Abstract | ||
---|---|---|
Android has become a dominant computing platform, and its popularity has coincided with a surge of malware. The incorporation of Security-Enhanced Linux in Android (SEAndroid) is an important security enhancement to the platform. While SEAndroid adds the benefits of mandatory protection that SELinux brought to desktops and servers, the protection is only as good as the policy. Existing Android devices contain a wide variety of SEAndroid policies, depending on both the version of Android as well as the device manufacturer. In this paper, we present an approach to analyze SEAndroid policies in conjunction with the underlying Linux/Unix Discretionary Access Control policies. We apply our approach to four different versions of Android Open Source Project (AOSP) as well as devices from seven different manufacturers, and find several forms of unintentional privilege assignments. |
Year | DOI | Venue |
---|---|---|
2017 | 10.1145/3134600.3134638 | 33RD ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE (ACSAC 2017) |
Keywords | Field | DocType |
Android,SEAndroid,MAC,DAC,Policy Analysis | Android (operating system),Security enhancement,Computer science,Computer security,Server,Popularity,Unix,Policy analysis,Discretionary access control,Malware | Conference |
ISSN | Citations | PageRank |
1063-9527 | 2 | 0.41 |
References | Authors | |
17 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
HaiNing Chen | 1 | 57 | 5.08 |
Ninghui Li | 2 | 48 | 4.13 |
William Enck | 3 | 2832 | 221.77 |
Yousra Aafer | 4 | 264 | 13.36 |
Xiangyu Zhang | 5 | 2857 | 151.00 |