Research On Privacy Protection For Android Platform

With the popularity and the continuous increase of computing power,the smartphone has become an essential tool for entertainment and communication. The Smartphone stores a large amount of personal privacy,such as pictures and videos. Especially, along with the rapid development of mobile Internet and cloud computing, online shopping and mobile payment already have become the main way of consumption to an ordinary user. In addition, in order to improve the work efficiency of employees,some big companies have built their own mobile office system. Although the smartphone provides users with great convenience, this also lead to smartphone carrying more personal privacy and business secrets. As a result, the smartphone security has become the concerns of users. Among all the mobile operating system, android system has become the most main target which malware attacks, duo to open source and the largest market share.To protect user's privacy data, android system provides some protection measures, such as lock-screen, full disk encryption. Furthermore,android system also provides a security framework which includes digital signature verification, permission access control and sandboxing, to inhibit malware. These measures can prevent user's privacy leakage. However,android system still has many security vulnerability. What's worse, these protection ways may be ineffective in a certain environment. For this end,this paper has analyzed vulnerability of android system from actual state,and proposes three kinds of security mechanisms which can consolidate privacy protection. We design and implement separately corresponding original system on real device using the three sorts of security mechanisms on real devices. The result of experiments show our original systems can prevent user's privacy leakage from the smartphone,and its overhead may be ignored to the user. Moreover, our original systems can be deployed on real smartphone.The main contributions of the paper include three parts which are shown in the following:1) When user's smartphone and password of lock-screen are captured by an adversary, privacy data that are stored in user's smartphone will be fully exposed to the attacker. To prevent leakage, researchers utilize hidden volume to hide privacy data. However, these methods present some serious defects, such as, the corruption of corss-boundary of volume and the complexity of storing data in hidden volume. For overcoming these defects, this paper presents a privacy protection technology based on deniable encryption, which can prevent privacy leakage. We have implemented two original systems: MobiMimosa and Refugedroid. MobiMimosa alleviates corruption of cross-boundary of volume, and improves storage space utilization. Furthermore,Refugedroid solves corruption of cross-boundary of volume. Similar to FreeOTFE tool running on desktop PC, they also implement one or multiple hidden volume for storing privacy data using different technology respectively. We also add a system service into original system for providing a series of interfaces which can manage hidden encryption volume. The system service always run in background for monitoring system state, which can implement dynamic protection of privacy. Compared with early plausible deniable encryption system,our original systems have the better interactivity and scalability. The result of performance test show two original system don't have to decrease I/O performance compared with normal android system.2) Duo to a lots of benign application and malware in application market,the environance of running applications is worsening on android system. The sensitive application easily suffer attacks from malware previous researcheres utilize virtual machine technology to build a safe running space for sensitive application. However, it isn't suitable on mobile device, because virtual machine technology need to consume a lot of system resource. This paper presents a trust running framework based on double system space. The framework occupies limited system resource and can be deployed on real mobile device. We design and implement two original systems: MobiGemini and VirtualMobi, which run one of normal system running space and safe system running space.Under the environment, the untrusted application run on normal system space, and the trusted application run on safe system space. This can isolate trusted and untrusted application in the time and space for avoiding attack of malware. A user can quickly switch between normal and safe running system space, and doesn't need rebooting android system. MobiGemini and VirtualMobi also provide an extra advantage respectively: plausible deniability. Especially, VirtualMobi acquires more strong plausible deniability through utilizing virtualization technology. In addition, we implement a novel storing key way which avoids encryption key to store on flash storage. The results of experiment indicate our framework is efficient and can prevent privacy leakage from attack of malware.3) All file stored in internal emulated storage can be accessed, if the application declares read/write permission when being installed. This result in a lot of privacy leakage through installed application. Previous researcheres provide many fine-grain permission control strategy, but they reduce I/O throughout in a big way. This paper provides a protection method of privacy which slightly reduce system performance, and implements fine-grained file access control based on emulated Sdcard storage and detection of ransomware. Similarly, we implement an original system SdGuard, which mainly include two parts: modified fuse daemon and an application which is called Sdguards. The modified fuse daemon implements fine-grained file access control similar to Ext4 file system, and produces a log file which records all file operations. The Sdguards application monitors android system activity stack and analyzes the log file for detecting two types of ransomware. Compared with other original systems, SdGuard avoids to record ID of owner and group of a file into a configuration file. We test our original system on a real device. The results show SdGuard can implement fine-grained file access control on emulated Sdcard storage and detection of ransomware.