Abstract
In these days there are many malicious applications that collect sensitive information owned by third-party applications by escalating their privileges to the higher level on the Android operating system. An attack of obtaining the root-level privilege in the Android operating system can be a serious threat to users because it can break down the whole system security. This paper proposes a new Android security framework that can meet the following three goals: (1) preventing privilege escalation attacks, (2) maintaining system integrity, and (3) protecting users’ personal information. To achieve these goals, our proposed framework introduces three mechanisms: Root Privilege Protection (RPP), Resource Misuse Protection (RMP), and Private Data Protection (PDP). RPP keeps track of a list of trusted programs with root-level privileges and can detect and respond to malware that illegally tries to acquire root-level privileges by exploiting system-level vulnerabilities. RMP keeps track of a list of critical system resources and can protect system resources from illegal manipulation by malicious applications. PDP keeps personal information safe by enforcing strict access controls so that even privileged applications cannot access users’ private data if the applications violate the least privilege rule. The framework is verified using experiments on the Android operating system, which shows that our framework achieved the goals with processing overheads of 25.33 % on average.
Similar content being viewed by others
References
Nauman M, Khan S, Zhang X (2010) Apex: extending Android permission model and enforcement with user defined runtime constraints. In: Proceedings of the 5th ACM symposium on information, computer and communications security, pp 328–332
Bugiel S, Davi L, Dmitrienko A, Fischer T, Sadeghi A-R (2011) XManDroid: a new Android evolution to mitigate privilege escalation attacks. Technical report TR-2011-04, System Security Lab Technische Universitat Darmstadt, Germany, June
Bugiel S, Davi L, Dmitrienko A, Fischer T, Sadeghi A-R, Shastry B (2012) Towards taming privilege-escalation attacks on Android. In: The 19th annual network & distributed system security symposium (NDSS), Feb 2012
Husted N, Saidi H, Gehani A (2011) Smartphone security limitations: conflicting traditions. In: Proc of the 2011 workshop on governance of technology, information, and policies (GTIP’11), Dec 2011, pp 5–12
Park Y, Lee CH, Lee C, Lim J, Han S, Park M, Cho S (2012) RGBDroid: a novel response-based approach to Android privilege escalation attacks. In: The 5th USENIX workshop on large-scale exploits and emergent threats (LEET’12), Apr 2012
Zhou Y, Jiang X (2012) Dissecting Android malware: characterization and evolution. In: Proc of the 33rd IEEE symposium on security and privacy, May 2012, pp 95–109
Jiang X (2011) Security alert: new sophisticated Android malware DroidKungFu found in alternative Chinese app markets. NC State University, June. http://www.csc.ncsu.edu/faculty/jiang/DroidKungFu.html
Bradley T (2011) DroidDream becomes Android market nightmare. PC World, Mar. http://www.pcworld.com/businesscenter/article/221247/droiddream_becomes_android_market_nightmare.html
CVE-2009-1185. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185
Jiang X (2011) GingerMaster: first Android malware utilizing a root exploit on Android 2.3 (gingerbread). NC State University, Aug. http://www.cs.ncsu.edu/faculty/jjang/GingerMaster/
Enck W, Ongtang M, McDaniel P (2009) On lightweight mobile phone application certification. In: The 16th ACM conference on computer and communications security (CCS’09), Nov 2009
Ongtang M, McLaughlin S, Enck W, McDaniel P (2009) Semantically rich application-centric security in Android. In: Proceedings of the 25th annual computer security applications conference (ACSAC’09), Dec 2009
Enck W, Gilbert P, Byung-gon C, Cox LP, Jung J, McDaniel P, Sheth AN (2010) TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones. In: Proceedings of the 9th USENIX symposium on operating systems design and implementation (OSDI’10), pp 393–408
Android Open Source Project, Android security overview. http://source.android.com/tech/security/index.html
Dietz M, Shekhar S, Pisetsky Y, Shu A, Wallach DS (2011) Quire: lightweight provenance for smartphone operating systems. In: The 20th USENIX security symposium
Park Y, Lee C, Kim J, Cho S, Choi J (2012) An Android security extension to protect personal information against illegal accesses and privilege escalation attacks. J Internet Serv Inf Secur 2(3/4):29–42
Linux Intrusion Detection System (LIDS). http://www.lids.org
Metula E (2009) .Net framework rootkits: backdoors inside your framework. Technical report, Black Hat, Apr
Le L (2010) Payload already inside: data reuse for ROP exploits. Whitepaper, Black Hat, USA
Nakamura Y, Sameshima Y (2008) SELinux for consumer electronics devices. In: Proceedings of Linux symposium, pp 125–133
Fiorin L, Ferrante A, Padarnitsas K, Regazzoni F (2012) Security enhanced Linux on embedded systems: a hardware-accelerated implementation. In: Design automation conference (ASP-DAC), Jan–Feb 2012, pp 29–34
Acknowledgements
This research was supported by the Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education, Science and Technology (NRF-2010-0024495), and by Ministry of Culture, Sports and Tourism (MCST) and from Korea Copyright Commission in 2013.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Lee, C., Kim, J., Cho, Sj. et al. Unified security enhancement framework for the Android operating system. J Supercomput 67, 738–756 (2014). https://doi.org/10.1007/s11227-013-0991-y
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-013-0991-y