Skip to main content

AppGuard – Fine-Grained Policy Enforcement for Untrusted Android Applications

  • Conference paper
  • First Online:
Data Privacy Management and Autonomous Spontaneous Security (DPM 2013, SETOP 2013)

Abstract

Android’s success makes it a prominent target for malicious software. However, the user has very limited control over security-relevant operations. This work presents AppGuard, a powerful and flexible security system that overcomes these deficiencies. It enforces user-defined security policies on untrusted Android applications without requiring any changes to a smartphone’s firmware, root access, or the like. Fine-grained and stateful security policies are expressed in a formal specification language, which also supports secrecy requirements. Our system offers complete mediation of security-relevant methods based on callee-site inline reference monitoring and supports widespread deployment. In the experimental analysis we demonstrate the removal of permissions for overly curious apps as well as how to defend against several recent real-world attacks on Android phones. Our technique exhibits very little space and runtime overhead. The utility of AppGuard has already been demonstrated by more than 1,000,000 downloads.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    In case no application class exists, we register our class as the application class.

  2. 2.

    By providing policy recommendations based on a crowdsourcing approach, even laymen users can enforce complex policies (e.g. to fix OS vulnerabilities).

References

  1. Android.com: Security and permissions. http://developer.android.com/guide/topics/security/security.html (2012)

  2. Backes, M., Gerling, S., Hammer, C., Maffei, M., von Styp-Rekowsky, P.: AppGuard - Fine-Grained Policy Enforcement for Untrusted Android Applications. Technical Report A/02/2013, Saarland University (April 2013)

    Google Scholar 

  3. Backes, M., Gerling, S., Hammer, C., Maffei, M., von Styp-Rekowsky, P.: AppGuard - enforcing user requirements on Android apps. In: Piterman, N., Smolka, S. (eds.) TACAS 2013. LNCS, vol. 7795, pp. 543–548. Springer, Heidelberg (2013)

    Google Scholar 

  4. Backes, M., Gerling, S., von Styp-Rekowsky, P.: A Local Cross-Site Scripting Attack Against Android Phones. http://www.infsec.cs.uni-saarland.de/projects/android-vuln/android_xss.pdf (2011)

  5. Backes SRT: SRT AppGuard : mobile Android security solution. http://www.srt-appguard.com/en/

  6. Barrera, D., Kayacık, H.G., van Oorschot, P.C., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to android. In: Proceedings of the 17th ACM Conference on Computer and Communication Security (CCS 2010), pp. 73–84 (2010)

    Google Scholar 

  7. Bauer, L., Ligatti, J., Walker, D.: A Language and System for Composing Security Policies. Technical Report TR-699-04, Princeton University (January 2004)

    Google Scholar 

  8. Bauer, L., Ligatti, J., Walker, D.: Composing security policies with polymer. In: Proceedings of the ACM SIGPLAN 2005 Conference on Programming Language Design and Implementation (PLDI 2005), pp. 305–314 (2005)

    Google Scholar 

  9. Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.R., Shastry, B.: Towards taming privilege-escalation attacks on android. In: Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS 2012) (2012)

    Google Scholar 

  10. Chaudhuri, A., Fuchs, A., Foster, J.: SCanDroid: Automated Security Certification of Android Applications. Technical Report CS-TR-4991, University of Maryland. http://www.cs.umd.edu/avik/papers/scandroidascaa.pdf (2009)

  11. Chen, F., Roşu, G.: Java-MOP: a monitoring oriented programming environment for Java. In: Halbwachs, N., Zuck, L.D. (eds.) TACAS 2005. LNCS, vol. 3440, pp. 546–550. Springer, Heidelberg (2005)

    Google Scholar 

  12. Chip: SRT AppGuard. http://www.chip.de/downloads/SRT-AppGuard-Android-App_56552141.html

  13. Conti, M., Nguyen, V.T.N., Crispo, B.: CRePE: context-related policy enforcement for Android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 331–345. Springer, Heidelberg (2011)

    Google Scholar 

  14. Dam, M., Jacobs, B., Lundblad, A.: Security monitor inlining and certification for multithreaded Java. In: Mathematical Structures in Computer Science. Cambridge University Press, New York (2011)

    Google Scholar 

  15. Davis, B., Sanders, B., Khodaverdian, A., Chen, H.: I-ARM-Droid: A rewriting framework for in-app reference monitors for Android applications. In: Mobile Security Technologies 2012 (MoST 12) (2012)

    Google Scholar 

  16. Desmet, L., Joosen, W., Massacci, F., Naliuka, K., Philippaerts, P., Piessens, F., Vanoverberghe, D.: The S3MS.NET run time monitor. Electron. Notes Theor. Comput. Sci. 253(5), 153–159 (2009)

    Article  Google Scholar 

  17. von Eitzen, C.: Apple: future iOS release will require user permission for apps to access address book. http://h-online.com/-1435404 (February 2012)

  18. Enck, W., Gilbert, P., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th Usenix Symposium on Operating Systems Design and Implementation (OSDI 2010), pp. 393–407 (2010)

    Google Scholar 

  19. Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A study of Android application security. In: Proceedings of the 20th Usenix Security Symposium (2011)

    Google Scholar 

  20. Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: Proceedings of the 16th ACM Conference on Computer and Communication Security (CCS 2009), pp. 235–245 (2009)

    Google Scholar 

  21. Erlingsson, Ú., Schneider, F.B.: IRM enforcement of Java stack inspection. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy (Oakland 2002), pp. 246–255 (2000)

    Google Scholar 

  22. Erlingsson, U., Schneider, F.B.: SASI enforcement of security policies: a retrospective. In: Proceedings of the 1999 Workshop on New Security Paradigms (NSPW 1999), pp. 87–95 (2000)

    Google Scholar 

  23. Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communication Security (CCS 2011) (2011)

    Google Scholar 

  24. Felt, A.P., Greenwood, K., Wagner, D.: The effectiveness of application permissions. In: Proceedings of the 2nd Usenix Conference on Web Application Development (WebApps 2011) (2011)

    Google Scholar 

  25. Fragkaki, E., Bauer, L., Jia, L., Swasey, D.: Modeling and enhancing Android’s permission system. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 1–18. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  26. Gibler, C., Crussel, J., Erickson, J., Chen, H.: AndroidLeaks: Detecting Privacy Leaks in Android Applications. Technical Report CSE-2011-10, University of California, Davis (2011)

    Google Scholar 

  27. Gilbert, P., Chun, B.G., Cox, L.P., Jung, J.: Vision: automated security validation of mobile apps at app markets. In: Proceedings of the 2nd International Workshop on Mobile Cloud Computing and Services (MCS 2011) (2011)

    Google Scholar 

  28. Google Play. https://play.google.com/store (2012)

  29. Grace, M., Zhou, Y., Wang, Z., Jiang, X.: Systematic detection of capability leaks in stock Android smartphones. In: Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS 2012) (2012)

    Google Scholar 

  30. Gruver, B.: Smali: a assembler/disassembler for Android’s dex format. http://code.google.com/p/smali/

  31. Hamlen, K.W., Jones, M.: Aspect-oriented in-lined reference monitors. In: Proceedings of the 3rd ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS 2008), pp. 11–20 (2008)

    Google Scholar 

  32. Hamlen, K.W., Jones, M.M., Sridhar, M.: Chekov: Aspect-Oriented Runtime Monitor Certification via Model-Checking. Technical Report UTDCS-16-11, University of Texas at Dallas (May 2011)

    Google Scholar 

  33. Hamlen, K.W., Morrisett, G., Schneider, F.B.: Certified in-lined reference monitoring on.NET. In: Proceedings of the 1st ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS 2006), pp. 7–16 (2006)

    Google Scholar 

  34. Heise: SRT AppGuard. http://www.heise.de/download/srt-appguard-pro-1187469.html

  35. Jeon, J., Micinski, K.K., Vaughan, J.A., Reddy, N., Zhu, Y., Foster, J.S., Millstein, T.: Dr. Android and Mr. Hide: Fine-Grained Security Policies on Unmodified Android. Technical Report CS-TR-5006, University of Maryland (December 2011)

    Google Scholar 

  36. Könings, B., Nickels, J., Schaub, F.: Catching AuthTokens in the Wild - The Insecurity of Google’s ClientLogin Protocol. Technical Report, Ulm University. http://www.uni-ulm.de/in/mi/mi-mitarbeiter/koenings/catching-authtokens.html (2011)

  37. Ligatti, J., Bauer, L., Walker, D.: Edit automata: enforcement mechanisms for run-time security policies. Int. J. Inf. Secur. 4(1–2), 2–16 (2005)

    Article  Google Scholar 

  38. Nauman, M., Khan, S., Zhang, X.: Apex: extending Android permission model and enforcement with user-defined runtime constraints. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communication Security (ASIACCS 2010), pp. 328–332 (2010)

    Google Scholar 

  39. Ongtang, M., Butler, K.R.B., McDaniel, P.D.: Porscha: policy oriented secure content handling in Android. In: Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC 2010), pp. 221–230 (2010)

    Google Scholar 

  40. Ongtang, M., McLaughlin, S.E., Enck, W., McDaniel, P.: Semantically rich application-centric security in Android. In: Proceedings of the 25th Annual Computer Security Applications Conference (ACSAC 2009), pp. 340–349 (2009)

    Google Scholar 

  41. Portokalidis, G., Homburg, P., Anagnostakis, K., Bos, H.: Paranoid Andoird: versatile protection for smartphones. In: Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC 2010), pp. 347–356 (2010)

    Google Scholar 

  42. Sarno, D.: Twitter stores full iPhone contact list for 18 months, after scan. http://articles.latimes.com/2012/feb/14/business/la-fi-tn-twitter-contacts-20120214 (February 2012)

  43. Schneider, F.B.: Enforceable security policies. ACM Trans. Inf. Syst. Secur. 3(1), 30–50 (2000)

    Article  Google Scholar 

  44. von Styp-Rekowsky, P., Gerling, S., Backes, M., Hammer, C.: Idea: callee-site rewriting of sealed system libraries. In: Jürjens, J., Livshits, B., Scandariato, R. (eds.) ESSoS 2013. LNCS, vol. 7781, pp. 33–41. Springer, Heidelberg (2013)

    Google Scholar 

  45. Xu, R., Saïdi, H., Anderson, R.: Aurasium - practical policy enforcement for Android applications. In: Proceedings of the 21st Usenix Security Symposium (2012)

    Google Scholar 

  46. Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, you, get off of my market: detecting malicious apps in official and alternative Android markets. In: Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS 2012) (February 2012)

    Google Scholar 

Download references

Acknowledgement

We thank the anonymous reviewers for their comments. This work was supported by the German Ministry for Education and Research (BMBF) through funding for the Center for IT-Security, Privacy and Accountability (CISPA) and both the initiative for excellence and the Emmy Noether program of the German federal government. Further, we would like to thank Bastian Könings for pointing us to interesting Android apps.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Philipp von Styp-Rekowsky .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Backes, M., Gerling, S., Hammer, C., Maffei, M., von Styp-Rekowsky, P. (2014). AppGuard – Fine-Grained Policy Enforcement for Untrusted Android Applications. In: Garcia-Alfaro, J., Lioudakis, G., Cuppens-Boulahia, N., Foley, S., Fitzgerald, W. (eds) Data Privacy Management and Autonomous Spontaneous Security. DPM SETOP 2013 2013. Lecture Notes in Computer Science(), vol 8247. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-54568-9_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-54568-9_14

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-54567-2

  • Online ISBN: 978-3-642-54568-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics