A Light-Weight Software Environment for Confining Android Malware

2014 IEEE Eighth International Conference on Software Security and Reliability-Companion Pub Date : 2014-06-30 DOI:10.1109/SERE-C.2014.34

Xiaolei Li, Guangdong Bai, Benjamin Thian, Zhenkai Liang, Heng Yin

{"title":"A Light-Weight Software Environment for Confining Android Malware","authors":"Xiaolei Li, Guangdong Bai, Benjamin Thian, Zhenkai Liang, Heng Yin","doi":"10.1109/SERE-C.2014.34","DOIUrl":null,"url":null,"abstract":"Mobile devices are becoming increasingly general-purpose, and therefore the physical boundary used to separate important resources disappears. As a result, malicious applications (apps) get chances to abuse resources that are available on the mobile platform. In this paper, we propose resource virtualization as a security mechanism for the Android system to strengthen the physical barrier between many types of resources and confine resource-abusing Android apps. The physical resources on a mobile device are virtualized to a different virtual view for selected Android apps. Resource virtualization simulates a partial but consistent virtual view of the Android resources. Therefore, it can not only confine the resource-abusing apps effectively, but also ensure the usability of these apps. We implement a system prototype, RVL, and evaluate it with real-world apps of various types. Our results demonstrate its effectiveness on malicious Android apps and its compatibility and usability on benign Android apps.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERE-C.2014.34","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

Mobile devices are becoming increasingly general-purpose, and therefore the physical boundary used to separate important resources disappears. As a result, malicious applications (apps) get chances to abuse resources that are available on the mobile platform. In this paper, we propose resource virtualization as a security mechanism for the Android system to strengthen the physical barrier between many types of resources and confine resource-abusing Android apps. The physical resources on a mobile device are virtualized to a different virtual view for selected Android apps. Resource virtualization simulates a partial but consistent virtual view of the Android resources. Therefore, it can not only confine the resource-abusing apps effectively, but also ensure the usability of these apps. We implement a system prototype, RVL, and evaluate it with real-world apps of various types. Our results demonstrate its effectiveness on malicious Android apps and its compatibility and usability on benign Android apps.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

用于限制Android恶意软件的轻量级软件环境

移动设备正变得越来越通用，因此用于分离重要资源的物理边界消失了。因此，恶意应用程序(app)有机会滥用移动平台上可用的资源。本文提出将资源虚拟化作为Android系统的一种安全机制，加强多种资源之间的物理屏障，限制滥用资源的Android应用程序。移动设备上的物理资源被虚拟化到不同的虚拟视图中，用于选定的Android应用程序。资源虚拟化模拟了Android资源的部分但一致的虚拟视图。因此，它不仅可以有效地限制滥用资源的应用程序，而且可以保证这些应用程序的可用性。我们实现了一个系统原型，RVL，并用各种类型的实际应用程序对其进行评估。我们的结果证明了它对恶意Android应用程序的有效性，以及它对良性Android应用程序的兼容性和可用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2014 IEEE Eighth International Conference on Software Security and Reliability-Companion

自引率

0.00%

发文量