Please use this identifier to cite or link to this item: doi:10.22028/D291-26492
Title: AppGuard — fine-grained policy enforcement for untrusted android applications
Author(s): Backes, Michael
Gerling, Sebastian
Hammer, Christian
Maffei, Matteo
von Styp-Rekowsky, Philipp
Language: English
Year of Publication: 2013
Free key words: security
DDC notations: 004 Computer science, internet
Publikation type: Report
Abstract: Android’s success makes it a prominent target for malicious software. However, the user has very limited control over security-relevant operations. This work presents AppGuard, a powerful and flexible security system that overcomes these deficiencies. It enforces user-defined security policies on untrusted Android applications without requiring any changes to a smartphone’s firmware, root access, or the like. Finegrained and stateful security policies are expressed in a formal specification language, which also supports secrecy requirements. Our system offers complete mediation of security-relevant methods based on calleesite inline reference monitoring and supports widespread deployment. In the experimental analysis we demonstrate the removal of permissions for overly curious apps as well as how to defend against several recent real-world attacks on Android phones. Our technique exhibits very little space and runtime overhead. The utility of AppGuard has already been demonstrated by more than 1,000,000 downloads.
Link to this record: urn:nbn:de:bsz:291-scidok-52763
Series name: Technischer Bericht / A / Fachbereich Informatik, Universität des Saarlandes
Series volume: 2013/02
Date of registration: 17-May-2013
Faculty: MI - Fakultät für Mathematik und Informatik
Department: MI - Informatik
Collections:SciDok - Der Wissenschaftsserver der Universität des Saarlandes

Files for this record:
File Description SizeFormat 
AppGuard_Fine_grained.pdf1,64 MBAdobe PDFView/Open

Items in SciDok are protected by copyright, with all rights reserved, unless otherwise indicated.