Skip to main content
Conference ProceedingsOPEN ACCESS

An empirical evaluation of the android security framework

IFIP Advances in Information and Communication Technology (2013) 405 176-189
DOI: 10.1007/978-3-642-39218-4_14
14Citations
Citations of this article
32Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

The Android OS consists of a Java stack built on top of a native Linux kernel. A number of recently discovered vulnerabilities suggests that some security issues may be hidden in the interplay between the Java stack and the Linux kernel. We have conducted an empirical security evaluation of the interaction among layers. Our experiments indicate that the Android Security Framework (ASF) does not discriminate the caller of invocations targeted to the Linux kernel, thereby allowing Android applications to directly interact with the Linux kernel. We also show that this trait lets malicious applications adversely affect the user’s privacy as well as the usability of the device. Finally, we propose an enhancement in the ASF that allows for the detection and prevention of direct kernel invocations from applications.

Cite

CITATION STYLE

APA

Armando, A., Merlo, A., & Verderame, L. (2013). An empirical evaluation of the android security framework. In IFIP Advances in Information and Communication Technology (Vol. 405, pp. 176–189). Springer. https://doi.org/10.1007/978-3-642-39218-4_14

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free