Abstract
Smartphones are becoming ubiquitous and we use them for different types of tasks. One problem of using the same device for multiple tasks is that each task requires a different security model. To address this problem, we introduce Droid Mood Swing (DMS), an operating system component that applies different security policies to detected security modes automatically. DMS uses a context manager that tracks the context of the phone from the available sensors. DMS then determines the security mode from the contexts and can impose a number of security measures, namely fine-grained permissions, an intent firewall, a context-aware SD card filesystem, and a permission verification system. The permission verification system uses machine learning techniques to detect suspicious apps and anomalous permission requests. DMS also provides an API that enables third-party developers to make their apps behave differently in different modes. DMS is designed especially for end users and does not compromise the usability of the phone. Device vendors will be able to control configurations (a switching logic and security policies) of the modes through DMS. We implement DMS using the Android Open Source Project (AOSP) and evaluate it in terms of portability, functionality, security, and operational overheads. The evaluation results show that DMS offers a more secure smartphone operating system without incurring any noticeable overhead.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Android kernel features. http://elinux.org/Android_Kernel_Features. Accessed 03 Aug 2017
Android permission. http://developer.android.com/reference/android/Manifest.permission.html. Accessed 30 Aug 2016
Android permission categories. http://developer.android.com/guide/topics/manifest/permission-element.html. Accessed 09 Nov 2015
Antutu benchmark. http://www.antutu.com/en/index.shtml. Accessed 09 Feb 2016
Filesystem in userspace. https://en.wikipedia.org/wiki/Filesystem_in_Userspace. Accessed 09 Mar 2017
Report: Android and iOS apps both leak private data, but one is definitely worse for the enterprise. http://www.techrepublic.com/article/report-android-and-ios-apps-both-leak-private-data-but-one-is-definitely-worse-for-the-enterprise/. Accessed 09 Mar 2017
Allix, K., Bissyandé, T.F., Klein, J., Le Traon, Y.: Androzoo: Collecting millions of android apps for the research community. In: Proceedings of the 13th International Conference on Mining Software Repositories, pp. 468–471. ACM (2016)
Andriotis, P., Sasse, M.A., Stringhini, G.: Permissions snapshots: assessing users’ adaptation to the Android runtime permission model. In: Proceedings of the International Workshop on Information Forensics and Security (WIFS). IEEE (2016)
Backes, M., Bugiel, S., Hammer, C., Schranz, O., von Styp-Rekowsky, P.: Boxify: Full-fledged app sandboxing for stock Android. In: Proceedings of the 24th USENIX Security Symposium, pp. 691–706. USENIX (2015)
Backes, M., Gerling, S., Hammer, C., Maffei, M., von Styp-Rekowsky, P.: AppGuard – enforcing user requirements on android apps. In: Piterman, N., Smolka, S.A. (eds.) TACAS 2013. LNCS, vol. 7795, pp. 543–548. Springer, Heidelberg (2013). doi:10.1007/978-3-642-36742-7_39
Bianchi, A., Fratantonio, Y., Kruegel, C., Vigna, G.: Njas: Sandboxing unmodified applications in non-rooted devices running stock Android. In: Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 27–38. ACM (2015)
Bogaerts, M.: Algorithm to calculate rating based on multiple reviews (using both review score and quantity). https://math.stackexchange.com/questions/942738/algorithm-to-calculate-rating-based-on-multiple-reviews-using-both-review-score, 23 September 2014. Accessed 09 Sep 2017
Breiman, L.: Random forests. J. Mach. Learn. 45(1), 5–32 (2001)
Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.R.: Xmandroid: A new Android evolution to mitigate privilege escalation attacks. Technical report TR-2011-04, Technische Universität Darmstadt (2011)
Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.R., Shastry, B.: Towards taming privilege-escalation attacks on Android. In: Proceedings of the Network and Distributed System Security Symposium (NDSS). The Internet Security (2012)
Cai, L., Chen, H.: Touchlogger: Inferring keystrokes on touch screen from smartphone motion. In: Hot topics in security (HotSec) 2011, p. 9 (2011)
Conti, M., Nguyen, V.T.N., Crispo, B.: CRePE: context-related policy enforcement for android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 331–345. Springer, Heidelberg (2011). doi:10.1007/978-3-642-18178-8_29
Enck, W., Gilbert, P., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, pp. 393–407. USENIX Association (2010)
Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 627–638. ACM (2011)
Gorla, A., Tavecchia, I., Gross, F., Zeller, A.: Checking app. behavior against app. descriptions. In: Proceedings of the 36th International Conference on Software Engineering, pp. 1025–1035. ACM (2014)
Iqbal, M.S., Zulkernine, M.: Sam: A secure anti-malware framework for smartphone operating systems. In: Proceedings of the IEEE Wireless Communications and Networking Conference (WCNC 2016), pp. 1–6. IEEE (2016)
Iqbal, M.S., Zulkernine, M.: Zonedroid: Control your droid through application zoning. In: Proceedings of the 11th International Conference on Malicious and Unwanted Software (MALCON), pp. 113–120. IEEE (2016)
Iqbal, M.S., Zulkernine, M.: Flamingo: A framework for smartphone security context management. In: Proceedings of the 32nd ACM Symposium on Applied Computing (ACM SAC), pp. 563–568. ACM (2017)
Lange, M., Liebergeld, S., Lackorzynski, A., Warg, A., Peter, M.: L4Android: a generic operating system framework for secure smartphones. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 39–50. ACM (2011)
Lin, C.C., Li, H., Zhou, X.y., Wang, X.: Screenmilker: How to milk your Android screen for secrets. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2014)
Marforio, C., Ritzdorf, H., Francillon, A., Capkun, S.: Analysis of the communication between colluding applications on modern smartphones. In: Proceedings of the 28th Annual Computer Security Applications Conference, pp. 51–60. ACM (2012)
Nauman, M., Khan, S., Zhang, X.: Apex: extending Android permission model and enforcement with user-defined runtime constraints. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 328–332. ACM (2010)
Russello, G., Conti, M., Crispo, B., Fernandes, E.: Moses: supporting operation modes on smartphones. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, pp. 3–12. ACM (2012)
Schlegel, R., Zhang, K., Zhou, X.y., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. In: Proceedings of the Network and Distributed System Security Symposium (NDSS), vol. 11, pp. 17–33 (2011)
Schreckling, D., Köstler, J., Schaff, M.: Kynoid: real-time enforcement of fine-grained, user-defined, and data-centric security policies for Android. Inf. Secur. Tech. Rep. 17(3), 71–80 (2013)
Seo, J., Kim, D., Cho, D., Kim, T., Shin, I.: Flexdroid: Enforcing in-app privilege separation in android. In: Proceedings of the Network and Distributed System Security Symposium (NDSS), pp. 1–53 (2016)
Smalley, S., Craig, R.: Security enhanced (se) Android: Bringing flexible mac to Android. In: Proceedings of the 20th Annual Network and Distributed System Security (NDSS) Symposium, vol. 310, pp. 20–38 (2013)
Vecchiato, D., Vieira, M., Martins, E.: Risk assessment of user-defined security configurations for Android devices. In: 27th International Symposium on Software Reliability Engineering (ISSRE), pp. 467–477. IEEE (2016)
VirusTotal: Virustotal is a free service that analyzes suspicious files and urls and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware (2017). https://www.virustotal.com/. Accessed 03 Aug 2017
Wang, X., Sun, K., Wang, Y., Jing, J.: Deepdroid: Dynamically enforcing enterprise policy on Android devices. In: Proceedings of the 22nd Annual Network and Distributed System Security Symposium (NDSS 2015) (2015)
Wei, X., Valler, N.C., Madhyastha, H.V., Neamtiu, I., Faloutsos, M.: Characterizing the behavior of handheld devices and its implications. Comput. Netw. 114, 1–12 (2017)
Xu, W., Zhang, F., Zhu, S.: Permlyzer: Analyzing permission usage in android applications. In: Proceedings of the 24th International Symposium on Software Reliability Engineering (ISSRE), pp. 400–410. IEEE (2013)
Xu, Z., Bai, K., Zhu, S.: Taplogger: Inferring user inputs on smartphone touchscreens using on-board motion sensors. In: Proceedings of the 5th ACM conference on Security and Privacy in Wireless and Mobile Networks, pp. 113–124. ACM (2012)
Zhauniarovich, Y., Russello, G., Conti, M., Crispo, B., Fernandes, E.: Moses: supporting and enforcing security profiles on smartphones. IEEE Trans. Dependable Secure Comput. 11(3), 211–223 (2014)
Zhou, Y., Jiang, X.: Dissecting Android malware: characterization and evolution. In: Proceedings of the IEEE Symposium on Security and Privacy (SP), pp. 95–109. IEEE (2012)
Acknowledgment
This work is partially supported by the Natural Sciences and Engineering Research Council of Canada (NSERC) and the Canada Research Chairs (CRC) program.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Iqbal, M.S., Zulkernine, M. (2017). Droid Mood Swing (DMS): Automatic Security Modes Based on Contexts. In: Nguyen, P., Zhou, J. (eds) Information Security. ISC 2017. Lecture Notes in Computer Science(), vol 10599. Springer, Cham. https://doi.org/10.1007/978-3-319-69659-1_18
Download citation
DOI: https://doi.org/10.1007/978-3-319-69659-1_18
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-69658-4
Online ISBN: 978-3-319-69659-1
eBook Packages: Computer ScienceComputer Science (R0)