skip to main content
10.1145/3134600.3134638acmotherconferencesArticle/Chapter ViewAbstractPublication PagesacsacConference Proceedingsconference-collections
research-article
Public Access

Analysis of SEAndroid Policies: Combining MAC and DAC in Android

Published: 04 December 2017 Publication History

Abstract

Android has become a dominant computing platform, and its popularity has coincided with a surge of malware. The incorporation of Security-Enhanced Linux in Android (SEAndroid) is an important security enhancement to the platform. While SEAndroid adds the benefits of mandatory protection that SELinux brought to desktops and servers, the protection is only as good as the policy. Existing Android devices contain a wide variety of SEAndroid policies, depending on both the version of Android as well as the device manufacturer. In this paper, we present an approach to analyze SEAndroid policies in conjunction with the underlying Linux/Unix Discretionary Access Control policies. We apply our approach to four different versions of Android Open Source Project (AOSP) as well as devices from seven different manufacturers, and find several forms of unintentional privilege assignments.

References

[1]
-. Android Census. https://census.tsyrklevich.net/. (-). (Accessed June 2017).
[2]
-. Android Developers Guide. https://developer.android.com/guide/index.html. (-). (Accessed June 2017).
[3]
-. audit2allow. http://linux.die.net/man/1/audit2allow. (-). (Accessed June 2017).
[4]
-. Media Framework Hardening. https://source.android.com/devices/media/framework-hardening. (-). (Accessed June 2017).
[5]
-. SEAL. https://github.com/seandroid-analytics/seal. (-). (Accessed June 2017).
[6]
-. SELint. https://github.com/seandroid-analytics/selint. (-). (Accessed June 2017).
[7]
-. SETools. https://github.com/TresysTechnology/setools. (-). (Accessed June 2017).
[8]
Yousra Aafer, Xiao Zhang, and Wenliang Du. 2016. Harvesting Inconsistent Security Configurations in Custom Android ROMs via Differential Analysis. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, TX, 1153--1168.
[9]
Lee Badger, Daniel F. Sterne, David L. Sherman, Kenneth M. Walker, and Sheila A. Haghighat. 1995. A Domain and Type Enforcement UNIX Prototype. In Proceedings of the 5th Conference on USENIX UNIX Security Symposium - Volume 5 (SSYM'95). USENIX Association, Berkeley, CA, USA, 1.
[10]
Hong Chen, Ninghui Li, and Ziqing Mao. 2009. Analyzing and Comparing the Protection Quality of Security Enhanced Operating Systems. In Proceedings of the 2009 Network and Distributed Systems Security Symposium (NDSS'09).
[11]
Amir Eaman, Bahman Sistany, and Amy Felty. 2017. Review of Existing Analysis Tools for SELinux Security Policies: Challenges and a Proposed Solution. In Proceedings of the 7th International Conference on E-Technologies: Embracing the Internet of Things (MCETECH'17). 116--135.
[12]
William Enck, Machigar Ongtang, and Patrick McDaniel. 2009. Understanding Android Security. IEEE Security & Privacy Magazine 7, 1 (January/February 2009), 50--57.
[13]
Boniface Hicks, Sandra Rueda, Luke St.Clair, Trent Jaeger, and Patrick McDaniel. 2010. A Logical Specification and Analysis for SELinux MLS Policy. ACM Trans. Inf. Syst. Secur. 13, 3, Article 26 (July 2010), 31 pages.
[14]
Trent Jaeger, Reiner Sailer, and Umesh Shankar. 2006. PRIMA: Policy-reduced Integrity Measurement Architecture. In Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies (SACMAT'06). ACM, New York, NY, USA, 19--28.
[15]
Trent Jaeger, Reiner Sailer, and Xiaolan Zhang. 2003. Analyzing Integrity Protection in the SELinux Example Policy. In Proceedings of the 12th Conference on USENIX Security Symposium - Volume 12 (SSYM'03). USENIX Association, Berkeley, CA, USA, 5--5.
[16]
Trent Jaeger, Reiner Sailer, and Xiaolan Zhang. 2004. Resolving Constraint Conflicts. In Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies (SACMAT'04). ACM, New York, NY, USA, 105--114.
[17]
Trent Jaeger, Xiaolan Zhang, and Antony Edwards. 2003. Policy Management Using Access Control Spaces. ACM Trans. Inf. Syst. Secur. 6, 3 (Aug. 2003), 327--364.
[18]
Peter Loscocco and Stephen Smalley. 2001. Integrating Flexible Support for Security Policies into the Linux Operating System. In Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference. USENIX Association, Berkeley, CA, USA, 29--42.
[19]
QuarkSecurity. 2017. SELinux Policy Analysis Notebook (SPAN). https://github.com/QuarkSecurity/SPAN/. (2017). (Accessed June 2017).
[20]
Elena Reshetova, Filippo Bonazzi, Thomas Nyman, Ravishankar Borgaonkar, and N. Asokan. 2015. Characterizing SEAndroid Policies in the Wild. CoRR abs/1510.05497 (2015). http://arxiv.org/abs/1510.05497
[21]
Ravi S. Sandhu. 1993. Lattice-Based Access Control Models. Computer 26, 11 (Nov. 1993), 9--19.
[22]
Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, and Charles E. Youman. 1996. Role-Based Access Control Models. Computer 29, 2 (Feb. 1996), 38--47.
[23]
A. Sasturkar, Ping Yang, S. D. Stoller, and C. R. Ramakrishnan. 2006. Policy analysis for administrative role based access control. In 19th IEEE Computer Security Foundations Workshop (CSFW'06).
[24]
Security-Enhanced Linux in Android -. Security-Enhanced Linux in Android. https://source.android.com/security/selinux/. (-). (Accessed June 2017).
[25]
Zimperium security firm. 2015. Stagefright. https://blog.zimperium.com/stagefright-vulnerability-details-stagefright-detector-tool-released/. (2015).
[26]
Umesh Shankar, Trent Jaeger, and Reiner Sailer. 2006. Toward Automated Information-Flow Integrity Verification for Security-Critical Applications. In Proceedings of the 2006 Network and Distributed Systems Security Symposium (NDSS'06). 267--280.
[27]
Stephen Smalley and Robert Craig. Security Enhanced (SE) Android: Bringing Flexible MAC to Android. In Proceedings of the 20th Network and Distributed System Security Symposium (NDSS'13). 20--38.
[28]
Brian T. Sniffen, David R. Harris, and John D. Ramsdell. 2006. Guided Policy Generation for Application Authors. SELinux Symposium (2006).
[29]
StatCounter. 2017. Android challenges Windows as worlds most popular operating system in terms of internet usage. http://gs.statcounter.com/press/android-challenges-windows-as-worlds-most-popular-operating-system. (March 2017).
[30]
Hayawardh Vijayakumar, Guruprasad Jakka, Sandra Rueda, Joshua Schiffman, and Trent Jaeger. 2012. Integrity Walls: Finding Attack Surfaces from Mandatory Access Control Policies. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security (ASIACCS'12). ACM, New York, NY, USA, 75--76.
[31]
Ruowen Wang, Ahmed M. Azab, William Enck, Ninghui Li, Peng Ning, Xun Chen, Wenbo Shen, and Yueqiang Cheng. 2017. SPOKE: Scalable Knowledge Collection and Attack Surface Analysis of Access Control Policy for Security Enhanced Android. In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security (ASIACCS'17). ACM, New York, NY, USA, 612--624.
[32]
Ruowen Wang, William Enck, Douglas Reeves, Xinwen Zhang, Peng Ning, Dingbang Xu, Wu Zhou, and Ahmed M. Azab. 2015. EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-scale Semi-supervised Learning. In Proceedings of the 24th USENIX Conference on Security Symposium (SEC'15). USENIX Association, Berkeley, CA, USA, 351--366.
[33]
Wenjuan Xu, Mohamed Shehab, and Gail-Joon Ahn. 2013. Visualization-based Policy Analysis for SELinux: Framework and User Study. Int. J. Inf. Secur. 12, 3 (June 2013), 155--171.
[34]
Wenjuan Xu, Xinwen Zhang, and Gail-Joon Ahn. 2009. Towards System Integrity Protection with Graph-Based Policy Analysis. In Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security. Springer-Verlag, Berlin, Heidelberg, 65--80.
[35]
Giorgio Zanin and Luigi Vincenzo Mancini. 2004. Towards a Formal Model for Security Policies Specification and Validation in the Selinux System. In Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies (SACMAT'04). ACM, New York, NY, USA, 136--145.
[36]
Yury Zhauniarovich and Olga Gadyatskaya. 2016. Small Changes, Big Changes: An Updated View on the Android Permission System. In Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses.

Cited By

View all
  • (2023)SELinux-based operating system security researchSecond International Conference on Applied Statistics, Computational Mathematics, and Software Engineering (ASCMSE 2023)10.1117/12.2691828(21)Online publication date: 23-Aug-2023
  • (2023)Triaging Android Systems Using Bayesian Attack Graphs2023 IEEE Secure Development Conference (SecDev)10.1109/SecDev56634.2023.00031(171-183)Online publication date: 18-Oct-2023
  • (2021)Android Application SecurityResearch Anthology on Securing Mobile Technologies and Applications10.4018/978-1-7998-8545-0.ch034(610-625)Online publication date: 2021
  • Show More Cited By

Index Terms

  1. Analysis of SEAndroid Policies: Combining MAC and DAC in Android

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Other conferences
      ACSAC '17: Proceedings of the 33rd Annual Computer Security Applications Conference
      December 2017
      618 pages
      ISBN:9781450353458
      DOI:10.1145/3134600
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 04 December 2017

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. Android
      2. DAC
      3. MAC
      4. Policy Analysis
      5. SEAndroid

      Qualifiers

      • Research-article
      • Research
      • Refereed limited

      Funding Sources

      Conference

      ACSAC 2017

      Acceptance Rates

      Overall Acceptance Rate 104 of 497 submissions, 21%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)268
      • Downloads (Last 6 weeks)35
      Reflects downloads up to 17 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2023)SELinux-based operating system security researchSecond International Conference on Applied Statistics, Computational Mathematics, and Software Engineering (ASCMSE 2023)10.1117/12.2691828(21)Online publication date: 23-Aug-2023
      • (2023)Triaging Android Systems Using Bayesian Attack Graphs2023 IEEE Secure Development Conference (SecDev)10.1109/SecDev56634.2023.00031(171-183)Online publication date: 18-Oct-2023
      • (2021)Android Application SecurityResearch Anthology on Securing Mobile Technologies and Applications10.4018/978-1-7998-8545-0.ch034(610-625)Online publication date: 2021
      • (2021)Ghost in the Binder: Binder Transaction Redirection Attacks in Android System ServicesProceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security10.1145/3460120.3484801(1581-1597)Online publication date: 12-Nov-2021
      • (2021)The Android Platform Security ModelACM Transactions on Privacy and Security10.1145/344860924:3(1-35)Online publication date: 28-Apr-2021
      • (2021)SEPAL: Towards a Large-scale Analysis of SEAndroid Policy CustomizationProceedings of the Web Conference 202110.1145/3442381.3450007(2733-2744)Online publication date: 19-Apr-2021
      • (2021)SEFlowViz: A Visualization Tool for SELinux Policy Analysis2021 12th International Conference on Information and Communication Systems (ICICS)10.1109/ICICS52457.2021.9464541(439-444)Online publication date: 24-May-2021
      • (2021)Challenges and pitfalls in malware researchComputers and Security10.1016/j.cose.2021.102287106:COnline publication date: 1-Jul-2021
      • (2020)BIGMACProceedings of the 29th USENIX Conference on Security Symposium10.5555/3489212.3489228(271-287)Online publication date: 12-Aug-2020
      • (2020)SLR-SELinuxWireless Communications & Mobile Computing10.1155/2020/88669962020Online publication date: 26-Oct-2020
      • Show More Cited By

      View Options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Login options

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media