An Android Security Extension to Protect Personal Information

against Illegal Accesses and Privilege Escalation Attacks

Yeongung Park¹, Chanhee Lee², Jonghwa Kim², Seong-Je Cho^2*, and Jongmoo Choi²

¹The Attached Institute of ETRI

Yuseong, Daejeon, Korea

santapark@ensec.re.kr

²Dankook University

Yongin-si, Gyeonggi-do, Korea

lchan12@nate.com, {zcbm4321, sjcho, choijm}@dankook.ac.kr

Abstract

Recently, it is widespread for malware to collect sensitive information owned by third-party applications

as well as to escalate its privilege to the system level (the highest level) on the Android platform.

An attack of obtaining root-level privilege in an Android environment can form a serious threat to

users from the viewpoint of breaking down the whole security system. This paper proposes a new

scheme that effectively prevents privilege escalation attacks and protects users’ personal information

in Android. Our proposed scheme can detect and respond to malware that illegally acquires rootlevel

privilege using pWhitelist, a list of trusted programs with root-level permission. Moreover, the

scheme does not permit even a privileged program to access users’ personal information based on

the principle of least privilege. As a result, it protects personal information against illegal accesses

by malicious applications even though they illegally obtain root-level permissions by exploiting vulnerabilities

of trusted programs.

Keywords: Android, permission model, personal information, privilege escalation attack,
private data protection

*Corresponding author: Tel: +82-31-8005-3239, Fax: +82+31-8021-7398