Enhancing Mobile Application Security using Priguard Model
DOI:
https://doi.org/10.53555/cse.v2i3.543Keywords:
PriGuard, Binder communication.Abstract
Permissions-based safety model of Android progressively shows its weakness in shielding users confidentiality information. Permitting to the permissions-based security model,an application should have the suitable permissions before ahead various possessions in the mobile. This model can only control an application to access system funds without appropriate permissions, but cannot prevent malevolent admissions to privacy files after the application having obtained permissions. During the installation of an application, the system will swift what permissions the application is requesting. Users have no optimal but to allow all the entreated authorizations if they want to use the application. Once an application is effectively fitted, the system is ncapable to regulator its activities with dynamism, and at this time the application can acquire confidentiality information and send them out lacking the responses of users. Therefore, there is a great security threat of the permissions-based security ideal. This paper explores on different ways to contact users privacy information and suggests a outline named PriGuard for with passion protecting users privacy information based on Binder communication capture technology and feature selection algorithm. Applications customarily call system services slightly by using the Binder mechanism, then contact the implements and obtain information through system facilities.
Downloads
References
R. Johnson, Z. Wang, C. Gagon, and A. Stavrou," Analysis of android applications permissions," in Proc.IEEE Int. Conf. Softw. Secur. Reliab. Companion, SERE-C, 2012, pp.45-46.
D.J. Wu, C.H. Mao, T.E. Wei, H.M. Lee, and K.P. Wu," DroidMat: Android Malware Detection through Manifest and API Calls Tracing," in Proc. Asia. Jt.Conf. Inf. Secur, AsiaJCIS, 2012, pp. 62-69.
C. Gibler, J. Crussell, J. Erickson, and H. Chen, "AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale," in Lect. Notes. Comput. Sci, 2012, pp.291-307.
W. Enck, P. Gilbert, S. Han, V. Tendulkar, B.G. Chun, L.P. Cox, et al, "TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones," ACM Trans. Comput. Syst., vol.32, issue2, June. 2014.
M. Nauman, S. Khan, X. Zhang, "Apex: Extending Android permission model and enforcement with user defined runtime constraints," in Proc. Int. Symp. Inf., Comput. Commun. Secur., ASIACCS, 2010, pp. 328-332.
G. Bai, L. Gu, T. Feng, Y. Guo, X. Chen, "Context-aware usage control for Android," in Lect. Notes Inst. Comput. Sci. Soc. Informatics Telecommun. Eng., 2010, pp. 326-343.
L.L. De Melo, S.D. Zorzo, "PUPDroidPersonalized user privacy mechanism for android," in Conf. Proc.IEEE Int. Conf. Syst. Man Cybern., 2012, pp.1479-1484.
S. Checkoway, H. Shacham, "lago attacks: Why the system call API is a bad untrusted RPC interface," in Int. Conf. Archit. Support. Program. Lang. Oper. Syst, ASPLOS, 2013, pp.253-263.
A. Lin, R. Brown," Application of security policy to role-based access control and the common data security architecture," Comput
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2016 gnpublication@
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
In consideration of the journal, Green Publication taking action in reviewing and editing our manuscript, the authors undersigned hereby transfer, assign, or otherwise convey all copyright ownership to the Editorial Office of the Green Publication in the event that such work is published in the journal. Such conveyance covers any product that may derive from the published journal, whether print or electronic. Green Publication shall have the right to register copyright to the Article in its name as claimant, whether separately
or as part of the journal issue or other medium in which the Article is included.
By signing this Agreement, the author(s), and in the case of a Work Made For Hire, the employer, jointly and severally represent and warrant that the Article is original with the author(s) and does not infringe any copyright or violate any other right of any third parties, and that the Article has not been published elsewhere, and is not being considered for publication elsewhere in any form, except as provided herein. Each author’s signature should appear below. The signing author(s) (and, in