Paper Info
Title
Native code execution control for attack mitigation on android
Abstract
Sophisticated malware targeting the Android mobile operating system increasingly utilizes local root exploits. These allow for the escalation of privileges and subsequent automatic, unnoticed, and permanent infection of a target device. Poor vendor patch policy leaves customer devices vulnerable for many months. All current local root exploits are exclusively implemented as native code and can be dynamically downloaded and run by any app. Hence, the lack of control mechanisms for the execution of native code poses a major threat to the security of Android devices. In this paper, we present different approaches to prevent local root exploits by means of gradually controlling native code execution. The proposed alterations to the Android operating system protect against all current local root exploits, while limiting the user experience as little as possible. Thus, the approaches we present help to avert automatic privilege escalation and to reduce exploitability and malware infection of Android devices.
Year
DOI
Venue
2013
10.1145/2516760.2516765
SPSM@CCS
Keywords
Field
DocType
local root exploit,android operating system,automatic privilege escalation,utilizes local root exploit,android mobile operating system,current local root exploit,native code execution control,malware infection,android device,attack mitigation,native code execution,native code,android,malware
User experience design,Android (operating system),Computer science,Privilege escalation,Computer security,Vendor,Exploit,Machine code,Execution control,Malware,Operating system
Conference
Citations 
PageRank 
References 
7
0.50
7
Authors
3
Name
Order
Citations
PageRank
Rafael Fedler190.95
Marcel Kulicke290.95
Julian Schütte35814.61