A Framework Design for Preventing Android from Apps Privilege-Escalation Attacks

doi:10.3969/j.issn.1671-1122.2015.09.021

Abstract

Abstract:

Android has been pointed in recent researches it is easy suffered from app’s privilege-escalation attacks. But most of the researches focus on confused deputy attacks, and they are lack of consideration about collusion attacks. In this paper, Android’s security framework is analyzed, and the defense methods for the collusion attacks are studied. Also, a new system level security framework for Android be designed and implemented, in order to taming the potential collusion attacks exploiting its vulnerabilities.

Key words: Android, privilege-escalation attack, collusion attack, confused deputy attack

CLC Number:

TP309

Xu-dong SHAO, Yang LIU. A Framework Design for Preventing Android from Apps Privilege-Escalation Attacks[J]. Netinfo Security, 2015, 15(9): 89-92.

Figures/Tables 6

References 14

[1]	Llamas R, Restivo K, Shirer M.Android Marks Fourth Anniversary Since Launch with 75.0% Market Share in Third Quarter [EB/OL].https://www.idc.com/getdoc.jsp?containerId=prUS23771812,2012.
[2]	Armando A, Merlo A, Verderame L,et al.An Empirical Evaluation of the Android Security Framework[C] //Proceedings of the 28th IFIP TC-11 International Information Security and Privacy Conference (SEC 2013). Auckland:2013,176-189.
[3]	新浪科技. Android被曝多处安全漏洞影响所有版本 [EB/OL]. .
[4]	罗喧,梁柏青,潘军彪,等. 智能手机应用安全关键技术探讨[J]. 电信科学,2013,(5):19-27.
[5]	杨柳. Android驱动开发权威指南[M]. 北京:机械工业出版社,2014.
[6]	黄可臻,李宇翔,林柏钢. 基于Android的隐私数据安全保护系统[J]. 信息网络安全,2014,(9):54-57.
[7]	Hornyack P, Han S, Jung J,et al.These aren’t the Droids you’re looking for: Retrofitting Android to protect data from imperious applications[C] //Proceedings of the 18th ACM Conference on Computer and communications Security (CCS). Chicago, USA:2011.
[8]	Ongtang M, McLaughlin M, Enck W,et al. Semantically rich application-centric security in Android[J]. Security and Communication Networks,2012,5(6):658-673.
[9]	Enck I, Gilbert P, Chun B,et al.TaintDroid:An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones[C]//Proceeding of 9th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2010. Vancouver, BC, Canada:2010, 1-6.
[10]	刘洋, 邵旭东, 潘程达,胡正梁. 立体安全防御系统TDSD-Droid的实现[J]. 计算机科学,2013,(11A):228-234.
[11]	刘智伟,孙其博. 基于权限管理的Android应用行为检测[J]. 信息网络安全,2014,(6):72-77.
[12]	张金鑫,杨晓辉. 基于权限分析的Android应用程序检测系统[J]. 信息网络安全,2014,(7):30-34.
[13]	Sally. SELinux学习笔记[EB/OL]. .
[14]	郑志蓉. 可信计算平台可信计算基构建研究[J]. 信息安全与通信保密,2012,(9):116-117.

[1]	Liuyang HOU, Senlin LUO, Limin PAN, Ji ZHANG. Multi-feature Android Malware Detection Method [J]. Netinfo Security, 2020, 20(1): 67-74.
[2]	Xin SONG, Kai ZHAO, Linlin ZHANG, Wenbo FANG. Research on Android Malware Detection Based on Random Forest [J]. Netinfo Security, 2019, 19(9): 1-5.
[3]	Liping DING, Xuehua LIU, Guangxuan CHEN, Yin LI. Overview of Digital Forensics Technologies of RAM in Android Devices [J]. Netinfo Security, 2019, 19(2): 10-17.
[4]	Zhongyuan QIN, Junrui ZHANG, Qunfang ZHANG, Zhiyong SONG. Android Terminals Control Technology Based on Inject and Hook [J]. Netinfo Security, 2018, 18(9): 66-73.
[5]	Xinlong SONG, Dong ZHENG, Zhonghuang YANG. Mobile Device Management System Based on AOSP and SELinux [J]. Netinfo Security, 2017, 17(9): 103-106.
[6]	Debing LU, Haoliang CUI, Wen ZHANG, Shaozhang NIU. Application Security Reinforcement Scheme Based on Intent Filter [J]. Netinfo Security, 2017, 17(11): 67-73.
[7]	Jiajia LIU, Yan YU, Hengwei HU, Jiashun WU. Research on a Protection Mechanism Based on Virtual Machine Customization [J]. Netinfo Security, 2017, 17(1): 63-67.
[8]	Qing LEI, Lihua JING, Deming ZHAO, Jilong ZHENG. Research on the Technology of Gun Detection System for Android APP Videos Based on Deep Learning [J]. Netinfo Security, 2016, 16(9): 149-153.
[9]	Weiping WEN, Yang TANG, Li SHEN. An APP Sensitive Behaviors Detection Method Based on Android Kernel and Its Implementation [J]. Netinfo Security, 2016, 16(8): 18-23.
[10]	Lifang YU, Tianchang YANG, Shaozhang NIU. An Enhanced Security Access Control Scheme for Inter-component Communication in Android [J]. Netinfo Security, 2016, 16(8): 54-60.
[11]	Lewei QU, Senlin LUO, Zhipeng SUN, Shuai ZHU. Research on the Method of Data Integrity Detecting on Android System [J]. Netinfo Security, 2016, 16(8): 61-67.
[12]	Jiawang ZHANG, Yanwei LI. Research and Design on Malware Detection System Based on N-gram Algorithm [J]. Netinfo Security, 2016, 16(8): 74-80.
[13]	Jingya YANG, Senlin LUO, Shuai ZHU, Lewei QU. Research on Method of Android System Malware Behavior Monitoring Based on Multi-level and Cross-view Analysis [J]. Netinfo Security, 2016, 16(7): 40-46.
[14]	Yameng LI, Jingsha HE. Research on Different Versions of YAFFS2 File Recovery Algorithm Based on Hash [J]. Netinfo Security, 2016, 16(5): 51-57.
[15]	Weiping WEN, Han ZHANG, Xianglei CAO. Design and Implementation of the Scheme of Obfuscation Based on the Recombination of the Android Executable File [J]. Netinfo Security, 2016, 16(5): 71-77.