TY - GEN
T1 - A temporal permission analysis and enforcement framework for Android
AU - Sadeghi, Alireza
AU - Jabbarvand, Reyhaneh
AU - Ghorbani, Negar
AU - Bagheri, Hamid
AU - Malek, Sam
N1 - Publisher Copyright:
© 2018 ACM.
Copyright:
Copyright 2018 Elsevier B.V., All rights reserved.
PY - 2018/5/27
Y1 - 2018/5/27
N2 - Permission-induced attacks, i.e., security breaches enabled by permission misuse, are among the most critical and frequent issues threatening the security of Android devices. By ignoring the temporal aspects of an attack during the analysis and enforcement, the state-of-the-art approaches aimed at protecting the users against such attacks are prone to have low-coverage in detection and high-disruption in prevention of permission-induced attacks. To address this shortcomings, we present Terminator, a temporal permission analysis and enforcement framework for Android. Leveraging temporal logic model checking,Terminator's analyzer identifies permission-induced threats with respect to dynamic permission states of the apps. At runtime, Terminator's enforcer selectively leases (i.e., temporarily grants) permissions to apps when the system is in a safe state, and revokes the permissions when the system moves to an unsafe state realizing the identified threats. The results of our experiments, conducted over thousands of apps, indicate that Terminator is able to provide an effective, yet non-disruptive defense against permission-induced attacks. We also show that our approach, which does not require modification to the Android framework or apps' implementation logic, is highly reliable and widely applicable.
AB - Permission-induced attacks, i.e., security breaches enabled by permission misuse, are among the most critical and frequent issues threatening the security of Android devices. By ignoring the temporal aspects of an attack during the analysis and enforcement, the state-of-the-art approaches aimed at protecting the users against such attacks are prone to have low-coverage in detection and high-disruption in prevention of permission-induced attacks. To address this shortcomings, we present Terminator, a temporal permission analysis and enforcement framework for Android. Leveraging temporal logic model checking,Terminator's analyzer identifies permission-induced threats with respect to dynamic permission states of the apps. At runtime, Terminator's enforcer selectively leases (i.e., temporarily grants) permissions to apps when the system is in a safe state, and revokes the permissions when the system moves to an unsafe state realizing the identified threats. The results of our experiments, conducted over thousands of apps, indicate that Terminator is able to provide an effective, yet non-disruptive defense against permission-induced attacks. We also show that our approach, which does not require modification to the Android framework or apps' implementation logic, is highly reliable and widely applicable.
KW - Access control (permission)
KW - Android
KW - Temporal logic
UR - http://www.scopus.com/inward/record.url?scp=85049404864&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85049404864&partnerID=8YFLogxK
U2 - 10.1145/3180155.3180172
DO - 10.1145/3180155.3180172
M3 - Conference contribution
AN - SCOPUS:85049404864
T3 - Proceedings - International Conference on Software Engineering
SP - 846
EP - 857
BT - Proceedings of the 40th International Conference on Software Engineering, ICSE 2018
PB - IEEE Computer Society
T2 - 40th International Conference on Software Engineering, ICSE 2018
Y2 - 27 May 2018 through 3 June 2018
ER -