An Android Security Extension to Protect Personal Information against Illegal Accesses and Privilege Escalation Attacks – Journal of Internet Services and Information Security

Volume 2 - Issue 3 – 4

An Android Security Extension to Protect Personal Information against Illegal Accesses and Privilege Escalation Attacks

Yeongung Park The Attached Institute of ETRI, Yuseong, Daejeon, Korea
santapark@ensec.re.kr
Chanhee Lee Dankook University, Yongin-si, Gyeonggi-do, Korea
lchan12@nate.com
Jonghwa Kim Dankook University, Yongin-si, Gyeonggi-do, Korea
zcbm4321@dankook.ac.kr
Seong-Je Cho Dankook University, Yongin-si, Gyeonggi-do, Korea
sjcho@dankook.ac.kr
Jongmoo Choi Dankook University, Yongin-si, Gyeonggi-do, Korea
choijm@dankook.ac.kr

DOI: 10.22667/JISIS.2012.11.31.029

Keywords: Android, permission model, personal information, privilege escalation attack, private data protection

Abstract

Recently, it is widespread for malware to collect sensitive information owned by third-party applica- tions as well as to escalate its privilege to the system level (the highest level) on the Android platform. An attack of obtaining root-level privilege in an Android environment can form a serious threat to users from the viewpoint of breaking down the whole security system. This paper proposes a new scheme that effectively prevents privilege escalation attacks and protects users’ personal information in Android. Our proposed scheme can detect and respond to malware that illegally acquires root- level privilege using pWhitelist, a list of trusted programs with root-level permission. Moreover, the scheme does not permit even a privileged program to access users’ personal information based on the principle of least privilege. As a result, it protects personal information against illegal accesses by malicious applications even though they illegally obtain root-level permissions by exploiting vul- nerabilities of trusted programs.

Date

November 2012

Page Number

29-42