Boxify: Full-fledged App Sandboxing for Stock Android

Backes, Michael and Bugiel, Sven and Hammer, Christian and Schranz, Oliver and Styp-Rekowsky, Philipp von
(2015) Boxify: Full-fledged App Sandboxing for Stock Android.
In: Proceedings of the 24th USENIX Security Symposium (USENIX '15).
Conference: USENIX-Security Usenix Security Symposium

[img]
Preview
 Text
sec15-paper-backes.pdf - Published Version
Download (746kB) | Preview

Abstract

We present the first concept for full-fledged app sandboxing on stock Android. Our approach is based on application virtualization and process-based privilege separation to securely encapsulate untrusted apps in an isolated environment. In contrast to all related work on stock Android, we eliminate the necessity to modify the code of monitored apps, and thereby overcome existing legal concerns and deployment problems that rewriting-based approaches have been facing. We realize our concept as a regular Android app called Boxify that can be deployed without firmware modifications or root privileges. A systematic evaluation of Boxify demonstrates its capability to enforce established security policies without incurring a significant runtime performance overhead.

Item Type: Conference or Workshop Item (A Paper) (Paper)
Additional Information: pub_id: 784 Bibtex: 190928 URL date: 2015-08-18
Uncontrolled Keywords: mobile applications
Divisions: Michael Backes (InfSec)
Conference: USENIX-Security Usenix Security Symposium
Depositing User: Sebastian Weisgerber
Date Deposited: 26 Jul 2017 10:28
Last Modified: 18 Jul 2019 12:11
Primary Research Area: NRA4: Secure Mobile and Autonomous Systems
URI: https://publications.cispa.saarland/id/eprint/191

Actions

Actions (login required)

View Item View Item
CISPA is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.