PtmxGuard: An Improved Method for Android Kernel to Prevent Privilege Escalation Attack

Kong, Bin; Liu, Ying; Ma, Luping

doi:10.1051/itmconf/20171205010

Cited by 5 publications

(3 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Attacks Targeting Root Privilege: Attack has been shown in Figure 2 as line 1 [15][16][17]. There are two types of attacks that come under this category one is the Droid kungfu Attack and the other one is the Gooligan attack.…”

Section: Kernel Layermentioning

confidence: 99%

A Review and Case Study on Android Malware: Threat Model, Attacks, Techniques and Tools

Negi

Mishra

Chaudhary

et al. 2021

JCSANDM

View full text Add to dashboard Cite

As android devices have increased in number in the past few years, the android operating system has started dominating the smartphone market. The vast spread of android across all the devices has made security an important issue as the android users continue to grow exponentially. The security of android platform has become the need of the hour in view of increase in the number of malicious apps and thus several studies have emerged to present the detection approaches. In this paper, we review the android components to propose a threat model that illustrates the possible threats that are present in the android. We also present the attack taxonomy to illustrate the possible attacks at various layers of the android architecture. Experiments demonstrating the feature extraction and classification using machine earning algorithms have also been performed.

show abstract

Section: Kernel Layermentioning

confidence: 99%

A Review and Case Study on Android Malware: Threat Model, Attacks, Techniques and Tools

Negi

Mishra

Chaudhary

et al. 2021

JCSANDM

View full text Add to dashboard Cite

show abstract

“…(3) The encrypted executable image hash digest is decrypted according to the public key stored in the executing domain (4) If it can be decrypted, it means that the image header data source is trusted, and the decrypted result can be obtained: the image hash summary can be executed, if it cannot be decrypted; it means that the image source is illegal and untrusted, and the operation of shutdown can be performed (5) Then, hash the executable image at the end of the image. The hash algorithm is a public hash algorithm and must be consistent with the algorithm adopted in the local image production to get the recalculated executable image hash summary (6) Compare the recalculated executable image hash summary with the result of the previous decryption operation (7) If the two hash values are the same, it means that the image is reliable and complete, and the verification is passed; if the two hash values are different, it means that the image is incomplete, and the shutdown operation is performed 4.4. Implementation of the Measurement Method.…”

Section: Wireless Communications and Mobile Computingmentioning

confidence: 99%

“…At present, the Android system is mainly faced with cross script attack, privilege promotion attack, malware attack, privacy stealing attack, replay attack, communication attack, NFC attack, denial of service attack, etc. [4][5][6][7][8][9]. However, for the protection of attacks, most of the current research is in the application layer [10][11][12][13][14][15][16], but these solutions cannot fundamentally solve the security problems encountered by the current mobile terminal, and the terminal may still be threatened by malicious attackers and malware, so we should start from the system layer of the mobile intelligent terminal and build a secure and reliable mobile terminal system from bottom to top to ensure the security of intelligent terminal.…”

Section: Introductionmentioning

confidence: 99%

From Hardware to Operating System: A Static Measurement Method of Android System Based on TrustZone

Hei

Gao

Wang

et al. 2020

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Android system has been one of the main targets of hacker attacks for a long time. At present, it is faced with security risks such as privilege escalation attacks, image tampering, and malicious programs. In view of the above risks, the current detection of the application layer can no longer guarantee the security of the Android system. The security of mobile terminals needs to be fully protected from the bottom to the top, and the consistency test of the hardware system is realized from the hardware layer of the terminal. However, there is not a complete set of security measures to ensure the reliability and integrity of the Android system at present. Therefore, from the perspective of trusted computing, this paper proposes and implements a trusted static measurement method of the Android system based on TrustZone to protect the integrity of the system layer and provide a trusted underlying environment for the detection of the Android application layer. This paper analyzes from two aspects of security and efficiency. The experimental results show that this method can detect the Android system layer privilege escalation attack and discover the rootkit that breaks the integrity of the Android kernel in time during the startup process, and the performance loss of this method is within the acceptable range.

show abstract

A Survey of Privilege Escalation Detection in Android

Hutchinson

Varol

2018

2018 9th IEEE Annual Ubiquitous Computing, Electronics &Amp; Mobile Communication Conference (UEMCON)

View full text Add to dashboard Cite

PtmxGuard: An Improved Method for Android Kernel to Prevent Privilege Escalation Attack

Cited by 5 publications

References 8 publications

A Review and Case Study on Android Malware: Threat Model, Attacks, Techniques and Tools

A Review and Case Study on Android Malware: Threat Model, Attacks, Techniques and Tools

From Hardware to Operating System: A Static Measurement Method of Android System Based on TrustZone

A Survey of Privilege Escalation Detection in Android

Contact Info

Product

Resources

About