nach oben

Erschienen in:

2016 | OriginalPaper | Buchkapitel

NativeProtector: Protecting Android Applications by Isolating and Intercepting Third-Party Native Libraries

verfasst von : Yu-Yang Hong, Yu-Ping Wang, Jie Yin

Erschienen in: ICT Systems Security and Privacy Protection

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

An increasing number of Android developers are incorporating third-party native libraries in their applications for code reuse, CPU-intensive tasks and other purposes. However current Android security mechanism can not regulate the native code in applications well. Many approaches have been proposed to enforce security of Android applications, but few of them involve security of the native libraries in Android applications.

In this paper, we propose NativeProtector, a system that regulates the third-party native libraries in Android applications. The standalone Android application is separated into two components: the server app and the client app where server app contains the native libraries for providing services from the native libraries while the client app contains the rest parts of the original app. The client app binds to the server app at the launching time, and all native function calls are replaced with interprocess calls to the server app. NativeProtector also generates the stub libraries intercept system calls in server app and enforce security of the native libraries in server app. We have implemented a prototype of NativeProtector. Our evaluation shows that NativeProtector can successfully detect and block the attempts of performing dangerous operations by the third-party native libraries in Android applications. The performance overhead introduced by NativeProtector is acceptable.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Advanced or Not? A Comparative Study of the Use of Anti-debugging and Anti-VM Techniques in Generic and Targeted Malware

Nächstes Kapitel A Progress-Sensitive Flow-Sensitive Inlined Information-Flow Control Monitor

Android Interface Definition Language (AIDL). http://developer.android.com/intl/zh-cn/guide/components/aidl.html

Android NDK. http://developer.android.com/intl/zh-cn/ndk/index.html

Android Service. http://developer.android.com/reference/android/app/Service.html

apkpure.com. https://apkpure.com

Apktool. http://ibotpeaches.github.io/Apktool/

Android market share in Q2 (2015). http://www.idc.com/prodserv/smartphone-os-market-share.jsp

PLT and GOT, the key to code sharing and dynamic libraries. https://www.technovelty.org/linux/plt-and-got-the-key-to-code-sharing-and-dynamic-libraries.html

Backes, M., Gerling, S., Hammer, C., Maffei, M., von Styp-Rekowsky, P.: AppGuard – Enforcing user requirements on android apps. In: Piterman, N., Smolka, S.A. (eds.) TACAS 2013 (ETAPS 2013). LNCS, vol. 7795, pp. 543–548. Springer, Heidelberg (2013)CrossRef

Backes, M., Bugiel, S., Hammer, C., et al.: Boxify: Full-fledged app sandboxing for stock Android. In: Proceedings of 24th USENIX Security Symposium (USENIX Security 2015) (2015)

10.

Bugiel, S., Heuser, S., Sadeghi, A.R.: Flexible and fine-grained mandatory access control on android for diverse security and privacy policies. In: Proceedings of 22th USENIX Security Symposium (USENIX Security 2013), pp. 131–146 (2013)

11.

Conti, M., Nguyen, V.T.N., Crispo, B.: CRePE: Context-related policy enforcement for Android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 331–345. Springer, Heidelberg (2011)CrossRef

12.

Davis, B., Sanders, B., Khodaverdian, A., et al.: I-ARM-Droid: A rewriting framework for in-app reference monitors for android applications. In: Proceedings of Mobile Security Technologies (2012)

13.

Enck, W., Gilbert, P., Han, S., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. Proc. ACM Trans. Comput. Syst. (TOCS) 32(2), 5 (2014)

14.

Hornyack, P., Han, S., Jung, J., et al.: These aren’t the droids you’re looking for: retrofitting android to protect data from imperious applications. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 639–652. ACM (2011)

15.

Jeon, J., Micinski, K.K., Vaughan, J.A., et al.: Dr. Android and Mr. Hide: fine-grained permissions in android applications. In: Proceedings of the 2nd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 3–14. ACM (2012)

16.

Nauman, M., Khan, S., Zhang, X.: Apex: extending android permission model and enforcement with user-defined runtime constraints. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 328–332. ACM (2010)

17.

Rasthofer, S., Arzt, S., Lovat, E., et al.: Droidforce: enforcing complex, data-centric, system-wide policies in android. In: 2014 Ninth International Conference on Availability, Reliability and Security (ARES), pp. 40–49. IEEE (2014)

18.

Russello, G., Jimenez, A.B., Naderi, H., et al.: Firedroid: hardening security in almost-stock android. In: Proceedings of the 29th Annual Computer Security Applications Conference, pp. 319–328. ACM (2013)

19.

Shekhar, S., Dietz, M., Wallach, D.S: AdSplit: Separating smartphone advertising from applications. In: Proceedings of 21th USENIX Security Symposium, pp. 553–567 (2012)

20.

Siefers, J., Tan, G., Morrisett, G.: Robusta: Taming the native beast of the JVM. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 201–211. ACM (2010)

21.

Sun, M., Tan, G.: NativeGuard: Protecting android applications from third-party native libraries. In: Proceedings of the 2014 ACM Conference on Security and Privacy in Wireless & Mobile Networks, pp. 165–176. ACM (2014)

22.

Wang, X., Sun, K., Wang, Y., et al.: DeepDroid: dynamically enforcing enterprise policy on android devices. In: Proceedings of 22nd Annual Network and Distributed System Security Symposium (NDSS 2015). The Internet Society (2015)

23.

Xu, R., Sadi, H., Anderson, R.: Aurasium: Practical policy enforcement for android applications. In: Proceedings of 21th USENIX Security Symposium, pp. 539–552 (2012)

24.

Zhang, X., Ahlawat, A., Du, W.: AFrame: isolating advertisements from mobile applications in Android. In: Proceedings of the 29th Annual Computer Security Applications Conference, pp. 9–18. ACM (2013)

25.

Zhang, Y., Yang, M., Xu, B., et al.: Vetting undesirable behaviors in android apps with permission use analysis. In: Proceedings of the ACM SIGSAC Conference on Computer & Communications Security, pp. 611–622. ACM (2013)

26.

Zhao, Z., Osono, F.C.C.: TrustDroid: Preventing the use of SmartPhones for information leaking in corporate networks through the used of static analysis taint tracking. In: MALWARE, pp. 135–143 (2012)

27.

Zhou, Y., Patel, K., Wu, L., et al.: Hybrid user-level sandboxing of third-party android apps. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (2015)

28.

Zhou, Y., Zhang, X., Jiang, X., Freeh, V.W.: Taming information-stealing smartphone applications (on Android). In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) Trust 2011. LNCS, vol. 6740, pp. 93–107. Springer, Heidelberg (2011)CrossRef

Titel: NativeProtector: Protecting Android Applications by Isolating and Intercepting Third-Party Native Libraries
verfasst von: Yu-Yang Hong
Yu-Ping Wang
Jie Yin
Verlag: Springer International Publishing
Buch: ICT Systems Security and Privacy Protection
Print ISBN: 978-3-319-33629-9

Electronic ISBN: 978-3-319-33630-5

Copyright-Jahr: 2016
DOI: https://doi.org/10.1007/978-3-319-33630-5_23

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"