Skip to main content
SpringerLink
Log in

POSTER: Semantics-Aware Rule Recommendation and Enforcement for Event Paths

  • Conference paper
Security and Privacy in Communication Networks (SecureComm 2015)

Abstract

With users’ increasing awareness of security and privacy issues, Android’s permission mechanism and other existing methods fall short to provide effective protection over user data. This paper presents SARRE, a Semantics-Aware Rule Recommendation and Enforcement system to detect critical information outflows and prevent information leakage. SARRE leverages runtime monitoring and statistical analysis to identify system event paths. Then, an online recommendation algorithm is developed to automatically assign and enforce a semantics-aware security rule to each event path. Our preliminary results on real-world malware samples and popular apps from Google Play show that the recommended rules by our system are effective in preventing information leakage and enabling protection policies for users’ private data.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Android still triggers the most mobile malware. http://goo.gl/FXTGsi

  2. Malware with package name com.nicky.lyyws.xmall. http://goo.gl/U7D2FW

  3. Malware with package name com.yxx.jiejie. http://goo.gl/CpkioI

  4. Mobile malware sharing website. http://goo.gl/YNIOLg

  5. Chakraborty, S., Shen, C., Raghavan, K.R., Shoukry, Y., Millar, M., Srivastava, M.: ipShield: a framework for enforcing context-aware privacy. In: NSDI (2014). USENIX

    Google Scholar 

  6. Demetriou, S., Zhou, X., Naveed, M., Lee, Y., Yuan, K., Wang, X., Gunter, C.A.: What’s in your dongle and bank account? mandatory and discretionary protection of android external resources. In: NDSS (2015)

    Google Scholar 

  7. Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: ACM TOCS (2014)

    Google Scholar 

  8. Zhou, Y., Zhang, X., Jiang, X., Freeh, V.W.: Taming information-stealing smartphone applications (on android). In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) Trust 2011. LNCS, vol. 6740, pp. 93–107. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. George Washington University, Washington D.C., 20052, USA

    Yongbo Li, Fan Yao, Tian Lan & Guru Venkataramani

Authors
  1. Yongbo Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fan Yao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tian Lan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Guru Venkataramani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yongbo Li .

Editor information

Editors and Affiliations

  1. The University of Texas at Dallas, Richardson, Texas, USA

    Bhavani Thuraisingham

  2. Indiana University at Bloomington, Bloomington, Indiana, USA

    XiaoFeng Wang

  3. SRI International, Menlo Park, California, USA

    Vinod Yegneswaran

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Li, Y., Yao, F., Lan, T., Venkataramani, G. (2015). POSTER: Semantics-Aware Rule Recommendation and Enforcement for Event Paths. In: Thuraisingham, B., Wang, X., Yegneswaran, V. (eds) Security and Privacy in Communication Networks. SecureComm 2015. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 164. Springer, Cham. https://doi.org/10.1007/978-3-319-28865-9_33

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-28865-9_33

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-28864-2

  • Online ISBN: 978-3-319-28865-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation