Computer Science ›› 2017, Vol. 44 ›› Issue (Z11): 353-356, 380.doi: 10.11896/j.issn.1002-137X.2017.11A.074

Previous Articles     Next Articles

MacDroid:A Lightweight Kernel-level Mandatory Access Control Framework for Android

LI Ni-ge, MA Yuan-yuan, CHEN Mu, CHEN Lu and XU Min   

  • Online:2018-12-01 Published:2018-12-01

Abstract: Smart terminal has become an important information processing platform in the mobile Internet era,and its security threats are becoming more and more serious.The security protection architecture for traditional computers has been unable to meet the special needs of smart terminal security protection.By analyzing the characteristics and levels of the smart terminal operating system,a lightweight kernel-level mandatory access control framework(MacDroid) was designed.The key issues of MacDroid security policy definition,security policy compilation,security policy implementation and so on were deeply studied in this paper.The MacDroid security policy description language(PSL) was proposed and the PSL lexical and grammar formal definition were given.Finally,the effect of MacDroid access control framework on the behavior of different layers of intelligent mobile terminals was evaluted.The experimental results show that the MacDroid framework has good control effect on application layer,native layer and kernel layer malware behavior of Android smart terminal.()

Key words: Android,Kernel,Mandatory access control,Malware detection

[1] PIRRETTI M,TRAYNOR P,MCDANIEL P,et al.Secure Atrribute-Based Systems[J].Journal of Computer Security,2010,8(5):799-837.
[2] ION I,DRAGOVIC B,CRISPO B.Extending the Java Virtual Machine to Enforce Fine-Grained Security Policies in Mobile Devices[C]∥Proc.of the Annual Computer Security Applications Conference.2007:233-242.
[3] ZHANG X W,ACIIMEZ O,SEIFER J.A Trusted MobilePhone Reference Architecture via Secure Kernel[C]∥Proc.of the ACM workshop on Scalable Trusted Computing.2007:7-14.
[4] ENCK,WILLIAM ONGTANG,et al.On Lightweight Phone Ap-plication Certification[C]∥Proceedings of the 16th ACM Conference on Computer and Communications Security.2009:235-245.
[5] KIRKPATRICK M S,BERTINO E.Enforcing Spatial Constr-aints for Mobile RBAC Systems[C]∥Proc.of the 15th ACM Symposium on Access Control Models and Technologies.2010:99-108.
[6] NAUMAN M,KHAN S,ZHANG X W,et al.Beyond Kernel-Level Integrity Measurement Enabling Remote Attestation for the Android Platform[C]∥International Conference on Trust and Trustworthy Computing.2010:1-15.
[7] NSA.http://selinuxproject.org/page/SEAndroid.
[8] 黄琳雅.基于内核的Android文件访问控制研究[D].北京:北京邮电大学,2012.
[9] 易筱茂.面向Android操作系统的强制访问控制研究[D].北京:中国科学院大学,2015.
[10] 卿斯汉.Android 安全的研究现状与展望[J].电信科学,2016(10):1-8.

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] LEI Li-hui and WANG Jing. Parallelization of LTL Model Checking Based on Possibility Measure[J]. Computer Science, 2018, 45(4): 71 -75, 88 .
[2] XIA Qing-xun and ZHUANG Yi. Remote Attestation Mechanism Based on Locality Principle[J]. Computer Science, 2018, 45(4): 148 -151, 162 .
[3] LI Bai-shen, LI Ling-zhi, SUN Yong and ZHU Yan-qin. Intranet Defense Algorithm Based on Pseudo Boosting Decision Tree[J]. Computer Science, 2018, 45(4): 157 -162 .
[4] WANG Huan, ZHANG Yun-feng and ZHANG Yan. Rapid Decision Method for Repairing Sequence Based on CFDs[J]. Computer Science, 2018, 45(3): 311 -316 .
[5] SUN Qi, JIN Yan, HE Kun and XU Ling-xuan. Hybrid Evolutionary Algorithm for Solving Mixed Capacitated General Routing Problem[J]. Computer Science, 2018, 45(4): 76 -82 .
[6] ZHANG Jia-nan and XIAO Ming-yu. Approximation Algorithm for Weighted Mixed Domination Problem[J]. Computer Science, 2018, 45(4): 83 -88 .
[7] WU Jian-hui, HUANG Zhong-xiang, LI Wu, WU Jian-hui, PENG Xin and ZHANG Sheng. Robustness Optimization of Sequence Decision in Urban Road Construction[J]. Computer Science, 2018, 45(4): 89 -93 .
[8] LIU Qin. Study on Data Quality Based on Constraint in Computer Forensics[J]. Computer Science, 2018, 45(4): 169 -172 .
[9] ZHONG Fei and YANG Bin. License Plate Detection Based on Principal Component Analysis Network[J]. Computer Science, 2018, 45(3): 268 -273 .
[10] SHI Wen-jun, WU Ji-gang and LUO Yu-chun. Fast and Efficient Scheduling Algorithms for Mobile Cloud Offloading[J]. Computer Science, 2018, 45(4): 94 -99, 116 .