As the world becomes increasingly reliant on mobile technologies, so has the importance of mobile security in order to protect users and their data. My research focuses on the Android permissions-based security model and enhancing the effectiveness of Android application permission analysis. Android provides a security model in which access to privileged system resources is protected through security mechanisms known as Permissions. By default, an application does not have any privileges, but applications can request additional privileges through these permissions. Prior to installation, an application must explicitly request permissions before it can be installed on an Android device. The user is prompted with a list of the permissions that application is requesting, and the user must choose either to Install (accept those permissions) or Cancel (decline those permissions). However, the application may or may not need all of the permissions that it requests. It is important for users to understand the difference. If an application is under-privileged, it will generate run-time authorization failures. If an application is over-privileged, it may become vulnerable to security attacks. In this paper, I present a novel method in which an Android application can be analyzed to determine the precise set of permissions it needs to run properly and more securely on an Android device. I present the tool ACE4Android, a dynamic analysis tool which, combined with a static analysis tool, will allow application end-users to know that an application has exactly the right permissions it needs at run time.
| Presenter: | William May (Iona College) -- wmay1@iona.edu |
|---|---|
| Topic: | Sciences & Engineering - Poster Session |
| Location: | Edwards Hall Lobby |
| Time: | 1:45 pm (Session III) |
Zotero (Education focus)
5 pm - 6:15 pm
Naturalization Ceremony
11 am - noon
Leadership Program Kick-off
3:30 pm - 5 pm
ADP Distinguished Speaker Series "The Audacity to Heal: Our Rape Culture"
7 pm - 9 pm
Faculty/Staff Campaign Kickoff
noon - 1:30 pm
