TrustedBSD: Adding Trusted Operating System Features to FreeBSD
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Understanding Android Security
IEEE Security and Privacy
On lightweight mobile phone application certification
Proceedings of the 16th ACM conference on Computer and communications security
Semantically Rich Application-Centric Security in Android
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Static analysis of executables for collaborative malware detection on android
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Quire: lightweight provenance for smart phone operating systems
SEC'11 Proceedings of the 20th USENIX conference on Security
DroidBarrier: know what is executing on your android
Proceedings of the 4th ACM conference on Data and application security and privacy
Unified security enhancement framework for the Android operating system
The Journal of Supercomputing
Hi-index | 0.00 |
Recent malware often collects sensitive information from third-party applications with an illegally escalated privilege to the system level (the highest level) on the Android platform. An attack to obtain root-level privilege in an Android environment can pose a serious threat to users because it breaks down the whole security system. RGBDroid (Rooting Good-Bye on Droid) is an extension to the Android smartphone platform that effectively detects and responds to the attacks associated with escalation or abuse of privileges. Considering the Android security model, which dictates that users are not allowed to get root-level privilege and that root-level privilege should be restrictively used, RGBDroid can find out whether an application illegally acquires root-level privilege, and does not permit an illegal root-level process to access protected resources according to the principle of least privilege. RGBDroid protects the Android system against malicious applications even when malware obtains root-level privilege by exploiting vulnerabilities of the Android platform. This paper shows that i) a system can still be safely protected even after the system security is breached by privilege escalation attacks, and ii) our proposed response technique has comparative advantage over conventional prevention techniques in terms of operational overhead which can lead to significant deterioration of overall system performance. RGBDroid has been implemented on an embedded board and verified experimentally.