An Android Security Extension to Protect Personal
Information
against Illegal Accesses and Privilege Escalation Attacks
Yeongung Park1, Chanhee Lee2, Jonghwa Kim2, Seong-Je Cho2*, and Jongmoo Choi2
1The Attached
Institute of ETRI
Yuseong, Daejeon, Korea
santapark@ensec.re.kr
2Dankook University
Yongin-si, Gyeonggi-do, Korea
lchan12@nate.com, {zcbm4321, sjcho, choijm}@dankook.ac.kr
Abstract
Recently, it is widespread for malware to collect
sensitive information owned by third-party applications
as well as to escalate its privilege to the system level
(the highest level) on the Android platform.
An attack of obtaining root-level privilege in an Android
environment can form a serious threat to
users from the viewpoint of breaking down the whole
security system. This paper proposes a new
scheme that effectively prevents privilege escalation
attacks and protects users¡¯ personal information
in Android. Our proposed scheme can detect and respond to
malware that illegally acquires rootlevel
privilege using pWhitelist, a list of trusted programs
with root-level permission. Moreover, the
scheme does not permit even a privileged program to
access users¡¯ personal information based on
the principle of least privilege. As a result, it
protects personal information against illegal accesses
by malicious applications even though they illegally
obtain root-level permissions by exploiting vulnerabilities
of trusted programs.
Keywords: Android,
permission model, personal information, privilege escalation attack,
private data protection
*Corresponding author: Tel: +82-31-8005-3239, Fax:
+82+31-8021-7398
Journal of Internet Services and Information
Security (JISIS), 2(3/4): 29-42, November 2012 [pdf]