An Android runtime security policy enforcement framework

An Android runtime security policy enforcement framework

Today, smart phone’s malwares are deceptive enough to spoof itself as a legal mobile application. The front-end service of Trojans is attractive enough to deceive mobile users. Mobile users download similar malwares without knowing their illegitimate background threat. Unlike other vendors, Android...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Personal and ubiquitous computing 2012-08, Vol.16 (6), p.631-641
Hauptverfasser: Banuri, Hammad, Alam, Masoom, Khan, Shahryar, Manzoor, Jawad, Ali, Bahar, Khan, Yasar, Yaseen, Mohsin, Tahir, Mir Nauman, Ali, Tamleek, Alam, Quratulain, Zhang, Xinwen
Format: Artikel
Sprache:eng
Schlagworte:
Computer programs
Computer Science
Computer viruses
Cybersecurity
Devices
Malware
Markets
Mobile Computing
Monitors
Original Article
Personal Computing
Policies
Security
Smartphones
Source code
User Interfaces and Human Computer Interaction
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Today, smart phone’s malwares are deceptive enough to spoof itself as a legal mobile application. The front-end service of Trojans is attractive enough to deceive mobile users. Mobile users download similar malwares without knowing their illegitimate background threat. Unlike other vendors, Android is an open-source mobile operating system, and hence, it lacks a dedicated team to analyze the application code and decide its trustworthiness. We propose an augmented framework for Android that monitors the dynamic behavior of application during its execution. Our proposed architecture called Security Enhanced Android Framework ( seaf ) validates the behavior of an application through its permissions exercising patterns. Based on the exercised permissions’ combination, the mobile user is intimated about the dangerous behavior of an application. We have implemented the proposed framework within Android software stack and ported it to device. Our initial investigation shows that our solution is practical enough to be used in the consumer market.
ISSN:1617-4909
1617-4917
DOI:10.1007/s00779-011-0437-6