Platform-Centric Android Monitoring - Modular and Efficient

We present an add-on for the Android platform, capable of intercepting nearly all interactions between apps or apps with the platform, including arguments of method invocations in a human-readable format. A preliminary performance evaluation shows that the performance penalty of our solution is roughly comparable with similar tools in that area. The advantage of our solution, however, is that it is truly modular in the sense that we do not actually modify the Android platform itself, and can include it even with an already running system. Possible uses of such an add-on are manifold; we discuss one from the area of runtime verification that aims at improving system security.

[1]  Ahmad-Reza Sadeghi,et al.  Towards Taming Privilege-Escalation Attacks on Android , 2012, NDSS.

[2]  Ross J. Anderson,et al.  Aurasium: Practical Policy Enforcement for Android Applications , 2012, USENIX Security Symposium.

[3]  Eleni Stroulia,et al.  Understanding Android Fragmentation with Topic Analysis of Vendor-Specific Bugs , 2012, 2012 19th Working Conference on Reverse Engineering.

[4]  Hendra Gunadi,et al.  Efficient Runtime Monitoring with Metric Temporal Logic: A Case Study in the Android Operating System , 2014, FM.

[5]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[6]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[7]  Xinwen Zhang,et al.  Apex: extending Android permission model and enforcement with user-defined runtime constraints , 2010, ASIACCS '10.

[8]  Seungyeop Han,et al.  These aren't the droids you're looking for: retrofitting android to protect data from imperious applications , 2011, CCS '11.

[9]  Swarat Chaudhuri,et al.  A Study of Android Application Security , 2011, USENIX Security Symposium.

[10]  Michael Backes,et al.  AppGuard - Fine-Grained Policy Enforcement for Untrusted Android Applications , 2013, DPM/SETOP.

[11]  Jan-Christoph Küster,et al.  From Propositional to First-Order Monitoring , 2013, RV.

[12]  Hojung Cha,et al.  AppScope: Application Energy Metering Framework for Android Smartphone Using Kernel Activity Monitoring , 2012, USENIX Annual Technical Conference.

[13]  Fred B. Schneider,et al.  Enforceable security policies , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[14]  Steve Hanna,et al.  A survey of mobile malware in the wild , 2011, SPSM '11.

[15]  Grigore Rosu,et al.  Parametric Trace Slicing and Monitoring , 2009, TACAS.