Poster: the quest for security against privilege escalation attacks on android

  • Bugiel S
  • Davi L
  • Dmitrienko A
  • et al.
N/ACitations
Citations of this article
26Readers
Mendeley users who have this article in their library.

Abstract

In this paper we present the design and implementation of a security framework that extends the reference monitor of the Android middleware and deploys a mandatory access control on Linux kernel (based on Tomoyo) aiming at detecting and preventing application-level privilege escalation attacks at runtime. In contrast to existing solutions, our framework is system-centric, efficient, detects attacks that involve communication channels controlled by both, Android middleware and the Linux kernel (particularly, Binder IPC, Internet sockets and file system). It can prevent known confused deputy attacks without false positives and is also flexible enough to prevent unknown confused deputy attacks and attacks by colluding applications (e.g., Soundcomber) at the cost of a small rate of false positives.

Cite

CITATION STYLE

APA

Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.-R., & Shastry, B. (2011). Poster: the quest for security against privilege escalation attacks on android. In Proceedings of the 18th ACM conference on Computer and communications security - CCS ’11 (p. 741). ACM Press. Retrieved from http://www.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_TRUST/PubsPDF/2011-ccs-poster.pdf

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free