An Android Security Policy Enforcement Tool

• Autorzy: Cotterell K. , Welch I. , Chen A.

Identyfikatory

DOI

10.1515/eletel-2015-0040

• Języki publikacji: EN

Abstrakty

EN

The Android operating system (OS) has become the dominant smart phone OS in recent years due to its accessibility, usability and its open-source philosophy. Consequently, this has also made it a popular target for attackers who aim to install malware on Android devices and take advantage of Android’s coarsegrained, non-revoking permission system. This project designs, implements and evaluates a security tool named COMBdroid, which addresses these security concerns in Android by enforcing fine-grained, user-defined policies. COMBdroid modifies an application before installation, allowing it to override points of security vulnerabilities at run-time. As a proof of concept we have implemented three policies in COMBdroid. This paper documents the development process of COMBdroid, deriving design decisions from the literature review, detailing the design and implementation, and proving the program’s effectiveness through evaluation.

Słowa kluczowe

EN

mobile computing; Java; Android; security

• Wydawca: Polish Academy of Sciences, Committee of Electronics and Telecommunication
• Czasopismo: International Journal of Electronics and Telecommunications
• Rocznik: 2015
• Tom: Vol. 61, No. 4
• Strony: 311--320
• Opis fizyczny: Bibliogr. 25 poz.

Twórcy

autor

Cotterell K.

autor

Welch I.

• School of Engineering and Computer Science, Victoria Univeristy of Wellington, New Zealand

autor

Chen A.

• School of Engineering and Computer Science, Victoria Univeristy of Wellington, New Zealand

Bibliografia

• [1] I. C. USA, Apple cedes market share in smartphone operating system market as android surges and windows phone gains, according to idc, http://www.idc.com/getdoc.jsp?containerId=prUS24257413. [Online]. Available: http://www.idc.com/getdoc.jsp?containerId=prUS24257413
• [2] Google, Android developers, http://developer.android.com/index.html. [Online]. Available: http://developer.android.com/index.html
• [3] A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner, Android permissions demystified, in Proceedings of the 18th ACM conference on Computer and communications security, ser. CCS 11. New York, NY, USA: ACM, 2011, pp. 627638. [Online]. Available: http://doi.acm.org/10.1145/2046707. 2046779
• [4] L. Davi, A. Dmitrienko, A. -R. Sadeghi, and M. Winandy, Privilege escalation attacks on android, in Proceedings of the 13th international conference on Information security, ser. ISC10. Berlin, Heidelberg: Springer-Verlag, 2011, pp. 346360. [Online]. Available: http://dl.acm.org/citation.cfm?id=1949317. 1949356
• [5] W. Enck, M. Ongtang, and P. Mcdaniel, Mitigating android software misuse before it happens, Tech. Rep., 2008.
• [6] Google, Dalvik technical information, Android open source project, http://source.android.com/tech/dalvik/. [Online]. Available: http://source.android.com/tech/dalvik/
• [7] B. Alll and C. Tumbleson, A tool for reverse-engineering android apk files, apktool, https://code.google.com/p/android-apktool/. [Online]. Available: https://code.google.com/p/android-apktool/
• [8] Y. Zhou and X. Jiang, Dissecting android malware: Characterization and evolution, in 2012 IEEE Symposium on Security and Privacy (SP). IEEE, 2012, pp. 95109.
• [9] O. Hou, A look at google bouncer j malware blog j trend micro, http://blog. trendmicro. com/trendlabs-security-intelligence/alookat-google-bouncer/. [Online]. Available: http://blog.Trendmicro.com/trendlabs-security-intelligence/a-look-at-google-bouncer/
• [10] M. Ongtang, S. McLaughlin, W. Enck, and P. McDaniel, Semantically rich application-centric security in android, in Proceedings of the 2009 Annual Computer Security Applications Conference, ser. ACSAC 09. Washington, DC, USA: IEEE Computer Society, 2009, pp. 340349. [Online]. Available: http://dx.doi.org/10.1109/ACSAC.2009.39
• [11] H. Lockheimer, Android and security - official google mobile blog, http://googlemobile. blogspot. co. nz/2012/02/androidandsecurity. html. [Online]. Available: http://googlemobile.blogspot.co. nz/ 2012/02/android-andsecurity.html
• [12] W. Enck, M. Ongtang, and P. McDaniel, On lightweight mobile phone application certification, in Proceedings of the 16th ACM conference on Computer and communications security, ser. CCS 09. New York, NY, USA: ACM, 2009, pp. 235245. [Online]. Available: http://doi.acm.org/10.1145/1653662. 1653691
• [13] M. Grace, Y. Zhou, Q. Zhang, S. Zou, and X. Jiang, Riskranker: scalable and accurate zero-day android malware detection, in Proceedings of the 10th international conference on Mobile systems, applications, and services, ser. MobiSys 12. New York, NY, USA: ACM, 2012, pp. 281294. [Online]. Available: http://doi.acm.org/10.1145/2307636. 2307663
• [14] M. Conti, V. T. N. Nguyen, and B. Crispo, Crepe: contextrelated policy enforcement for android, in Proceedings of the 13th international conference on Information security, ser. ISC10. Berlin, Heidelberg: Springer-Verlag, 2011, pp. 331345. [Online]. Available: http://dl.acm.org/citation.cfm?id=1949317. 1949355
• [15] W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth, Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones, in Proceedings of the 9th USENIX conference on Operating systems design and implementation, ser. OSDI10. Berkeley, CA, USA: USENIX Association, 2010, pp. 16. [Online]. Available: http://dl.acm.org/citation.cfm?id=1924943. 1924971
• [16] P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall, These arent the droids youre looking for: retrofitting android to protect data from imperious applications, in Proceedings of the 18th ACM conference on Computer and communications security, ser. CCS 11. New York, NY, USA: ACM, 2011, pp. 639652. [Online]. Available: http://doi.acm.org/10.1145/2046707. 2046780
• [17] M. Dietz, S. Shekhar, Y. Pisetsky, A. Shu, and D. S. Wallach, Quire: lightweight provenance for smart phone operating systems, in Proceedings of the 20th USENIX conference on Security, ser. SEC11. Berkeley, CA, USA: USENIX Association, 2011, pp. 2323. [Online]. Available: http://dl.acm.org/citation.cfm?id=2028067. 2028090
• [18] R. Xu, H. Saidi, and R. Anderson, Aurasium: practical policy enforcement for android applications, in Proceedings of the 21st USENIX conference on Security symposium, ser. Security12. Berkeley, CA, USA: USENIX Association, 2012, pp. 2727. [Online]. Available: http://dl.acm.org/citation.cfm?id=2362793. 2362820
• [19] H. Pieterse and M. Olivier, Android botnets on the rise: Trends and characteristics, in Information Security for South Africa (ISSA), 2012, 2012, pp. 15.
• [20] T. Wyatt, Security alert: Geinimi, sophisticated new android trojan found in wild j the official lookout blog, https://blog. Lookout. com/blog/2010/12/29/geinimi trojan/. [Online]. Available: https://blog.lookout.com/blog/2010/12/29/geinimitrojan/
• [21] E. Erturk, A case study in open source software security and privacy: Android adware, in Internet Security (WorldCIS), 2012 World Congress on, 2012, pp. 189191.
• [22] M. Nauman, S. Khan, and X. Zhang, Apex: extending android permission model and enforcement with user-defined runtime constraints, in Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ser. ASIACCS 10. New York, NY, USA: ACM, 2010, pp. 328332. [Online]. Available: http://doi.acm.org/10.1145/1755688. 1755732
• [23] J. Bickford, R. OHare, A. Baliga, V. Ganapathy, and L. Iftode, Rootkits on smart phones: attacks, implications and opportunities, in Proceedings of the Eleventh Workshop on Mobile Computing Systems #38; Applications, ser. HotMobile 10. New York, NY, USA: ACM, 2010, pp. 4954. [Online]. Available: http://doi.acm.org/10.1145/1734583. 1734596
• [24] S. S. of Trustwave, Focus stealing vulnerability in android, https://www.trustwave.com/spiderlabs/. [Online]. Available: https://www.trustwave.com/spiderlabs/
• [25] C. A. Castillo, Android malware past, present, and future, McAfee, [online], 2010.