Self-Protection of Android Systems from Inter-component Communication Attacks

Mahmoud M. Hammad, Joshua Garcia, S. Malek
{"title":"Self-Protection of Android Systems from Inter-component Communication Attacks","authors":"Mahmoud M. Hammad, Joshua Garcia, S. Malek","doi":"10.1145/3238147.3238207","DOIUrl":null,"url":null,"abstract":"The current security mechanisms for Android apps, both static and dynamic analysis approaches, are insufficient for detection and prevention of the increasingly dynamic and sophisticated security attacks. Static analysis approaches suffer from false positives whereas dynamic analysis approaches suffer from false negatives. Moreover, they all lack the ability to efficiently analyze systems with incremental changes–such as adding/removing apps, granting/revoking permissions, and dynamic components' communications. Each time the system changes, the entire analysis needs to be repeated, making the existing approaches inefficient for practical use. To mitigate their shortcomings, we have developed SALMA, a novel self-protecting Android software system that monitors itself and adapts its behavior at runtime to prevent a wide-range of security risks. SALMA maintains a precise architectural model, represented as a Multiple-Domain-Matrix, and incrementally and efficiently analyzes an Android system in response to incremental system changes. The maintained architecture is used to reason about the running Android system. Every time the system changes, SALMA determines (1) the impacted part of the system, and (2) the subset of the security analyses that need to be performed, thereby greatly improving the performance of the approach. Our experimental results on hundreds of real-world apps corroborate SALMA's scalability and efficiency as well as its ability to detect and prevent security attacks at runtime with minimal disruption.","PeriodicalId":6622,"journal":{"name":"2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE)","volume":"268 1","pages":"726-737"},"PeriodicalIF":0.0000,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3238147.3238207","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 12

Abstract

The current security mechanisms for Android apps, both static and dynamic analysis approaches, are insufficient for detection and prevention of the increasingly dynamic and sophisticated security attacks. Static analysis approaches suffer from false positives whereas dynamic analysis approaches suffer from false negatives. Moreover, they all lack the ability to efficiently analyze systems with incremental changes–such as adding/removing apps, granting/revoking permissions, and dynamic components' communications. Each time the system changes, the entire analysis needs to be repeated, making the existing approaches inefficient for practical use. To mitigate their shortcomings, we have developed SALMA, a novel self-protecting Android software system that monitors itself and adapts its behavior at runtime to prevent a wide-range of security risks. SALMA maintains a precise architectural model, represented as a Multiple-Domain-Matrix, and incrementally and efficiently analyzes an Android system in response to incremental system changes. The maintained architecture is used to reason about the running Android system. Every time the system changes, SALMA determines (1) the impacted part of the system, and (2) the subset of the security analyses that need to be performed, thereby greatly improving the performance of the approach. Our experimental results on hundreds of real-world apps corroborate SALMA's scalability and efficiency as well as its ability to detect and prevent security attacks at runtime with minimal disruption.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Android系统在组件间通信攻击中的自我保护
当前Android应用的安全机制,无论是静态还是动态的分析方法,都不足以检测和预防日益动态和复杂的安全攻击。静态分析方法会出现假阳性,而动态分析方法会出现假阴性。此外,它们都缺乏有效分析具有增量更改的系统的能力,例如添加/删除应用程序、授予/撤销权限以及动态组件的通信。每次系统更改时,整个分析都需要重复,这使得现有的方法在实际使用中效率低下。为了减轻它们的缺点,我们开发了SALMA,这是一种新颖的自我保护Android软件系统,它可以监控自身并在运行时调整其行为,以防止各种安全风险。SALMA维护一个精确的体系结构模型,表示为一个多域矩阵,并增量和有效地分析Android系统响应增量系统的变化。所维护的体系结构用于对Android系统的运行进行推理。每次系统发生变化时,SALMA确定(1)系统中受影响的部分,以及(2)需要执行的安全分析子集,从而大大提高了方法的性能。我们在数百个实际应用程序上的实验结果证实了SALMA的可扩展性和效率,以及它在运行时以最小的中断检测和防止安全攻击的能力。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Automatically Testing Implementations of Numerical Abstract Domains Self-Protection of Android Systems from Inter-component Communication Attacks Characterizing the Natural Language Descriptions in Software Logging Statements DroidMate-2: A Platform for Android Test Generation CPA-SymExec: Efficient Symbolic Execution in CPAchecker
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1