SARRE: Semantics-Aware Rule Recommendation and Enforcement for Event Paths on Android
作者: Yongbo Li , Fan Yao , Tian Lan , Guru Venkataramani
DOI: 10.1109/TIFS.2016.2596141
关键词:
摘要: This paper presents a semantics-aware rule recommendation and enforcement (SARRE) system for taming information leakage on Android. SARRE leverages statistical analysis novel application of minimum path cover algorithm to identify event paths from dynamic runtime monitoring. Then, an online is developed automatically assign fine-grained security each path, capitalizing both known rules semantic information. The proposed prototyped Android devices evaluated using real-world malware samples popular apps Google Play spanning multiple categories. Our results show that achieves 93.8% precision 96.4% recall in identifying the paths, compared with tainting technique. Also, average difference between manual configuration less than 5%, validating effectiveness automatic recommendation. It also demonstrated by enforcing recommended through camouflage engine, can effectively prevent enable protection over private data very small performance overhead.
sci-hub.se 参考文章(49)
Yajin Zhou, Xinwen Zhang, Xuxian Jiang, Vincent W. Freeh, Taming information-stealing smartphone applications (on Android) trust and trustworthy computing. pp. 93- 107 ,(2011) , 10.1007/978-3-642-21599-5_7
Kapil Singh, Practical Context-Aware Permission Control for Hybrid Mobile Applications recent advances in intrusion detection. pp. 307- 327 ,(2013) , 10.1007/978-3-642-41284-4_16
Tao Xie, Rahul Pandita, William Enck, Xusheng Xiao, Wei Yang, WHYPER: towards automating risk assessment of mobile applications usenix security symposium. pp. 527- 542 ,(2013)
Chao Yang, Zhaoyan Xu, Guofei Gu, Vinod Yegneswaran, Phillip Porras, DroidMiner: Automated Mining and Characterization of Fine-grained Malicious Behaviors in Android Applications european symposium on research in computer security. pp. 163- 182 ,(2014) , 10.1007/978-3-319-11203-9_10
Ramakrishnan Srikant, Rakesh Agrawal, Fast Algorithms for Mining Association Rules in Large Databases very large data bases. pp. 487- 499 ,(1994)
Lin Tan, Weiwei Xiong, Yuanyuan Zhou, Xiaolan Zhang, Xiao Ma, AutoISES: automatically inferring security specifications and detecting violations usenix security symposium. pp. 379- 394 ,(2008)
Lok Kwong Yan, Heng Yin, DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis usenix security symposium. pp. 29- 29 ,(2012)
Yury Zhauniarovich, Giovanni Russello, Mauro Conti, Bruno Crispo, Earlence Fernandes, MOSES: Supporting and Enforcing Security Profiles on Smartphones IEEE Transactions on Dependable and Secure Computing. ,vol. 11, pp. 211- 223 ,(2014) , 10.1109/TDSC.2014.2300482
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
Soteris Demetriou, Xiaoyong Zhou, Muhammad Naveed, Yeonjoon Lee, Kan Yuan, XiaoFeng Wang, Carl A Gunter, What's in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources network and distributed system security symposium. ,(2015) , 10.14722/NDSS.2015.23098