Enhancing security of linux-based android devices
作者: Sahin Albayrak , Seyit Camtepe , Jan Clausen , Aubrey-Derrick Schmidt , Kamer Ail Yuksel
DOI:
关键词:
摘要: Our daily lives become more and dependent upon smartphones due to their increased capabilities. Smartphones are used in various ways from payment systems assisting the of elderly or disabled people. Security threats for these devices increasingly dangerous since there is still a lack proper security tools protection. Android emerges as an open smartphone platform which allows modification even on operating system level. Therefore, third-party developers have opportunity develop kernel-based low-level not normal platforms. quickly gained its popularity among beyond it bases Java top "open" Linux comparison former proprietary platforms very restrictive SDKs corresponding APIs. Symbian OS example, holding greatest market share all OSs, was closing critical APIs common introduced application certification. This done this main target malwares past. In fact, than 290 designed appeared July 2004 2008. Android, turn, promises be completely source. Together with Linux-based OpenMoko, may attract malware writers creating malicious applications endangering owners� privacy. work, we present our current results analyzing focus side. limited they also applicable such OpenMoko Neo FreeRunner. contribution work three-fold. First, analyze android framework Linux-kernel check functionalities. We survey wellaccepted mechanisms can increase device security. provide descriptions how adopt kernel, overhead analysis terms resource usage. As released similar Symbian, attention writers. second focuses detection techniques at kernel test applicability existing signature intrusion methods environment. monitoring events kernel; that is, identifying log file, file network activity events, devising efficient monitor them third involves initial mechanism basing static function call analysis. identified approximately 105 Executable Linking Format (ELF) executables installed side Android. perform statistical calls by applications. The compared newly detecting significant differences. Additionally, certain indicate activity. simple decision tree deciding suspiciousness application. first step towards Android-based devices.
dai-labor.de 参考文章(18)
Farnam Jahanian, Jon Oberheide, Evan Cooke, CloudAV: N-version antivirus in the network cloud usenix security symposium. pp. 91- 106 ,(2008)
Mihai Christodorescu, Somesh Jha, Static analysis of executables to detect malicious patterns usenix security symposium. pp. 12- 12 ,(2003) , 10.21236/ADA449067
Fredrik Valeur, Christopher Kruegel, Giovanni Vigna, William Robertson, Static disassembly of obfuscated binaries usenix security symposium. pp. 18- 18 ,(2004)
Deepak Venugopal, Guoning Hu, Efficient signature based malware detection on mobile devices Mobile Information Systems. ,vol. 4, pp. 33- 49 ,(2008) , 10.1155/2008/712353
Jerry Cheng, Starsky H.Y. Wong, Hao Yang, Songwu Lu, SmartSiren Proceedings of the 5th international conference on Mobile systems, applications and services - MobiSys '07. pp. 258- 271 ,(2007) , 10.1145/1247660.1247690
Hahnsang Kim, Joshua Smith, Kang G. Shin, Detecting energy-greedy anomalies and mobile malware variants Proceeding of the 6th international conference on Mobile systems, applications, and services - MobiSys '08. pp. 239- 252 ,(2008) , 10.1145/1378600.1378627
Sahin Albayrak, Florian Lamour, Aubrey-Derrick Schmidt, Frank Peters, Monitoring smartphones for anomaly detection mobile wireless middleware, operating systems, and applications. pp. 40- ,(2008) , 10.5555/1361492.1361542
Qinghua Zhang, Douglas S. Reeves, MetaAware: Identifying Metamorphic Malware annual computer security applications conference. pp. 411- 420 ,(2007) , 10.1109/ACSAC.2007.9
D. Samfat, R. Molva, IDAMN: an intrusion detection architecture for mobile networks IEEE Journal on Selected Areas in Communications. ,vol. 15, pp. 1373- 1380 ,(1997) , 10.1109/49.622919
Timothy K Buennemeyer, Theresa M Nelson, Lee M Clagett, John P Dunning, Randy C Marchany, Joseph G Tront, None, Mobile Device Profiling and Intrusion Detection Using Smart Batteries hawaii international conference on system sciences. pp. 296- 296 ,(2008) , 10.1109/HICSS.2008.319