(2013) AppGuard – Fine-grained Policy Enforcement for Untrusted Android Applications.
|
Text
android_irm.pdf - Published Version Download (1MB) | Preview |
Abstract
Android’s success makes it a prominent target for malicious software. However, the user has very limited control over security-relevant operations. This work presents AppGuard, a powerful and flexible security system that overcomes these deficiencies. It enforces user-defined security policies on untrusted Android applications without requiring any changes to a smartphone’s firmware, root access, or the like. Fine-grained and stateful security policies are expressed in a formal specification language, which also supports secrecy requirements. Our system offers complete mediation of security-relevant methods based on calleesite inline reference monitoring and supports widespread deployment. In the experimental analysis we demonstrate the removal of permissions for overly curious apps as well as how to defend against several recent real-world attacks on Android phones. Our technique exhibits very little space and runtime overhead. The utility of AppGuard has already been demonstrated by more than 1,000,000 downloads.
| Item Type: | Conference or Workshop Item (A Paper) (Paper) |
|---|---|
| Additional Information: | pub_id: 111 Bibtex: backes13DPM URL date: None |
| Divisions: | Cyber Security Lab (CSL) Michael Backes (InfSec) |
| Depositing User: | Sebastian Weisgerber |
| Date Deposited: | 26 Jul 2017 10:28 |
| Last Modified: | 18 Jul 2019 12:11 |
| Primary Research Area: | NRA4: Secure Mobile and Autonomous Systems |
| URI: | https://publications.cispa.saarland/id/eprint/135 |
Actions
Actions (login required)
 |
View Item |