A Novel Android Security Framework to Prevent Privilege Escalation Attacks

Автор: Ahamed K. H. Hussain, Mohsen Kakavand, Mira Silval, Lingges Arulsamy

Журнал: International Journal of Computer Network and Information Security @ijcnis

Статья в выпуске: 1 vol.12, 2020 года.

Бесплатный доступ

Android is the most popular operating system in the world, with numerous applications having been developed for the platform since its inception, however, it has its fair share of security issues. Despite security precautions taken by developers and the system itself when it comes to permission delegation for applications, privilege escalation attacks are still possible up till Android API level 25. Unfortunately, many existing detection and prevention solutions fall short of the standard necessary or are taxing in resources not found on most Android devices. Proof is shown that a custom created malicious application can elevate its privileges, beyond the permissions it was given, in the existing Android system. In this paper, a modification to the existing Android framework is proposed, one that can detect inter-component communication messages between malicious apps attempting to elevate their privileges and benign applications. Part of this framework is the ability for the user to decide if permissions should be elevated, allowing them some measure of control. The results of the experimental evaluation demonstrate that the solution proposed is effective in preventing privilege escalation attacks on Android API level 24.

Еще

Android Security, Privilege Escalation, Permission Escalation

Короткий адрес: https://sciup.org/15017012

IDR: 15017012   |   DOI: 10.5815/ijcnis.2020.01.03

Список литературы A Novel Android Security Framework to Prevent Privilege Escalation Attacks

  • Z. Fang, W. Han, and Y. Li, “Permission based Android security: Issues and countermeasures,” Computers and Security, vol. 43. Elsevier Ltd, pp. 205–218, 2014.
  • R. H. Niazi, J. A. Shamsi, T. Waseem, and M. M. Khan, “Signature-based detection of privilege-escalation attacks on Android,” in Proceedings - 2015 Conference on Information Assurance and Cyber Security, CIACS 2015, 2016, pp. 44–49.
  • Y. Park, C. Lee, J. Kim, S.-J. Cho, and J. Choi, “An Android Security Extension to Protect Personal Information against Illegal Accesses and Privilege Escalation Attacks,” J. Internet Serv. Inf. Secur., vol. 2, pp. 29–42, 2012.
  • H. T. Lee, D. Kim, M. Park, and S. J. Cho, “Protecting data on android platform against privilege escalation attack,” Int. J. Comput. Math., vol. 93, no. 2, pp. 401–414, Feb. 2016.
  • B. Kong, Y. Li, and L.-P. Ma, “PtmxGuard: An Improved Method for Android Kernel to Prevent Privilege Escalation Attack,” ITM Web Conf., vol. 12, p. 05010, Sep. 2017.
  • X. Zhong, F. Zeng, Z. Cheng, N. Xie, X. Qin, and S. Guo, “Privilege Escalation Detecting in Android Applications,” in Proceedings - 2017 3rd International Conference on Big Data Computing and Communications, BigCom 2017, 2017, pp. 39–44.
  • H. Bagheri, A. Sadeghi, J. Garcia, and S. Malek, “COVERT: Compositional Analysis of Android Inter-App Permission Leakage,” IEEE Trans. Softw. Eng., vol. 41, no. 9, pp. 866–886, 2015.
  • Y. Xu, G. Wang, J. Ren, and Y. Zhang, “An adaptive and configurable protection framework against android privilege escalation threats,” Futur. Gener. Comput. Syst., vol. 92, pp. 210–224, Mar. 2018.
  • S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, and A. Sadeghi, “Xmandroid: A new android evolution to mitigate privilege escalation attacks,” Tech. Univ. Darmstadt, Tech. Rep. TR-2011-04, pp. 1–18, 2011.
  • T. Markmann, D. Gessner, and D. Westhoff, “QuantDroid: Quantitative approach towards mitigating privilege escalation on Android,” in IEEE International Conference on Communications, 2013, pp. 2144–2149.
  • W. Enck et al., “Taint droid: An information flow tracking system for real-time privacy monitoring on smartphones,” Commun. ACM, vol. 57, no. 3, pp. 99–106, Mar. 2014.
  • T. Dai, X. Li, B. Hassanshahi, R. H. C. Yap, and Z. Liang, “ROPPDROID: Robust permission re-delegation prevention in Android inter-component communication,” Comput. Secur., vol. 68, pp. 98–111, 2017.
  • Z. Meng, Y. Xiong, W. Huang, L. Qin, X. Jin, and H. Yan, “AppScalpel: Combining static analysis and outlier detection to identify and prune undesirable usage of sensitive data in Android applications,” Neurocomputing, vol. 341, pp. 10–25, 2019.
  • L. Li et al., “IccTA: Detecting inter-component privacy leaks in android apps,” Proc. - Int. Conf. Softw. Eng., vol. 1, pp. 280–291, 2015.
  • S. Arzt et al., “FLOWDROID: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps,” ACM SIGPLAN Not., vol. 49, no. 6, pp. 259–269, 2014.
Еще
Статья научная