Firewall-based solution for preventing privilege escalation attacks in android

Đăng ngày 4/2/2019 4:00:37 PM | Thể loại: | Lần tải: 0 | Lần xem: 7 | Page: 10 | FileSize: 0.60 M | File type: PDF
Firewall-based solution for preventing privilege escalation attacks in android. In this paper, we are proposing a Firewall-based solution for protecting Android operating systems against privilege escalation attacks, mainly, confused deputy attacks and collusion attacks. The proposed Firewall protects the applications that have critical privilege permission. Any other applications without the critical permission will not be able to call protected applications via privilege escalation attacks.
International Journal of Computer Networks and Communications Security
VOL. 2, NO. 9, SEPTEMBER 2014, 318–327
Available online at: www.ijcncs.org
ISSN 2308-9830
C
N
C
S
Firewall-based Solution for Preventing Privilege Escalation
Attacks in Android
Ali Magdy1, Mohsen Mahros2, Elsayed Hemayed3
1 Bank Misr, Department of Information Comm. Technology, Cairo, Egypt
2, 3 Cairo University, Department of Comm. and Electronics, Cairo, Egypt
E-mail: 1alymagdy2013@yahoo.com, 2mohsenmahroos@msn.com, 3hemayed@ieee.org
ABSTRACT
In this paper, we are proposing a Firewall-based solution for protecting Android operating systems against
privilege escalation attacks, mainly, confused deputy attacks and collusion attacks. The proposed Firewall
protects the applications that have critical privilege permission. Any other applications without the critical
permission will not be able to call protected applications via privilege escalation attacks. Since the Internet
is the door of attack, we consider the permission to access Internet as a critical permission. As such, any
application
cannot
access
the
Internet
directly
or
indirectly,
through
privilege
escalation,
without
confirmation of the user disallowing invulnerable leakage of private data. The proposed solution allows
also protection to different critical permissions through the creation of multi-critical protection zones. We
implemented
the
multi-critical
protection
zones
by
selecting
READ_CONTACTS
permission
and
INTERNET permission as critical permissions and the applications having one of these permission or both,
they
will be protected by our firewall against the privilege escalation attacks. The efficiency and
effectiveness of the proposed solution are evaluated in this paper along with the imposed overhead. The
evaluation includes the Android with one zone firewall and with two zones firewall.
Keywords: Privilege escalation attacks, Android Security, Collusion Attack, Confused Deputy Attack,
Excessive privilege Attack.
1
INTRODUCTION
applications that may have the ability to indirectly
access
and
cannot also
protect
the application's
The Android operating system is one of the most
components that are not protected by a protection
important operating system; its importance is due to
permission. The indirectly access means that an
the wide spread in recent years as an operating
application cannot access a component of another
system for Smart phones and tablet computers. The
application because this application was not granted
wide spread of Android leads to increasing attempts
the
privilege
to
access
this
component
and
of
penetration
and
exploitation
of
its
security
succeeded to access this component by exploiting
weaknesses. Since Android is an open source code,
another
application
in
accessing
to
this
target
it is easier for hackers to study the system and find
component.
its security holes and exploit its weakness.
Due to the defects and weaknesses of the DAC
The behavior of the Android security system is
mechanism,
other
attempts
were
introduced
to
based on identifying the granted permissions and
overcome
these
weaknesses.
For
example,
SE
privileges
that
are
required
by
the
Android
Android
[1]
and
[2]
uses
a
Mandatory
Access
applications at installation time. Then those granted
Control
(MAC)
mechanism
beside
DAC
in
the
permissions
and
privileges
are
used
by
kernel layer. SE Android enforces a system-wide
Discretionary Access Control (DAC) to secure and
security policy over all operations. So it is not
isolate the applications from each other and also
enough
for
an
application
to
own
the
needed
from system resources. However, DAC mechanism
permission and privilege to achieve the required
cannot
protect
the
system
against
malicious
action but also this action must match the system-
319
A. Magdy et. al / International Journal of Computer Networks and Communications Security, 2 (9), September 2014
wide
security
policy.
Even
though
SE
Android