Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security 2015
DOI: 10.1145/2714576.2714598
|View full text |Cite
|
Sign up to set email alerts
|

Hybrid User-level Sandboxing of Third-party Android Apps

Abstract: Users of Android phones increasingly entrust personal information to third-party apps. However, recent studies reveal that many apps, even benign ones, could leak sensitive information without user awareness or consent. Previous solutions either require to modify the Android framework thus significantly impairing their practical deployment, or could be easily defeated by malicious apps using a native library.In this paper, we propose AppCage, a system that thoroughly confines the run-time behavior of third-par… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
9
0

Year Published

2015
2015
2017
2017

Publication Types

Select...
5
4

Relationship

1
8

Authors

Journals

citations
Cited by 24 publications
(9 citation statements)
references
References 32 publications
0
9
0
Order By: Relevance
“…The most notable work in this direction is Native Client [54] and Minibox [36]. There is also ARMLock [57] and AppCage [56], which achieve the same objective using ARM specific techniques. As mentioned in Section IV, these systems can be used to compliment SKEE in confining its environment to guarantee that it will not jump back to the kernel while the SKEE address space is exposed.…”
Section: Performance Enhancementmentioning
confidence: 99%
“…The most notable work in this direction is Native Client [54] and Minibox [36]. There is also ARMLock [57] and AppCage [56], which achieve the same objective using ARM specific techniques. As mentioned in Section IV, these systems can be used to compliment SKEE in confining its environment to guarantee that it will not jump back to the kernel while the SKEE address space is exposed.…”
Section: Performance Enhancementmentioning
confidence: 99%
“…Since an attacker can perform indirect attacks via static or shared libraries used by JNI, SFI also needs to confine memory access by such libraries by masking those two instructions used in such libraries. AppCage [47] applied this design in Android to prevent JNI libraries from accessing restricted APIs.…”
Section: ) Potential Attacksmentioning
confidence: 99%
“…Deepdroid [22] intercepts Binder transactions and traces system calls to provide portability and fine-grained control. The other approaches perform security enforcement at the application layer [8,9,12,17,23,27]. Aurasium [23] uses native library interposing to enforce arbitrary policies at runtime.…”
Section: Compatibilitymentioning
confidence: 99%