david barrera, h. güne¸s kayacık , p.c. van oorschot , anil somayaji
DESCRIPTION
A Methodology for Empirical Analysis of Permission-Based Security Models and its Application to Android. Carleton University, Ottawa , ON, Canada ACM CCS(2010). David Barrera, H. Güne¸s Kayacık , P.C. van Oorschot , Anil Somayaji. Agenda. Introduction Access control systems - PowerPoint PPT PresentationTRANSCRIPT
A METHODOLOGY FOR EMPIRICAL ANALYSIS OFPERMISSION-BASED SECURITY MODELSAND ITS APPLICATION TO ANDROIDDavid Barrera, H. Güne¸s Kayacık, P.C. van Oorschot, Anil SomayajiCarleton University, Ottawa, ON, Canada ACM CCS(2010)
Agenda Introduction Access control systems Permission-Based Security Related Work Android Permission Model Self-Organizing Maps(SOM) Result Further Discussion&Conclusion
Introduction Restrict actions on specific resources
Access control lists (ACLs) permission-based security models
Empirical analysis Objectives
investigate how the permission-based system in Android is used in practice
Identify the strengths and limitations of the current implementation
Introduction Android uses ACLs extensively to
mediate inter-process communication (IPC) and to control access to special functionality on the device Advantages
Prevent malware inform users what applications are capable of
doing once installed Contribution
a novel methodology for exploring and empirically analyzing permission-based models
Access control lists allows a subject to perform an action on an object only if the subject has been assigned the necessary permissions.
More sophisticated ACL-based systems allow the specification of a complex policy to control more parameters of how an object can be accessed.
Each ACL only restricts access to one action.
Access control systems
Permission-Based Security Android requires that developers declare in a
manifest a list of permissions which the user must accept prior to installing an application
Google Chrome web browser uses a permission-based architecture in its extension system
Blackberry OS enforces through signature validation that an application has been granted permissions to access the controlled APIs
Related Work Enck et al. describe the design and
implementation of a framework to detect potentially malicious applications based on permissions requested by Android applications
Barth et al. analyzed 25 browser extensions for Firefox and identified that 78% are given more privileges than necessary
Android Permission Model Android Market Android applications are written in Java
syntax and each run in a custom virtual machine known as Dalvik
Any third party application can define new Functionality
Android Permission Model Every application written for the Android
platform must include an XML-formatted file named AndroidManifest.xml.
Permissions are enforced by Android at runtime, but must be accepted by the user at install time
Android Permission Model we used the Android Asset Packaging
Tool to extract the manifest and read all XML entries of type uses-permission x = [x1, x2, …, xj ]T {0, 1}j
xj:the permission j is requested Some error
Duplicate permission error Request permission that do not exist
Self-Organizing Maps(SOM) SOM is a type of neural network
algorithm, which employs unsupervised learning
Characteristics: SOM provides a 2-dimensional visualization
of the high dimensional data the component analysis of SOM can identify
correlation between permissions.
Self-Organizing Maps(SOM)
Self-Organizing Maps(SOM)
Results Effectively clustering the applications
requesting similar permissions into the same neighborhood.
Winner-take-all Applications from different categories
can request similar sets of permissions
Results a.p.INTERNET permission is requested by
the majority of applications in our dataset (over 60%)
Results The analysis of component planes can
reveal correlations between permissions a.p.INTERNET permission fails to provide
sufficiently fine-grained control of the resources
Many permissions are requested by only a few applications.
Further Discussion&Conclusion Having finer-grained permissions in a permission-
based system enables users to have detailed control over what actions are allowed to take place
Enhancements: Logical permission grouping→fine-grained hierarchical
permission Logically grouping all self-defined permissions under
one category Hope that the SOM-based methodology, including
visualization, is of use to others exploring independent permission-based models