Contribution to collective works (Parts of books)
Automatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android
Bartel, Alexandre; Klein, Jacques; Monperrus, Martin et al.
2011In Automatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android (Tech Report)
 

Files


Full Text
AttackSurfaceReduction-tr.pdf
Author postprint (445.09 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
call-graph; android; security; soot; java; static analysis
Abstract :
[en] Android based devices are becoming widespread. As a result and since those devices contain personal and confidential data, the security model of the android software stack has been analyzed extensively. One key feature of the security model is that applications must declare a list of permissions they are using to access resources. Using static analysis, we first extracted a table from the Android API which maps methods to permissions. Then, we use this mapping within a tool we developed to check that applications effectively need all the permissions they declare. Using our tool on a set of android applications, we found out that a non negligible part of the applications do not use all the permissions they declare. Consequently, the attack surface of such applications can be reduced by removing the non-needed permissions.
Disciplines :
Computer science
Identifiers :
UNILU:UL-CHAPTER-2011-185
Author, co-author :
Bartel, Alexandre ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Klein, Jacques ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Monperrus, Martin;  University of Lille, France
Le Traon, Yves ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Language :
English
Title :
Automatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android
Publication date :
2011
Main work title :
Automatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android (Tech Report)
Publisher :
Tech Report
ISBN/EAN :
9782879711072
Pages :
1-11
Commentary :
Tech Report
Available on ORBilu :
since 16 July 2013

Statistics


Number of views
162 (4 by Unilu)
Number of downloads
194 (0 by Unilu)

Bibliography


Similar publications



Contact ORBilu