摘要(英) |
Smartphone has gain a lot of attention in recent years. It pro-
vides lots of important features such as checking bank accounts and
receive emails. It has been as important as a PC nowadays. As the
importance of smartphone arise, the security has became a signicant
consideration. Currently, Google has developed an operating system
Android with highest market share. So it has been a main target for
attackers.
Among the attack methods, Root Escalation is one of the most
frequently used method to attack Android system. Once the attacker
gain root privilege of system, he or she can do almost anything they
want, including accessing user′s private data and inject malicious ap-
plications into the phone. This may cause a lot of damage for user.
This paper propose a system called RootGuard. It modies the
Linux kernel underlying the Android framework to achieve detecting
any illegal behaviours in the system. Further more, it stops the ma-
licious applications by applying policies of illegal behaviours. Finally,
this system can prevent user from Root Escalation attack. |
參考文獻 |
[1] BI Intellengence. Chart of the day: Smartphone sales
are on the verge of overtaking feature phone sales.
http://www.businessinsider.com/chart-of-the-day-
smartphones-to-beat-feature-phone-sales-2013-6, June
2013.
[2] Google Inc. Google I/O 2013 keynote. https://developers.
google.com/live/shows/517795853, May 2013.
[3] TrendMicro Inc. 2012 mobile threat and security roundup. http:
//www.trendmicro.com/cloud-content/us/pdfs/security-
intelligence/reports/rpt-repeating-history.pdf, 2013.
[4] Google Inc. Android architecture. http://developer.android.
com/images/system-architecture.jpg, May 2013.
[5] The IEEE and The Open Group. sh - shell, the standard
command language interpreter. http://pubs.opengroup.org/
onlinepubs/9699919799/utilities/sh.html.
[6] Intrepidus Group. Android root source code: Looking at
the c-skills. https://intrepidusgroup.com/insight/2010/09/
android-root-source-code-looking-at-the-c-skills/.
[7] C-Skills. Droid2. http://c-skills.blogspot.tw/2010/08/
droid2.html.
[8] National Vulnerability Database. Vulnerability summary for
cve-2011-1823. http://web.nvd.nist.gov/view/vuln/detail?
vulnId=CVE-2011-1823.
[9] Xuxian Jiang. Gingermaster: First android malware utilizing
a root exploit on android 2.3 (gingerbread). http://www.csc.
ncsu.edu/faculty/jiang/GingerMaster/.
[10] C-Skills. yummy yummy, gingerbreak! http://c-skills.
blogspot.tw/2011/04/yummy-yummy-gingerbreak.htmll.
[11] National Vulnerability Database. Vulnerability summary for
cve-2013-2094. http://web.nvd.nist.gov/view/vuln/detail?
vulnId=CVE-2013-2094.
[12] Joe Damato. A closer look at a recent privilege escalation bug
in linux (cve-2013-2094). http://timetobleed.com/a-closer-
look-at-a-recent-privilege-escalation-bug-in-linux-
cve-2013-2094/.
[13] Xuxian Jiang. Security alert: New sophisticated android malware
droidkungfu found in alternative chinese app markets. http://
www.csc.ncsu.edu/faculty/jiang/DroidKungFu.html.
[14] Lookout. Security alert: Droiddream malware found in ocial
android market. https://blog.lookout.com/blog/2011/03/
01/security-alert-malware-found-in-official-android-
market-droiddream/.
[15] Lookout. Android malware droiddream: How it works.
https://blog.lookout.com/blog/2011/03/02/android-
malware-droiddream-how-it-works/.
[16] Lookout. Security alert: Droiddreamlight, new malware from
the developers of droiddream. https://blog.lookout.com/
blog/2011/05/30/security-alert-droiddreamlight-new-
malware-from-the-developers-of-droiddream/.
[17] William Enck, Peter Gilbert, Byung-Gon Chun, Landon P Cox,
Jaeyeon Jung, Patrick McDaniel, and Anmol N Sheth. Taint-
droid: An information-
ow tracking system for realtime privacy
monitoring on smartphones.
[18] Sven Bugiel, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer,
and Ahmad-Reza Sadeghi. Xmandroid: A new android evolution
to mitigate privilege escalation attacks. Technische Universitat
Darmstadt, Technical Report TR-2011-04, 2011.
[19] Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, and
Marcel Winandy. Privilege escalation attacks on android. In In-
formation Security, pages 346{360. Springer, 2011.
[20] Sven Bugiel, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer,
Ahmad-Reza Sadeghi, and Bhargava Shastry. Towards taming
privilege-escalation attacks on android.
[21] Yajin Zhou, Zhi Wang, Wu Zhou, and Xuxian Jiang. Hey, you,
get o of my market: Detecting malicious apps in ocial and
alternative android markets. In NDSS, 2012.
[22] Yeongung Park, ChoongHyun Lee, Chanhee Lee, J Lim, Sangchul
Han, Minkyu Park, and Seong-Je Cho. Rgbdroid: a novel
response-based approach to android privilege escalation attacks.
In Proceedings of the 5th USENIX conference on Large-Scale Ex-
ploits and Emergent Threats, LEET, volume 12, pages 9{9, 2012.
[23] Oracle vm virtualbox. https://www.virtualbox.org/.
[24] Contagio mobile. http://contagiominidump.blogspot.com/.
[25] Androidrank market analysis, stats and rankings. http://www.
androidrank.org/.
[26] Antutu benchmark. https://play.google.com/store/apps/
details?id=com.antutu.ABenchMark.
[27] Andebench. https://play.google.com/store/apps/details?
id=com.eembc.coremark. |