• Title/Summary/Keyword: SEAndroid

Search Result 2, Processing Time 0.014 seconds

SEAndroid Policy Protection Architecture Design and Implementation in Android (안드로이드 시스템 하에서의 SEAndroid 정책 보호 기법 설계 및 구현)

  • Yoo, Seok-man;Park, Jin-Hyung;Lee, Dong-hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.5
    • /
    • pp.1105-1119
    • /
    • 2016
  • Android includes SEAndroid as a core security feature. SELinux is applied to Android OS as a SEAndroid, because there exists structural differences between Linux and Android. Since the security of SEAndroid depends on the reliable policy if the policy is tampered by the attacker, the serious security problems can be occurred. So we must protect policies which are the most important thing in SEAndoroid. In this paper, we analyze the process of SEAndroid policy updating to find out vulnerabilities and study the attack points on policy tampering. And we propose the SPPA to detect whether the policy is modified by an attacker. Moreover, we prove the performance and the effect of our proposed method on mobile device.

An Effective Technique for Protecting Application Data using Security Enhanced (SE) Android in Rooted Android Phones (루팅된 안드로이드 폰에서 SEAndroid를 이용한 효과적인 앱 데이터 보호 기법)

  • Jeong, Youn-sik;Cho, Seong-je
    • Journal of KIISE
    • /
    • v.44 no.4
    • /
    • pp.352-362
    • /
    • 2017
  • This paper analyzes security threats in Security Enhanced (SE) Android and proposes a new technique to efficiently protect application data including private information on rooted Android phones. On an unrooted device, application data can be accessed by the application itself according to the access control models. However, on a rooted device, a root-privileged shell can disable part or all of the access control model enforcement procedures. Therefore, a root-privileged shell can directly access sensitive data of other applications, and a malicious application can leak the data of other applications outside the device. To address this problem, the proposed technique allows only some specific processes to access to the data of other applications including private information by modifying the existing SEAndroid Linux Security Module (LSM) Hook function. Also, a new domain type of process is added to the target system to enforce stronger security rules. In addition, the proposed technique separates the directory type of a newly installed application and the directory type of previously installed applications. Experimental results show that the proposed technique can effectively protect the data of each application and incur performance overhead up to or less than 2 seconds.