Towards Transparent and Stealthy Android OS Sandboxing via Customizable Container-Based Virtualization

Song, Wenna; Jiang, Ming; Jiang, Long; Xiang, Yi; Pan, Xuanchen; Fu, Jianming; Peng, Guojun

doi:10.1145/3460120.3484544

Cited by 10 publications

(6 citation statements)

References 47 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Isolating function execution environments is commonly used in cloud to power serverless computing by re-purposing the existing container platforms. However, container-based virtualization techniques [46,98] fail in their coarse-grained isolating level (e.g., the overall Android filesystem), and thus are unable to apply to Deck. Recent work on isolating individual functions [110] may be a promising solution.…”

Section: Discussionmentioning

confidence: 99%

Device-centric Federated Analytics At Ease

Zhang¹,

Qiu²,

Wang³

et al. 2022

Preprint

View full text Add to dashboard Cite

Nowadays, high-volume and privacy-sensitive data are generated by mobile devices, which are better to be preserved on devices and queried on demand. However, data analysts still lack a uniform way to harness such distributed on-device data. In this paper, we propose a data querying system -Deck, that enables flexible device-centric federated analytics. The key idea of Deck is to bypass the app developers but allow the data analysts to directly submit their analytics code to run on devices, through a centralized query coordinator service. Deck provides a list of standard APIs to data analysts and handles most of the device-specific tasks underneath. Deck further incorporates two key techniques: (i) a hybrid permission checking mechanism and mandatory cross-device aggregation to ensure data privacy; (ii) a zero-knowledge statistical model that judiciously trades off query delay and query resource expenditure on devices. We fully implement Deck and plug it into 20 popular Android apps. An in-the-wild deployment on 1,642 volunteers shows that Deck significantly reduces the query delay by up to 30× compared to baselines. Our microbenchmarks also demonstrate that the standalone overhead of Deck is negligible.

show abstract

Section: Discussionmentioning

confidence: 99%

Device-centric Federated Analytics At Ease

Zhang¹,

Qiu²,

Wang³

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

“…The reason is that we cannot make assumptions about code that does and does not execute. Other works [22,86,93] have faced a similar problem; however, they addressed it for their specific use case: [86] only compared the number of file operations, while [22,93] examined different forms of a call graph. Therefore, we measured the differences between the events in the execution traces by dividing them into 11 high-level categories related to the workings of Android: 1) Accessibility Service (a11y), 2) Broadcast Receivers (BR), 3) Command Line Interface commands (CLI), 4) Content Providers (CP), 5) Dangerous APIs (DAPI), 6) Dynamic Code Loading (DCL), 7) File System (FS), 8) Inter-Process Communication (IPC), 9) Network (NET), 10) Requests for Permissions (PERM), and 11) Systems Services (SS).…”

Section: Bluerun Vs Redrunmentioning

confidence: 99%

“…According to [86], we grouped current Android sandboxes for malware analysis based on the technique on which they are based. There are currently no Android malware sandboxes based on applevel virtualization, so this solution was not considered.…”

Section: Related Work On Android Sandboxesmentioning

confidence: 99%

“…In [86], an Android OS-level sandbox framework via container-based virtualization that overcame the limitations of the previous works, integrating with the principle of anti-evasion. In particular, VPBox offers complete device virtualization for all the device components (e.g., WiFi, Camera), minimizing the artifacts in the VPs, and it can customize the virtual device configurations (e.g., OS version) for each VP.…”

Section: Related Work On Android Sandboxesmentioning

confidence: 99%

“…In Android, sandboxes are often implemented as emulators [96] or as containers [86]. However, at the time of writing, none of the current Android sandboxes meet the anti-evasion, maintainability, and scalability criteria at once.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Unmasking the Veiled: A Comprehensive Analysis of Android Evasive Malware

Ruggia,

Nisi,

Dambra

et al. 2024

Proceedings of the 19th ACM Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

Secure Smartphone

Donon,

Künzler,

Jasinski

et al. 2023

Trends in Data Protection and Encryption Technologies

View full text Add to dashboard Cite

Secure smartphones highlight the privacy and data safety issues in off-the-shelf smartphones and the need for secure smartphones to address these concerns. The hardening of smartphones, a process intended to eliminate means of attack by patching vulnerabilities and turning off nonessential services, is, therefore, key to making them more secure. Unfortunately, as the mobile smartphone ecosystem grows, security threats and data breaches have increased dramatically. Furthermore, the continuing concentration of consumer data in the hands of a few, with the acquisition of WhatsApp by Facebook in 2015 as a prominent example, has raised serious concerns regarding the use and commercialization of such data. While it is unrealistic to proactively protect ourselves from all the threats they may imply, more secure smartphone options will become available.

show abstract

Towards Transparent and Stealthy Android OS Sandboxing via Customizable Container-Based Virtualization

Cited by 10 publications

References 47 publications

Device-centric Federated Analytics At Ease

Device-centric Federated Analytics At Ease

Unmasking the Veiled: A Comprehensive Analysis of Android Evasive Malware

Secure Smartphone

Contact Info

Product

Resources

About