| Google’s Android is an operating system design for mobile device. Asthe rapid evolution of mobile device, Android is becoming the most widelyused operating system for mobile platform. While deployed world-wide, thereexists a huge number of security deficiency for Android. Even the AndroidOS has already enforced many security policies such as permission control forapps, users often expose privacy information to attacker due to the system’s defensive privacy protecting policy, and it is still difficult for existing Androidusers to setup and control this security mechanism.In this paper we study the Android security problem, especially Androidmalware and Android security enhancement, in depth. We first propose asystematic approach for analyzing current Android malware. The approach isbased on basic features of Android malware such as information leakage andmisuse of Android permissions. A real world sample of malicious appdetection and analysis is given to prove that using our approach to analyzesuspicious Android app and detect the malicious one is efficient and effective.Then we design and implement a a data-centric security enhancement schemeto actively restrict privacy violation on Android. The main idea is to first buildtrusted database by introducing secure enhanced kernel and data-at-restencryption. Then, the system enforces an isolation of applications with privacy data access privilege mode. We compared our scheme with otherheavyweight isolation scheme and the result shows that the overhead is alsocontrolled into an acceptable range. |
PDF Full Text Request