Wu

DOI: https://doi.org/10.48550/arXiv.1712.02217

2017-12-06

Abstract:With the expansion of the market share occupied by the Android platform, security issues (especially application security) have become attention focus of researchers. In fact, the existing methods lack the capabilities to manage application permissions without root privilege. This study proposes a dynamic management mechanism of Android application permissions based on security policies. The paper first describes the permissions by security policies, then implementes permission checking code and request evaluation algorithm in Android framework layer. Experimental results indicate that the presented approach succeeds in permission management of Android applications, and its system overhead is low, which makes it an effective method for Android permission management.

Cryptography and Security

tao jin,weidong liu,jiaxing song

DOI: https://doi.org/10.1007/978-3-642-55038-6_33

2014-01-01

Abstract:Google Android allows developers to easily distribute their applications by the various software marketplaces and end users to readily install them. However, without strict inspection and audit, some serious security concerns are inevitable such as the abuse of permissions. The existing security mechanism in Android cannot differentiate between the actually useful permissions and the unused permissions. In this paper, we present a reinforced Android framework model which is capable of purifying permissions automatically according to actual operations at runtime and supporting users to selectively customize the actual useful permissions of applications by imposing fine-grained constraints on the usage of resources. Experimental results show the automatic process can slim third-party applications efficiently.

Rui Li,Wenrui Diao,Zhou Li,Shishuai Yang,Shuang Li,Shanqing Guo,Rui Li,Wenrui Diao,Zhou Li,Shishuai Yang,Shuang Li,Shanqing Guo

DOI: https://doi.org/10.1109/tse.2021.3119980

IF: 7.4

2021-01-01

IEEE Transactions on Software Engineering

Abstract:Permission is the fundamental security mechanism for protecting user data and privacy on Android. Given its importance, security researchers have studied the design and usage of permissions from various aspects. However, most of the previous research focused on the security issues of system permissions. Overlooked by many researchers, an app can use custom permissions to share its resources and capabilities with other apps. However, the security implications of using custom permissions have not been fully understood. In this paper, we systematically evaluate the design and implementation of Android custom permissions. Notably, we built an automatic fuzzing tool, called CuPerFuzzer+, to detect custom permission related vulnerabilities existing in the Android OS. CuPerFuzzer+ treats the operations of the permission mechanism as a black-box and executes massive targeted test cases to trigger privilege escalation. In the experiments, CuPerFuzzer+ discovered 5,932 effective cases with 47 critical paths successfully. Through investigating these vulnerable cases and analyzing the source code of Android OS, we further identified a series of severe design shortcomings lying in the Android permission framework, including dangling custom permission, inconsistent permission-group mapping, custom permission elevating, inconsistent permission definition, dormant permission group, and inconsistent permission type. Exploiting these shortcomings, a malicious app can access unauthorized platform resources. On top of these observations, we propose three general design guidelines to secure custom permissions. Our findings have been acknowledged by the Android security team and assigned CVE-2020-0418, CVE-2021-0306, CVE-2021-030-, and CVE-2021-0317.

engineering, electrical & electronic,computer science, software engineering

Gulshan Shrivastava,Prabhat Kumar,Deepak Gupta,Joel J. P. C. Rodrigues

DOI: https://doi.org/10.1002/ett.3773

IF: 3.6

2019-10-24

Transactions on Emerging Telecommunications Technologies

Abstract:<p>Android is an application platform for mobile devices. It comprises of the operating system, software framework, and core programs. This platform uses permissions to hide precious information about the user from untrusted apps. However, to install an application, device feature uses permissions that are granted by the user. User has the ability to analyze permissions and abort the setup if the permissions are unfriendly or unrestrained. Android permission analysis schemes show a significant role to fight against these undesirable behaviors of untrusted android apps in the aspect of security and privacy. This survey attempts to deal with the android application permissions that are related security and privacy challenges. It includes various research articles published in computers and security, digital investigation, decision support systems, systems and software security, and information forensics journals in the last 10 years. The survey is based on the following considerations: research issues motivated by the scheme, the methodology used, ability of result analysis conducted, and android features considered for performance evaluation.</p>

telecommunications

Amer Chamseddine,George Candea

DOI: https://doi.org/10.48550/arXiv.1906.10873

2019-06-27

Abstract:Smartphones hold important private information, yet users routinely expose this information to questionable applications written by developers they know nothing about. Users may be tempted to think of smartphones as old-style dumb phones, not as powerful network-connected computers, and this opens a gap between the permissions-based security paradigm (offered by platforms like Android) and what users expect. This makes it easy to fool users into installing applications that steal their information. Not surprisingly, Android is now a more favored target for hackers than Windows. We propose an approach for closing this gap, based on the observation that the current permissions system--rooted in good ol' UNIX-style thinking--is both too coarse and too fine grained, because it uses the wrong axes for defining the permissions space. We argue for replacing the paradigm in which "an app accesses device resources" (which is foreign to most non-geeks) with a paradigm in which "an app accesses user-tangible services." By using a simple piece of middleware, we can wrap this view of application control around today's permission system, and, by doing so, no conceptual refactoring of applications is required.

Cryptography and Security

Yuan Zhang,Min Yang,Guofei Gu,Hao Chen

DOI: https://doi.org/10.1007/978-3-319-28865-9_1

2015-01-01

Abstract:To protect sensitive resources from unauthorized use, modern mobile systems, such as Android and iOS, design a permission-based access control model. However, current model could not enforce fine-grained control over the dynamic permission use contexts, causing two severe security problems. First, any code package in an application could use the granted permissions, inducing attackers to embed malicious payloads into benign apps. Second, the permissions granted to a benign application may be utilized by an attacker through vulnerable application interactions. Although ad hoc solutions have been proposed, none could systematically solve these two issues within a unified framework.

Anna Barzolevskaia,Enrico Branca,Natalia Stakhanova

DOI: https://doi.org/10.1109/tse.2024.3362921

IF: 7.4

2024-01-01

IEEE Transactions on Software Engineering

Abstract:Within the Android mobile operating system, Android permissions act as a system of safeguards designed to restrict access to potentially sensitive data and privileged components. Multiple research studies indicate flaws and limitations of the Android permission system, prompting Google to implement a more regulated and fine-grained permission model. This newly-introduced complexity creates confusion for developers leading to incorrect permissions and a significant risk to users security and privacy. We present a systematic study of theoretical and practical misuse of permissions. For this analysis we derive the unified permissions and call mappings that represent theoretical requirements of permissions and calls. We develop PChecker, an approach that identifies the discrepancies between the official Android permissions documentation and permission implementation in the Android platform source code based on these mappings. We evaluate four versions of the Android Open Source Project code (major versions 10–13) and shed light on the prevalence of discrepancies between the official Android guidelines for permissions and their implementation in the Android platform source code. We further show that these discrepancies result in miscompliance in third-party Android apps.

engineering, electrical & electronic,computer science, software engineering