Contextual Policy Enforcement in Android Programs with Permission Event Graphs
The difference between a malicious and a benign Android application can often be characterised by context and sequence in which certain permissions and APIs are used. We present a new technique for checking temporal properties of the interaction between an application and the Android event system. O...
| Main Authors: | , , , , , , , , |
|---|---|
| Format: | Conference item |
| Published: |
2013
|
| _version_ | 1797056158047928320 |
|---|---|
| author | Chen, K Johnson, N D'Silva, V Dai, S Magrino, T Macnamarra, K Wu, E Rinard, M Song, D |
| author_facet | Chen, K Johnson, N D'Silva, V Dai, S Magrino, T Macnamarra, K Wu, E Rinard, M Song, D |
| author_sort | Chen, K |
| collection | OXFORD |
| description | The difference between a malicious and a benign Android application can often be characterised by context and sequence in which certain permissions and APIs are used. We present a new technique for checking temporal properties of the interaction between an application and the Android event system. Our tool can automatically detect sensitive operations being performed without the user's consent, such as recording audio after the stop button is pressed, or accessing an address book in the background. Our work centres around a new abstraction of Android applications, called a Permission Event Graph, which we construct with static analysis, and query using model checking. We evaluate application-independent properties on 152 malicious and 117 benign applications, and application-specific properties on 8 benign and 9 malicious applications. In both cases, we can detect, or prove the absence of malicious behaviour beyond the reach of existing techniques. |
| first_indexed | 2024-03-06T19:19:26Z |
| format | Conference item |
| id | oxford-uuid:1990789e-f81a-47cb-a6bd-a84b63f3f2b4 |
| institution | University of Oxford |
| last_indexed | 2024-03-06T19:19:26Z |
| publishDate | 2013 |
| record_format | dspace |
| spelling | oxford-uuid:1990789e-f81a-47cb-a6bd-a84b63f3f2b42022-03-26T10:49:39ZContextual Policy Enforcement in Android Programs with Permission Event GraphsConference itemhttp://purl.org/coar/resource_type/c_5794uuid:1990789e-f81a-47cb-a6bd-a84b63f3f2b4Department of Computer Science2013Chen, KJohnson, ND'Silva, VDai, SMagrino, TMacnamarra, KWu, ERinard, MSong, DThe difference between a malicious and a benign Android application can often be characterised by context and sequence in which certain permissions and APIs are used. We present a new technique for checking temporal properties of the interaction between an application and the Android event system. Our tool can automatically detect sensitive operations being performed without the user's consent, such as recording audio after the stop button is pressed, or accessing an address book in the background. Our work centres around a new abstraction of Android applications, called a Permission Event Graph, which we construct with static analysis, and query using model checking. We evaluate application-independent properties on 152 malicious and 117 benign applications, and application-specific properties on 8 benign and 9 malicious applications. In both cases, we can detect, or prove the absence of malicious behaviour beyond the reach of existing techniques. |
| spellingShingle | Chen, K Johnson, N D'Silva, V Dai, S Magrino, T Macnamarra, K Wu, E Rinard, M Song, D Contextual Policy Enforcement in Android Programs with Permission Event Graphs |
| title | Contextual Policy Enforcement in Android Programs with Permission Event Graphs |
| title_full | Contextual Policy Enforcement in Android Programs with Permission Event Graphs |
| title_fullStr | Contextual Policy Enforcement in Android Programs with Permission Event Graphs |
| title_full_unstemmed | Contextual Policy Enforcement in Android Programs with Permission Event Graphs |
| title_short | Contextual Policy Enforcement in Android Programs with Permission Event Graphs |
| title_sort | contextual policy enforcement in android programs with permission event graphs |
| work_keys_str_mv | AT chenk contextualpolicyenforcementinandroidprogramswithpermissioneventgraphs AT johnsonn contextualpolicyenforcementinandroidprogramswithpermissioneventgraphs AT dsilvav contextualpolicyenforcementinandroidprogramswithpermissioneventgraphs AT dais contextualpolicyenforcementinandroidprogramswithpermissioneventgraphs AT magrinot contextualpolicyenforcementinandroidprogramswithpermissioneventgraphs AT macnamarrak contextualpolicyenforcementinandroidprogramswithpermissioneventgraphs AT wue contextualpolicyenforcementinandroidprogramswithpermissioneventgraphs AT rinardm contextualpolicyenforcementinandroidprogramswithpermissioneventgraphs AT songd contextualpolicyenforcementinandroidprogramswithpermissioneventgraphs |