Conference item icon

Conference item

Contextual Policy Enforcement in Android Programs with Permission Event Graphs

Abstract:
The difference between a malicious and a benign Android application can often be characterised by context and sequence in which certain permissions and APIs are used. We present a new technique for checking temporal properties of the interaction between an application and the Android event system. Our tool can automatically detect sensitive operations being performed without the user's consent, such as recording audio after the stop button is pressed, or accessing an address book in the background. Our work centres around a new abstraction of Android applications, called a Permission Event Graph, which we construct with static analysis, and query using model checking. We evaluate application-independent properties on 152 malicious and 117 benign applications, and application-specific properties on 8 benign and 9 malicious applications. In both cases, we can detect, or prove the absence of malicious behaviour beyond the reach of existing techniques.

Actions

Authors


Host title:
Proc. of the Conference on Networked and Distributed System Security
Publication date:
2013-01-01


UUID:
uuid:1990789e-f81a-47cb-a6bd-a84b63f3f2b4
Local pid:
cs:6395
Deposit date:
2015-03-31
ARK identifier:

Terms of use


Views and Downloads






If you are the owner of this record, you can report an update to it here: Report update to this record

TO TOP