Real-time detection and prevention of android SMS permission abuses

Authors:
Weiliang Luo;Shouhuai Xu;Xuxian Jiang
Affiliations:
University of Texas at San Antonio, San Antonio, TX, USA;University of Texas at San Antonio, San Antonio, TX, USA;North Carolina State University, Raleigh, NC, USA
Venue:
Proceedings of the first international workshop on Security in embedded systems and smartphones
Year:
2013

Citing 12
Cited 1

On lightweight mobile phone application certification

Proceedings of the 16th ACM conference on Computer and communications security
Semantically Rich Application-Centric Security in Android

ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Apex: extending Android permission model and enforcement with user-defined runtime constraints

ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones

OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Taming information-stealing smartphone applications (on Android)

TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
Crowdroid: behavior-based malware detection system for Android

Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Android permissions demystified

Proceedings of the 18th ACM conference on Computer and communications security
RiskRanker: scalable and accurate zero-day android malware detection

Proceedings of the 10th international conference on Mobile systems, applications, and services
Dissecting Android Malware: Characterization and Evolution

SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Android permissions: user attention, comprehension, and behavior

Proceedings of the Eighth Symposium on Usable Privacy and Security
Aurasium: practical policy enforcement for Android applications

Security'12 Proceedings of the 21st USENIX conference on Security symposium
DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis

Security'12 Proceedings of the 21st USENIX conference on Security symposium

Transforming high-level requirements to executable policies for Android

Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication

Quantified Score

Hi-index	0.00

Visualization

Abstract

The Android permission system informs users about the privileges demanded by applications (apps), and in principle allows users to assess potential risks of apps. Unfortunately, recent studies showed that the installation-time permission verification procedure is often ignored, due to users' lack of attention or insufficient understanding of the privileges or the Android permission system. As a consequence, malicious apps are likely granted with security- and privacy-critical permissions, and launch various kinds of attacks without being noticed by the users. In this paper, we present the design, analysis, and implementation of DroidPAD, a novel solution that aims to leverage system-wide state information to detect and block in real-time possible abuses of Android permissions. Especially, with a focus on SMS-related permissions, we have implemented a proof-of-concept prototype. Our evaluation based on 48 representative benign and malicious apps shows that DroidPAD successfully detected SMS permissions-abusing activities with low false-positive rates, and zero false-negative rates.