计算机科学 ›› 2015, Vol. 42 ›› Issue (Z11): 329-332.

• 信息安全 • 上一篇    下一篇

基于SEAndroid的隐私保护机制研究

温瀚翔,李玉军,侯孟书   

  1. 电子科技大学计算机科学与工程学院 成都 611731,电子科技大学计算机科学与工程学院 成都 611731,电子科技大学计算机科学与工程学院 成都 611731
  • 出版日期:2018-11-14 发布日期:2018-11-14
  • 基金资助:
    本文受国家自然科学基金面上项目(61472067),四川省科技支撑计划(2013GZ006)资助

Research on Privacy Protection Based on SEAndroid

WEN Han-xiang, LI Yu-jun and HOU Meng-shu   

  • Online:2018-11-14 Published:2018-11-14

摘要: 随着移动应用的迅猛发展,安卓手机用户群体日益庞大,而随之不断增加的用户数据也使安卓系统成为恶意攻击者的主要目标。通过对安卓4.4系统中加入的SELinux机制进行分析研究,指出了其中对root权限进行细化限制的可能性,并基于此机制提出了一种增强隐私安全的设计,使得用户的隐私数据即使存在于已获得root权限的手机中,也可以得到有效的保护。

关键词: 安卓,SELinux,强制访问控制,隐私保护

Abstract: With the rapid development of mobile application,the number of Android phone users has increased sharply,and the growing users’ data have made Android system become the main target of malicious attackers.We analyzed and researched the SELinux added in Android 4.4 system to point out the possibility of refining restrictions on root permissions.Based on the mechanism,we put forward a design which can strengthen privacy in order to protect private data even if the data store in the mobile phone which has obtained root permissions.

Key words: Android,SELinux,Mandatory access control,Privacy protection

[1] Aukwy,Zhou Yi-fan,Huang Zhen,et al.PScout:analyzing the Android permission specification [C]∥Proc of ACM Conference on Computer and Communications Security.New York:ACM Press,2012:217-228
[2] Chen K Z,Johnson N,D’silva V,et al.Contextual policy en-forcement in Android programs with permission event graphs[C]∥Proc of the 20th Annual Network and Distributed System Security Symposium.San Diego:Internet Society,2013:455-464
[3] Grace M,Zhou Ya-jin,Wang Zhi,et al.Systematic detection of capability leaks in stock Android smartphones[C]∥Proc of the 19th Annual Symposium on Network and Distributed System Security.San Diego:Internet Society,2012:235-244
[4] Di C F,Girardell A,Michahelles F,et al.Detection of malicious applications on Android OS [C]∥Proc of the 4th International Conference on Computational Forensics.Berlin:Springer,2011:138-149
[5] Felt A P,Chin E,Hanna S,et al.Android permissions demystified [C]∥Proc of the 18th ACM Conference on Computer and Communications Security.New York:ACM Press,2011:627-638
[6] Meurer S,WismüL R.APEFS:an infrastructure for permis-sion-based filtering of Android apps[C]∥Security and Privacy in Mobile Information and Communication Systems.Berlin:Sprin-ger,2012:1-11
[7] Wu Dong-jie,Mao C H,Wei T E,et al.DroidMat:Android malware detection through manifest and API calls tracing[C]∥Proc of the 7th Asia Joint Conference on Information Security.2012:62-69
[8] Nauman M,Khan S,Zhang Xin-wen.Apex:extending Android permission model and enforcement with user-defined runtime constraints[C]∥Proc of the 5th ACM Symposium on Information,Computer and Communications Security.New York:ACM Press,2010:328-332
[9] Benats G,Bandara A,Yu Yi-jun,et al.PrimAndroid:privacy policy modelling and analysis for Android applications[C]∥Proc of IEEE International Symposium on Policies for Distributed Systems and Networks.2011:129-132
[10] Beresford A R,Rice A,Skehin N,et al.MockDroid trading privacy for application functionality on smartphones[C]∥Proc of the 12th Workshop on Mobile Computing Systems and Applications.New York:ACM Press,2011:49-54
[11] Dietz M,Shekhar S,Pisetsky Y,et al.Quire: lightweight provenance for smart phone operating systems[C]∥Proc of the 20th USENIX Security Symposium.Berkeley:USENIX Association,2011:232-241
[12] Bugiel S,Davi L,Dmitrienko A,et al.Towards taming privilege-escalation attacks on Android[C]∥Proc of the 19th Annual Networ & Distributed System Security Symposium.San Diego:Internet Society,2012:18-25
[13] Lu Long,Li Zhi-chun,Wu Zhen-yu,et al.CHEX: statically vetting Android apps for component hijacking vulnerabilities[C]∥Proc of ACM Conference on Computer and Communications Security.New York:ACM Press,2012:229-240
[14] Bugiel S,Davi L,Dmitrienko A,et al.XManDroid: a new Android evolution to mitigate privilege escalation attacks:TR-2011-04[R].Darmstadt:Technische Universitt Darmstadt,2011
[15] Smalley S,Craog R.Security enhanced(SE) Android:bringingflexible MAC to Android[C]∥Proc of the 20th Annual Network & Distributed System Security Symposium.San Diego: Internet Society,2013:75-84
[16] Russell G,Crispo B,Fernandes E,et al.YAASE: yet another Android security extension[C]∥Proc of the 3rd International Conference on Privacy,Security,Risk and Trust Social Computing.USA:IEEE Press,2011:1033-1040

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!