Paper Info
Title
TripleMon: A multi-layer security framework for mediating inter-process communication on Android.
Abstract
As smartphones have become an indispensable part of daily life, mobile users are increasingly relying on them to process personal information with feature-rich applications. This situation requires robust security mechanisms for protecting sensitive applications and data on mobile devices. Android, as one the most popular smartphone operating systems, provides two core security mechanisms, application sandboxing and a permission system. However, recent studies show that these mechanisms are vulnerable to be passed by a variety of attacks. In this paper, we argue for the need of designing and implementing more comprehensive security mechanisms for Android. We realize that mediating Inter-Process Communication (IPC) channels used by Android applications can mitigate prominent attacks effectively and efficiently. Based on this observation, we propose a practical multi-layer security framework called TRIPLEMON to support policy-based mediation on Android IPC. We also discuss and evaluate a proof-of-concept prototype of TRIPLEMON along with the experimental results derived from real malware samples and synthetic attacks.
Year
DOI
Venue
2016
10.3233/JCS-160552
JOURNAL OF COMPUTER SECURITY
Keywords
Field
DocType
Mobile security,system security,Android,reference monitor,mandatory access control
Sandbox (computer security),Android (operating system),Computer security,Computer science,Mandatory access control,Mobile device,Reference monitor,Personally identifiable information,Inter-process communication,Malware
Journal
Volume
Issue
ISSN
24
4
0926-227X
Citations 
PageRank 
References 
0
0.34
20
Authors
5
Name
Order
Citations
PageRank
Yiming Jing1904.96
Gail-Joon Ahn23012203.39
Hongxin Hu3123082.32
haehyun cho4166.55
Ziming Zhao532230.52