A Novel Android Security Framework to Prevent Privilege Escalation Attacks

Android is the most popular operating system in the world, with numerous applications having been developed for the platform since its inception, however, it has its fair share of security issues. Despite security precautions taken by developers and the system itself when it comes to permission delegation for applications, privilege escalation attacks are still possible up till Android API level 25. Unfortunately, many existing detection and prevention solutions fall short of the standard necessary or are taxing in resources not found on most Android devices. Proof is shown that a custom created malicious application can elevate its privileges, beyond the permissions it was given, in the existing Android system. In this paper, a modification to the existing Android framework is proposed, one that can detect inter-component communication messages between malicious apps attempting to elevate their privileges and benign applications. Part of this framework is the ability for the user to decide if permissions should be elevated, allowing them some measure of control. The results of the experimental evaluation demonstrate that the solution proposed is effective in preventing privilege escalation attacks on Android API level 24.