On demystifying the android application framework: Re-visiting android permission specification analysis

Michael Backes; Sven Bugiel; Erik Derr; Patrick McDaniel; Damien Octeau; Sebastian Weisgerber

On demystifying the android application framework: Re-visiting android permission specification analysis

Michael Backes, Sven Bugiel, Erik Derr, Patrick McDaniel, Damien Octeau, Sebastian Weisgerber

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

In contrast to the Android application layer, Android’s application framework’s internals and their influence on the platform security and user privacy are still largely a black box for us. In this paper, we establish a static runtime model of the application framework in order to study its internals and provide the first high-level classification of the framework’s protected resources. We thereby uncover design patterns that differ highly from the runtime model at the application layer. We demonstrate the benefits of our insights for security-focused analysis of the framework by re-visiting the important use-case of mapping Android permissions to framework/SDK API methods. We, in particular, present a novel mapping based on our findings that significantly improves on prior results in this area that were established based on insufficient knowledge about the framework’s internals. Moreover, we introduce the concept of permission locality to show that although framework services follow the principle of separation of duty, the accompanying permission checks to guard sensitive operations violate it.

Original language	English (US)
Title of host publication	Proceedings of the 25th USENIX Security Symposium
Publisher	USENIX Association
Pages	1101-1116
Number of pages	16
ISBN (Electronic)	9781931971324
State	Published - Jan 1 2016
Event	25th USENIX Security Symposium - Austin, United States Duration: Aug 10 2016 → Aug 12 2016

Publication series

Name	Proceedings of the 25th USENIX Security Symposium

Conference

Conference	25th USENIX Security Symposium
Country/Territory	United States
City	Austin
Period	8/10/16 → 8/12/16

All Science Journal Classification (ASJC) codes

Information Systems
Safety, Risk, Reliability and Quality
Computer Networks and Communications

Cite this

@inproceedings{cf5ef767f2b8479b807c43cf4de00ce4,

title = "On demystifying the android application framework: Re-visiting android permission specification analysis",

abstract = "In contrast to the Android application layer, Android{\textquoteright}s application framework{\textquoteright}s internals and their influence on the platform security and user privacy are still largely a black box for us. In this paper, we establish a static runtime model of the application framework in order to study its internals and provide the first high-level classification of the framework{\textquoteright}s protected resources. We thereby uncover design patterns that differ highly from the runtime model at the application layer. We demonstrate the benefits of our insights for security-focused analysis of the framework by re-visiting the important use-case of mapping Android permissions to framework/SDK API methods. We, in particular, present a novel mapping based on our findings that significantly improves on prior results in this area that were established based on insufficient knowledge about the framework{\textquoteright}s internals. Moreover, we introduce the concept of permission locality to show that although framework services follow the principle of separation of duty, the accompanying permission checks to guard sensitive operations violate it.",

author = "Michael Backes and Sven Bugiel and Erik Derr and Patrick McDaniel and Damien Octeau and Sebastian Weisgerber",

year = "2016",

month = jan,

day = "1",

language = "English (US)",

series = "Proceedings of the 25th USENIX Security Symposium",

publisher = "USENIX Association",

pages = "1101--1116",

booktitle = "Proceedings of the 25th USENIX Security Symposium",

note = "25th USENIX Security Symposium ; Conference date: 10-08-2016 Through 12-08-2016",

}

Backes, M, Bugiel, S, Derr, E, McDaniel, P, Octeau, D & Weisgerber, S 2016, On demystifying the android application framework: Re-visiting android permission specification analysis. in Proceedings of the 25th USENIX Security Symposium. Proceedings of the 25th USENIX Security Symposium, USENIX Association, pp. 1101-1116, 25th USENIX Security Symposium, Austin, United States, 8/10/16.

On demystifying the android application framework: Re-visiting android permission specification analysis. / Backes, Michael; Bugiel, Sven; Derr, Erik et al.
Proceedings of the 25th USENIX Security Symposium. USENIX Association, 2016. p. 1101-1116 (Proceedings of the 25th USENIX Security Symposium).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - On demystifying the android application framework

T2 - 25th USENIX Security Symposium

AU - Backes, Michael

AU - Bugiel, Sven

AU - Derr, Erik

AU - McDaniel, Patrick

AU - Octeau, Damien

AU - Weisgerber, Sebastian

PY - 2016/1/1

Y1 - 2016/1/1

N2 - In contrast to the Android application layer, Android’s application framework’s internals and their influence on the platform security and user privacy are still largely a black box for us. In this paper, we establish a static runtime model of the application framework in order to study its internals and provide the first high-level classification of the framework’s protected resources. We thereby uncover design patterns that differ highly from the runtime model at the application layer. We demonstrate the benefits of our insights for security-focused analysis of the framework by re-visiting the important use-case of mapping Android permissions to framework/SDK API methods. We, in particular, present a novel mapping based on our findings that significantly improves on prior results in this area that were established based on insufficient knowledge about the framework’s internals. Moreover, we introduce the concept of permission locality to show that although framework services follow the principle of separation of duty, the accompanying permission checks to guard sensitive operations violate it.

AB - In contrast to the Android application layer, Android’s application framework’s internals and their influence on the platform security and user privacy are still largely a black box for us. In this paper, we establish a static runtime model of the application framework in order to study its internals and provide the first high-level classification of the framework’s protected resources. We thereby uncover design patterns that differ highly from the runtime model at the application layer. We demonstrate the benefits of our insights for security-focused analysis of the framework by re-visiting the important use-case of mapping Android permissions to framework/SDK API methods. We, in particular, present a novel mapping based on our findings that significantly improves on prior results in this area that were established based on insufficient knowledge about the framework’s internals. Moreover, we introduce the concept of permission locality to show that although framework services follow the principle of separation of duty, the accompanying permission checks to guard sensitive operations violate it.

UR - http://www.scopus.com/inward/record.url?scp=85076463747&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85076463747&partnerID=8YFLogxK

M3 - Conference contribution

T3 - Proceedings of the 25th USENIX Security Symposium

SP - 1101

EP - 1116

BT - Proceedings of the 25th USENIX Security Symposium

PB - USENIX Association

Y2 - 10 August 2016 through 12 August 2016

ER -

On demystifying the android application framework: Re-visiting android permission specification analysis

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Other files and links

Fingerprint

Cite this