research-article

Enhancing security enforcement on unmodified Android

Authors:

Cheol Jeon,

WooChur Kim,

Bongjae Kim,

Yookun ChoAuthors Info & Claims

SAC '13: Proceedings of the 28th Annual ACM Symposium on Applied Computing

Pages 1655 - 1656

https://doi.org/10.1145/2480362.2480672

Published: 18 March 2013 Publication History

Get Access

Abstract

Android OS have several security vulnerabilities. Most of existing proposals require extensive modification of Android kernel or application framework. So, they are not feasible for end users which use stock Android OS. In this paper, we present a novel application market system which protect users from piracy by malicious third-party applications installed in their devices without any modification of Android system. Our market system grants users the ability to monitor and control applications' malicious behaviors at runtime by inserting instrumentation codes into each application in its repository. Experimental results show that our market system is effective at preventing applications' malicious behaviors.

References

[1]

Chin, E., Felt, A. P., Greenwood, K. and Wagner, D. 2011. Analyzing inter-application communication in Android. Proceedings of the 9th international conference on Mobile systems, applications, and services (2011), 239--252.

Digital Library

Google Scholar

[2]

Fuchs, A. P., Chaudhuri, A. and Foster, J. S. 2009. SCanDroid: Automated security certification of Android applications. Manuscript, Univ. of Maryland, http://www.cs.umd.edu/~avik/projects/scandroidascaa. (2009).

Google Scholar

[3]

Hornyack, P., Han, S., Jung, J., Schechter, S. and Wetherall, D. 2011. These aren't the droids you're looking for: retrofitting android to protect data from imperious applications. Proceedings of the 18th ACM conference on Computer and communications security (2011), 639--652.

Digital Library

Google Scholar

[4]

Nauman, M., Khan, S. and Zhang, X. 2010. Apex: extending android permission model and enforcement with user-defined runtime constraints. Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (2010), 328--332.

Digital Library

Google Scholar

[5]

Symantec Security Response: AndroidOS.FakePlayer http://www.symantec.com/security_response/writeup.jsp?docid=2010-081100-1646-99.

Google Scholar

Cited By

View all

Sadeghi ABagheri HGarcia JMalek S(2017)A Taxonomy and Qualitative Comparison of Program Analysis Techniques for Security Assessment of Android SoftwareIEEE Transactions on Software Engineering10.1109/TSE.2016.261530743:6(492-530)Online publication date: 1-Jun-2017
https://doi.org/10.1109/TSE.2016.2615307
Sufatrio Tan DChua TThing V(2015)Securing AndroidACM Computing Surveys10.1145/273330647:4(1-45)Online publication date: 11-May-2015
https://dl.acm.org/doi/10.1145/2733306

Index Terms

Enhancing security enforcement on unmodified Android
1. Security and privacy

Recommendations

Android: Changing the Mobile Landscape

The mobile phone landscape changed last year with the introduction of smart phones running Android, a platform marketed by Google. Android phones are the first credible threat to the iPhone market. Not only did Google target the same consumers as iPhone,...
Are apps ready for new Android releases?
MOBILESoft '20: Proceedings of the IEEE/ACM 7th International Conference on Mobile Software Engineering and Systems

Context: Android operating system always brings new releases and updates to improve security, increase performance and bring a better user experience. When Google announces a new release, a whole chain of changes is triggered in cascade, causing many ...
Sleeping android: the danger of dormant permissions
SPSM '13: Proceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices

An Android app must be authorized for permissions, defined by the Android platform, in order to access certain capabilities of an Android device. An app developer specifies which permissions an app will require and these permissions must be authorized ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

SAC '13: Proceedings of the 28th Annual ACM Symposium on Applied Computing

March 2013

2124 pages

ISBN:9781450316569

DOI:10.1145/2480362

Conference Chairs:
Sung Y. Shin
South Dakota State University, United States
,
José Carlos Maldonado
ICMC - University of São Paulo, Brazil

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 March 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SAC '13

Sponsor:

SIGAPP

SAC '13: SAC '13

March 18 - 22, 2013

Coimbra, Portugal

Acceptance Rates

SAC '13 Paper Acceptance Rate 255 of 1,063 submissions, 24%;

Overall Acceptance Rate 1,650 of 6,669 submissions, 25%

Upcoming Conference

SAC '25

Sponsor:
sigapp

The 40th ACM/SIGAPP Symposium on Applied Computing

March 31 - April 4, 2025

Catania , Italy

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
448
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Sadeghi ABagheri HGarcia JMalek S(2017)A Taxonomy and Qualitative Comparison of Program Analysis Techniques for Security Assessment of Android SoftwareIEEE Transactions on Software Engineering10.1109/TSE.2016.261530743:6(492-530)Online publication date: 1-Jun-2017
https://doi.org/10.1109/TSE.2016.2615307
Sufatrio Tan DChua TThing V(2015)Securing AndroidACM Computing Surveys10.1145/273330647:4(1-45)Online publication date: 11-May-2015
https://dl.acm.org/doi/10.1145/2733306

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Android: Changing the Mobile Landscape

Are apps ready for new Android releases?

Sleeping android: the danger of dormant permissions

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations