A temporal permission analysis and enforcement framework for Android

Alireza Sadeghi, Reyhaneh Jabbarvand, Negar Ghorbani, Hamid Bagheri, Sam Malek

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Permission-induced attacks, i.e., security breaches enabled by permission misuse, are among the most critical and frequent issues threatening the security of Android devices. By ignoring the temporal aspects of an attack during the analysis and enforcement, the state-of-the-art approaches aimed at protecting the users against such attacks are prone to have low-coverage in detection and high-disruption in prevention of permission-induced attacks. To address this shortcomings, we present Terminator, a temporal permission analysis and enforcement framework for Android. Leveraging temporal logic model checking,Terminator's analyzer identifies permission-induced threats with respect to dynamic permission states of the apps. At runtime, Terminator's enforcer selectively leases (i.e., temporarily grants) permissions to apps when the system is in a safe state, and revokes the permissions when the system moves to an unsafe state realizing the identified threats. The results of our experiments, conducted over thousands of apps, indicate that Terminator is able to provide an effective, yet non-disruptive defense against permission-induced attacks. We also show that our approach, which does not require modification to the Android framework or apps' implementation logic, is highly reliable and widely applicable.

Original languageEnglish (US)
Title of host publicationProceedings of the 40th International Conference on Software Engineering, ICSE 2018
PublisherIEEE Computer Society
Pages846-857
Number of pages12
ISBN (Electronic)9781450356381
DOIs
StatePublished - May 27 2018
Externally publishedYes
Event40th International Conference on Software Engineering, ICSE 2018 - Gothenburg, Sweden
Duration: May 27 2018Jun 3 2018

Publication series

NameProceedings - International Conference on Software Engineering
ISSN (Print)0270-5257

Conference

Conference40th International Conference on Software Engineering, ICSE 2018
Country/TerritorySweden
CityGothenburg
Period5/27/186/3/18

Keywords

  • Access control (permission)
  • Android
  • Temporal logic

ASJC Scopus subject areas

  • Software

Fingerprint

Dive into the research topics of 'A temporal permission analysis and enforcement framework for Android'. Together they form a unique fingerprint.

Cite this