Skip to main content
SpringerLink
Log in

RbacIP: A RBAC-Based Method for Intercepting and Processing Malicious Applications in Android Platform

  • Conference paper
  • First Online:
Trusted Systems (INTRUST 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9565))

Included in the following conference series:

  • 414 Accesses

Abstract

With the rapid development of Android-based smart phones and pads, android applications show explosive growth. Because third-party application market regulation is lax, many normal applications are embedded malicious code and then many security issues occur. The existing antivirus software cannot intercept malicious behaviors from those repackaged applications in many cases. To solve these problems, we propose a new method called RbacIP, which integrates RBAC into intercept and disposal process of malicious android applications. In RbacIP, the malicious behaviors of applications are monitored by inserting Linux kernel function call dynamically. Exploiting the Netlike technology, the information of malicious behaviors are feedback from the kernel layer to the user layer. On the user layer, depending on the roles assigned, android applications are authorized to the corresponding permissions. According to the characteristics of RBAC, it can achieve the minimum authorization for malicious applications. Meanwhile, to balance the user experience and his privacy protection needs, users are allowed to make fine-grained decision based on RBAC policy, rather than permit or prohibit. Finally, we implemented RbacIP in real android platform. Comprehensive experiments have been conducted, which demonstrate the effectiveness of the proposed method by the comparison with traditional HIPS systems at the malicious programs detection performance and resource consumption.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Alazab, M., Moonsamy, V., Batten, L., et al.: Analysis of malicious and benign android applications. In: 2012 32nd International Conference on Distributed Computing System Workshops, pp. 608–616 (2012)

    Google Scholar 

  2. Stephen, F., Dillon, S., Bing, W.: Manilyzer: automated android malware detection through manifest analysis. In: IEEE 11th International Conference on Mobile Ad Hoc and Sensor Systems, pp. 767–772 (2014)

    Google Scholar 

  3. Patrick, P., Wen-Kai, S.: Static detection of android malware by using permissions and API calls. In: International Conference on Machine Learning and Cybernetics, pp. 82–87 (2015)

    Google Scholar 

  4. Daiyong, Q., Lidong, Z., Fan, Y., et al.: Detection of android malicious apps based on the sensitive behaviors. In: IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom, pp. 877–883 (2014)

    Google Scholar 

  5. Mingshen, S., Min, Z., John, C., et al.: Design and implementation of an android host-based intrusion prevention system. In: Proceedings of the 30th Annual Computer Security Applications Conference (2014)

    Google Scholar 

  6. Wen-Chieh, W., Shih-Hao, H.: DroidDolphin: a dynamic android malware detection framework using big data and machine learning. In: Proceedings of the 2014 Conference on Research in Adaptive and Convergent Systems (2014)

    Google Scholar 

  7. Qiang, W., Jason, C., Konstantin, B., et al.: Authorization recycling in hierarchical RBAC systems. ACM Trans. Inf. Syst. Secur. 14, 3 (2011)

    Google Scholar 

  8. Reinhard, T., Julio, S., Wolfgang, S., et al.: Dead or alive: finding zombie features in the linux kernel. In: Proceedings of the First International Workshop on Feature-Oriented Software Development (2009)

    Google Scholar 

  9. Jemin, L., Hyungshin, K.: Framework for automated power estimation of android applications. In: Proceeding of the 11th Annual International Conference on Mobile Systems, Applications, and Services (2013)

    Google Scholar 

  10. Zheng, S., Shijia, P., Yu-Chi, S., et al.: Headio: zero-configured heading acquisition for indoor mobile devices through multimodal context sensing. In: Proceedings of the 2013 ACM International Joint Conference on Pervasive and Ubiquitous Computing (2013)

    Google Scholar 

  11. Sebastian, F., Bert, A., Gerhard, T., et al.: CoenoFire: monitoring performance indicators of firefighters in real-world missions using smartphones. In: Proceedings of the 2013 ACM International Joint Conference on Pervasive and Ubiquitous Computing (2013)

    Google Scholar 

  12. Chuangang, R., Kai, C., Peng, L.: Droidmarking: resilient software water-marking for impeding android application repackaging. In: Proceedings of the 29th ACM/IEEE International Conference on Automated Software Engineering (2014)

    Google Scholar 

  13. Kun, Y., Jianwei, Z., Yongke, W.: IntentFuzzer: detecting capability leaks of android applications. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (2014)

    Google Scholar 

Download references

Acknowledgement

This work is supported by grants from the China National Science Foundation (Project No. 61502017), China 863 High-tech Programme (Project No. 2015AA016002). The authors would like to thank the anonymous reviewers for their constructive comments.

Author information

Authors and Affiliations

  1. College of Computer Science, Beijing University of Technology, Beijing, China

    Li Lin, Jian Ni, Jian Hu & Jianbiao Zhang

  2. Beijing Key Laboratory of Trusted Computing, Beijing, China

    Li Lin, Jian Ni, Jian Hu & Jianbiao Zhang

  3. National Engineering Laboratory for Critical Technologies of Information Security Classified Protection, Beijing, China

    Li Lin & Jianbiao Zhang

Authors
  1. Li Lin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jian Ni
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jian Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jianbiao Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jian Ni .

Editor information

Editors and Affiliations

  1. Computer Science, Columbia University, New York, New York, USA

    Moti Yung

  2. Key Laboratory of Trusted Computing, Beijing University of Technology, Beijing, China

    Jianbiao Zhang

  3. Key Laboratory of Trusted Computing, Beijing University of Technology, Beijing, China

    Zhen Yang

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Lin, L., Ni, J., Hu, J., Zhang, J. (2016). RbacIP: A RBAC-Based Method for Intercepting and Processing Malicious Applications in Android Platform. In: Yung, M., Zhang, J., Yang, Z. (eds) Trusted Systems. INTRUST 2015. Lecture Notes in Computer Science(), vol 9565. Springer, Cham. https://doi.org/10.1007/978-3-319-31550-8_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-31550-8_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-31549-2

  • Online ISBN: 978-3-319-31550-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation