Understanding Android Security
IEEE Security and Privacy
Professional Android Application Development
Professional Android Application Development
Language-based security on Android
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
On lightweight mobile phone application certification
Proceedings of the 16th ACM conference on Computer and communications security
Semantically Rich Application-Centric Security in Android
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Hi-index | 0.00 |
Today, smart phone's malwares are deceptive enough to spoof itself as a legal mobile application. The front-end service of Trojans is attractive enough to deceive mobile users. Mobile users download similar malwares without knowing their illegitimate background threat. Unlike other vendors, Android is an open-source mobile operating system, and hence, it lacks a dedicated team to analyze the application code and decide its trustworthiness. We propose an augmented framework for Android that monitors the dynamic behavior of application during its execution. Our proposed architecture called Security Enhanced Android Framework (seaf) validates the behavior of an application through its permissions exercising patterns. Based on the exercised permissions' combination, the mobile user is intimated about the dangerous behavior of an application. We have implemented the proposed framework within Android software stack and ported it to device. Our initial investigation shows that our solution is practical enough to be used in the consumer market.