Abstract

As smartphones have become an indispensable part of daily life, mobile users are increasingly relying on them to process personal information with feature-rich applications. This situation requires robust security mechanisms for protecting sensitive applications and data on mobile devices. Android, as one the most popular smartphone operating systems, provides two core security mechanisms, application sandboxing and a permission system. However, recent studies show that these mechanisms are vulnerable to be passed by a variety of attacks. In this paper, we argue for the need of designing and implementing more comprehensive security mechanisms for Android. We realize that mediating Inter-Process Communication (IPC) channels used by Android applications can mitigate prominent attacks effectively and efficiently. Based on this observation, we propose a practical multi-layer security framework called TripleMon to support policy-based mediation on Android IPC. We also discuss and evaluate a proof-of-concept prototype of TripleMon along with the experimental results derived from real malware samples and synthetic attacks.

Original languageEnglish (US)
Pages (from-to)405-426
Number of pages22
JournalJournal of Computer Security
Volume24
Issue number4
DOIs
StatePublished - 2016

Fingerprint

Smartphones
Communication
Mobile devices
Android (operating system)
Malware

Keywords

  • Android
  • mandatory access control
  • Mobile security
  • reference monitor
  • system security

ASJC Scopus subject areas

  • Software
  • Safety, Risk, Reliability and Quality
  • Hardware and Architecture
  • Computer Networks and Communications

Cite this

TripleMon : A multi-layer security framework for mediating inter-process communication on Android. / Jing, Yiming; Ahn, Gail-Joon; Hu, Hongxin; Cho, Haehyun; Zhao, Ziming.

In: Journal of Computer Security, Vol. 24, No. 4, 2016, p. 405-426.

Research output: Contribution to journalArticle

Jing, Yiming ; Ahn, Gail-Joon ; Hu, Hongxin ; Cho, Haehyun ; Zhao, Ziming. / TripleMon : A multi-layer security framework for mediating inter-process communication on Android. In: Journal of Computer Security. 2016 ; Vol. 24, No. 4. pp. 405-426.
@article{b8ad85d551574464ae3d98e33916049a,
title = "TripleMon: A multi-layer security framework for mediating inter-process communication on Android",
abstract = "As smartphones have become an indispensable part of daily life, mobile users are increasingly relying on them to process personal information with feature-rich applications. This situation requires robust security mechanisms for protecting sensitive applications and data on mobile devices. Android, as one the most popular smartphone operating systems, provides two core security mechanisms, application sandboxing and a permission system. However, recent studies show that these mechanisms are vulnerable to be passed by a variety of attacks. In this paper, we argue for the need of designing and implementing more comprehensive security mechanisms for Android. We realize that mediating Inter-Process Communication (IPC) channels used by Android applications can mitigate prominent attacks effectively and efficiently. Based on this observation, we propose a practical multi-layer security framework called TripleMon to support policy-based mediation on Android IPC. We also discuss and evaluate a proof-of-concept prototype of TripleMon along with the experimental results derived from real malware samples and synthetic attacks.",
keywords = "Android, mandatory access control, Mobile security, reference monitor, system security",
author = "Yiming Jing and Gail-Joon Ahn and Hongxin Hu and Haehyun Cho and Ziming Zhao",
year = "2016",
doi = "10.3233/JCS-160552",
language = "English (US)",
volume = "24",
pages = "405--426",
journal = "Journal of Computer Security",
issn = "0926-227X",
publisher = "IOS Press",
number = "4",

}

TY - JOUR

T1 - TripleMon

T2 - A multi-layer security framework for mediating inter-process communication on Android

AU - Jing, Yiming

AU - Ahn, Gail-Joon

AU - Hu, Hongxin

AU - Cho, Haehyun

AU - Zhao, Ziming

PY - 2016

Y1 - 2016

N2 - As smartphones have become an indispensable part of daily life, mobile users are increasingly relying on them to process personal information with feature-rich applications. This situation requires robust security mechanisms for protecting sensitive applications and data on mobile devices. Android, as one the most popular smartphone operating systems, provides two core security mechanisms, application sandboxing and a permission system. However, recent studies show that these mechanisms are vulnerable to be passed by a variety of attacks. In this paper, we argue for the need of designing and implementing more comprehensive security mechanisms for Android. We realize that mediating Inter-Process Communication (IPC) channels used by Android applications can mitigate prominent attacks effectively and efficiently. Based on this observation, we propose a practical multi-layer security framework called TripleMon to support policy-based mediation on Android IPC. We also discuss and evaluate a proof-of-concept prototype of TripleMon along with the experimental results derived from real malware samples and synthetic attacks.

AB - As smartphones have become an indispensable part of daily life, mobile users are increasingly relying on them to process personal information with feature-rich applications. This situation requires robust security mechanisms for protecting sensitive applications and data on mobile devices. Android, as one the most popular smartphone operating systems, provides two core security mechanisms, application sandboxing and a permission system. However, recent studies show that these mechanisms are vulnerable to be passed by a variety of attacks. In this paper, we argue for the need of designing and implementing more comprehensive security mechanisms for Android. We realize that mediating Inter-Process Communication (IPC) channels used by Android applications can mitigate prominent attacks effectively and efficiently. Based on this observation, we propose a practical multi-layer security framework called TripleMon to support policy-based mediation on Android IPC. We also discuss and evaluate a proof-of-concept prototype of TripleMon along with the experimental results derived from real malware samples and synthetic attacks.

KW - Android

KW - mandatory access control

KW - Mobile security

KW - reference monitor

KW - system security

UR - http://www.scopus.com/inward/record.url?scp=84984620725&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84984620725&partnerID=8YFLogxK

U2 - 10.3233/JCS-160552

DO - 10.3233/JCS-160552

M3 - Article

VL - 24

SP - 405

EP - 426

JO - Journal of Computer Security

JF - Journal of Computer Security

SN - 0926-227X

IS - 4

ER -