An Android runtime security policy enforcement framework |
| |
Authors: | Hammad Banuri Masoom Alam Shahryar Khan Jawad Manzoor Bahar Ali Yasar Khan Mohsin Yaseen Mir Nauman Tahir Tamleek Ali Quratulain Alam Xinwen Zhang |
| |
Affiliation: | 1. Security Engineering Research Group (SERG), Institute of Management Sciences, 1-A, E-5, Phase VII, Hayatabad, Peshawar, Pakistan 2. Huawei Research Center, Santa Clara, CA, USA
|
| |
Abstract: | Today, smart phone’s malwares are deceptive enough to spoof itself as a legal mobile application. The front-end service of Trojans is attractive enough to deceive mobile users. Mobile users download similar malwares without knowing their illegitimate background threat. Unlike other vendors, Android is an open-source mobile operating system, and hence, it lacks a dedicated team to analyze the application code and decide its trustworthiness. We propose an augmented framework for Android that monitors the dynamic behavior of application during its execution. Our proposed architecture called Security Enhanced Android Framework (seaf) validates the behavior of an application through its permissions exercising patterns. Based on the exercised permissions’ combination, the mobile user is intimated about the dangerous behavior of an application. We have implemented the proposed framework within Android software stack and ported it to device. Our initial investigation shows that our solution is practical enough to be used in the consumer market. |
| |
Keywords: | |
本文献已被 SpringerLink 等数据库收录! |
|