Paper Info
Title
NJAS: Sandboxing Unmodified Applications in non-rooted Devices Running stock Android
Abstract
Malware poses a serious threat to the Android ecosystem. Moreover, even benign applications can sometimes constitute security and privacy risks to their users, as they might contain vulnerabilities, or they might perform unwanted actions. Previous research has shown that the current Android security model is not sufficient to protect against these threats, and several solutions have been proposed to enable the specification and enforcing of finer-grained security policies. Unfortunately, many existing solutions suffer from several limitations: they require modifications to the Android framework, root access to the device, to create a modified version of an existing app that cannot be installed without enabling unsafe options, or they cannot completely sandbox native code components. In this work, we propose a novel approach that aims to sandbox arbitrary Android applications. Our solution, called NJAS, works by executing an Android application within the context of another one, and it achieves sandboxing by means of system call interposition. In this paper, we show that our solution overcomes major limitations that affect existing solutions. In fact, it does not require any modification to the framework, does not require root access to the device, and does not require the user to enable unsafe options. Moreover, the core sandboxing mechanism cannot be evaded by using native code components.
Year
DOI
Venue
2015
10.1145/2808117.2808122
SPSM@CCS
Field
DocType
Citations 
Sandbox (computer security),Android security,Internet privacy,Android (operating system),Computer security,Computer science,Machine code,System call,Security policy,Malware,Operating system,Vulnerability
Conference
14
PageRank 
References 
Authors
0.58
23
4
Name
Order
Citations
PageRank
Antonio Bianchi135113.41
Yanick Fratantonio263827.12
Christopher Kruegel38799516.05
Giovanni Vigna47121507.72