Android security framework

Backes, Michael; Bugiel, Sven; Gerling, Sebastian; Styp-Rekowsky, Philipp von

doi:10.1145/2664243.2664265

Cited by 40 publications

(2 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The analysis of behaviors is automatic, which means that the behavior of the stimulated app by user interaction is not considered as in MADAM. Android Security Framework (ASF) [34] is a generic and extensible security framework for Android that provides security API to facilitate the inclusion of security extensions in Android. This approach is orthogonal to MADAM: the goal of MADAM is to detect malware, i.e.…”

Section: Related Workmentioning

confidence: 99%

MADAM: Effective and Efficient Behavior-based Android Malware Detection and Prevention

Saracino

Sgandurra

Dini

et al. 2018

IEEE Trans. Dependable and Secure Comput.

349

175

View full text Add to dashboard Cite

Android users are constantly threatened by an increasing number of malicious applications (apps), generically called malware. Malware constitutes a serious threat to user privacy, money, device and file integrity. In this paper we note that, by studying their actions, we can classify malware into a small number of behavioral classes, each of which performs a limited set of misbehaviors that characterize them. These misbehaviors can be defined by monitoring features belonging to different Android levels. In this paper we present MADAM, a novel host-based malware detection system for Android devices which simultaneously analyzes and correlates features at four levels: kernel, application, user and package, to detect and stop malicious behaviors. MADAM has been designed to take into account those behaviors characteristics of almost every real malware which can be found in the wild. MADAM detects and effectively blocks more than 96% of malicious apps, which come from three large datasets with about 2,800 apps, by exploiting the cooperation of two parallel classifiers and a behavioral signature-based detector. Extensive experiments, which also includes the analysis of a testbed of 9,804 genuine apps, have been conducted to show the low false alarm rate, the negligible performance overhead and limited battery consumption

show abstract

Section: Related Workmentioning

confidence: 99%

MADAM: Effective and Efficient Behavior-based Android Malware Detection and Prevention

Saracino

Sgandurra

Dini

et al. 2018

IEEE Trans. Dependable and Secure Comput.

349

175

View full text Add to dashboard Cite

show abstract

“…The researchers have proposed a wide spectrum of security models and extensions for permission mechanism. These extensions include context-related access control [7], developer-centric security policies [8], and dynamic, fine-grained permissions [9][10][11][12][13]. However, permission leak could happen when an application without certain permission illegally gain access to protected resources through other privileged applications [14].…”

Section: Introductionmentioning

confidence: 99%

An Effective Usage and Access Control Scheme for Preventing Permission Leak in a Trusted Execution Environment

Chang¹,

Jiang²,

Yin³

et al. 2016

Proceedings of the 6th International Conference on Communication and Network Security

View full text Add to dashboard Cite

In the universal Android system, each application runs in its own sandbox, and the permission mechanism is used to enforce access control to the system APIs and applications. However, permission leak could happen when an application without certain permission illegally gain access to protected resources through other privileged applications. In order to address permission leak in a trusted execution environment, this paper designs security architecture which contains sandbox module, middleware module, usage and access control module, and proposes an effective usage and access control scheme that can prevent permission leak in a trusted execution environment. Security architecture based on the scheme has been implemented on an ARM-Android platform, and the evaluation of the proposed scheme demonstrates its effectiveness in mitigating permission leak vulnerabilities. CCS Concepts• Security and privacy ➝ Systems security.

show abstract

Towards a multilayered permission‐based access control for extending Android security

Chang¹,

Jiang²,

Chen

et al. 2017

Concurrency and Computation

View full text Add to dashboard Cite

This paper discusses security issues on the user equipment, which is the "last mile" of social networks. One of the main Achilles' heel of social networks is not the organization of networks themselves, but the user devices, typically Android ones. The existing system of privileges makes it easy to infiltrate the network via applications installed on users' devices. Conventional signature-based and static analysis methods are vulnerable. Access to privacy-and security-relevant parts of the application programming interface is controlled by the corresponding permission in a manifest file. While requesting access to permissions, it may offer opportunities to malicious codes, which will cause security issues. Few works among permission analysis, however, pay attention to the prevention of permission leakage on both hardware and software frameworks. In this paper we tackle the challenge of providing our multilayered permission-based security extension scheme on Android platforms. We propose a usage and access control model and an effective method of preventing permission leakage based on ARM TrustZone security extension mechanism. In contrast to previous work, the proposed security architecture provides a permission-based mandatory access control on Android middleware, Linux kernel, and hardware layers. The evaluation results demonstrate the effectiveness of the proposed scheme in mitigating permission leakage vulnerabilities.

show abstract

Android security framework

Cited by 40 publications

References 30 publications

MADAM: Effective and Efficient Behavior-based Android Malware Detection and Prevention

MADAM: Effective and Efficient Behavior-based Android Malware Detection and Prevention

An Effective Usage and Access Control Scheme for Preventing Permission Leak in a Trusted Execution Environment

Towards a multilayered permission‐based access control for extending Android security

Contact Info

Product

Resources

About