Abstract
This paper proposes MpDroid, an API-level multi-policy access control enforcement based on the ‘Rule Set Based Access Control’ (RSBAC) framework. In the MpDroid, we monitor and manage resources, services and Android inter-component communication (ICC) based on multiple policies mechanism, so as to restrict the applications access to the sensitive APIs and prevent privilege escalation attacks. When installing an application, we build the mapping relationships between sensitive APIs and the application capability. Each rule in the user-defined and context policies is regarded as a limitation of the application capability. Moreover, system policy is used for matching the illegal ICC communications. Experimental results showed that we can realize the API-level access control for Android middleware, and prevent the illegal ICC communication on the Android 4.1.4.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Nauman, M., Khan, S., Zhang, X.: Apex: extending Android permission model and enforcement with user-defined runtime constraints. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2010 (2010)
Mueller, K., Butler, K.: Flex-P: flexible Android permissions. In: IEEE Symposium on Security and Privacy, Poster Session (2011)
Conti, M., Nguyen, V.T.N., Crispo, B.: CRePE: context-related policy enforcement for Android. In: Tsudik, G., Magliveras, S., Ilić, I., Burmester, M. (eds.) ISC 2010. LNCS, vol. 6531, pp. 331–345. Springer, Heidelberg (2011)
Ongtang, M., McLaughlin, S., Enck, W., McDaniel, P.: Semantically rich application-centric security in Android. In: IEEE Computer Society, ACSAC 2009 (2009)
Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.: XManDroid: a new Android evolution to mitigate privilege escalation attacks. Technische Universität Darmstadt; 2011a [Technical Report; Technical Report TR-2011-04]
Ott, A., Fischer-Hübner, S.: The ‘rule set based access control’(RSBAC) framework for linux. In: Proceedings of the 8th International Linux Kongress (2001)
VirusTotal Malware Intelligence Services. https://secure.vtmis.com/vtmis/
Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: S&P. IEEE Computer Society (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Tian, D., Li, X., Hu, J., Xu, G., Feng, Z. (2015). POSTER: API-Level Multi-policy Access Control Enforcement for Android Middleware. In: Thuraisingham, B., Wang, X., Yegneswaran, V. (eds) Security and Privacy in Communication Networks. SecureComm 2015. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 164. Springer, Cham. https://doi.org/10.1007/978-3-319-28865-9_30
Download citation
DOI: https://doi.org/10.1007/978-3-319-28865-9_30
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-28864-2
Online ISBN: 978-3-319-28865-9
eBook Packages: Computer ScienceComputer Science (R0)