Janus: an Approach for Confinement of Untrusted Applications
Janus: an Approach for Confinement of Untrusted Applications
Improving host security with system call policies
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Understanding Android Security
IEEE Security and Privacy
On lightweight mobile phone application certification
Proceedings of the 16th ACM conference on Computer and communications security
Apex: extending Android permission model and enforcement with user-defined runtime constraints
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Google Android: A Comprehensive Security Assessment
IEEE Security and Privacy
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
CRePE: context-related policy enforcement for android
ISC'10 Proceedings of the 13th international conference on Information security
Privilege escalation attacks on android
ISC'10 Proceedings of the 13th international conference on Information security
Analyzing inter-application communication in Android
MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications, and services
Taming information-stealing smartphone applications (on Android)
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
A study of android application security
SEC'11 Proceedings of the 20th USENIX conference on Security
Quire: lightweight provenance for smart phone operating systems
SEC'11 Proceedings of the 20th USENIX conference on Security
Cells: a virtual mobile smartphone architecture
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
A survey of mobile malware in the wild
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
L4Android: a generic operating system framework for secure smartphones
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Practical and lightweight domain isolation on Android
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Android permissions demystified
Proceedings of the 18th ACM conference on Computer and communications security
Proceedings of the 18th ACM conference on Computer and communications security
Detecting repackaged smartphone applications in third-party android marketplaces
Proceedings of the second ACM conference on Data and Application Security and Privacy
MockDroid: trading privacy for application functionality on smartphones
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
MOSES: supporting operation modes on smartphones
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
RiskRanker: scalable and accurate zero-day android malware detection
Proceedings of the 10th international conference on Mobile systems, applications, and services
Dissecting Android Malware: Characterization and Evolution
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Aurasium: practical policy enforcement for Android applications
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Dr. Android and Mr. Hide: fine-grained permissions in android applications
Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
Using probabilistic generative models for ranking risks of Android apps
Proceedings of the 2012 ACM conference on Computer and communications security
DroidChameleon: evaluating Android anti-malware against transformation attacks
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Hi-index | 0.00 |
Malware poses a serious threat to Android smartphones. Current security mechanisms offer poor protection and are often too inflexible to quickly mitigate new exploits. In this paper we present FireDroid, a policy-based framework for enforcing security policies by interleaving process system calls. The main advantage of FireDroid is that it is completely transparent to the applications as well as to the Android OS. FireDroid enforces security policies without modifying either the Android OS or its applications. FireDroid is able to perform security checks on third-party and pre-installed applications, as well as malicious native code. We have implemented a novel mechanism that is able to attach, identify, monitor and enforce polices for any process spawned by the Android's mother process Zygote. We have tested the effectiveness of FireDroid against real malware. Moreover, we show how FireDroid can be used as a swift solution for blocking OS and application vulnerabilities before patches are available. Finally, we provide an experimental evaluation of our approach showing that it has only a limited overhead. Given these facts, FireDroid represents a practical solution for strengthening security on Android smartphones.