tailieunhanh - Firewall-based solution for preventing privilege escalation attacks in android

In this paper, we are proposing a Firewall-based solution for protecting Android operating systems against privilege escalation attacks, mainly, confused deputy attacks and collusion attacks. The proposed Firewall protects the applications that have critical privilege permission. Any other applications without the critical permission will not be able to call protected applications via privilege escalation attacks. | International Journal of Computer Networks and Communications Security C VOL. 2, NO. 9, SEPTEMBER 2014, 318–327 Available online at: ISSN 2308-9830 N C S Firewall-based Solution for Preventing Privilege Escalation Attacks in Android Ali Magdy1, Mohsen Mahros2, Elsayed Hemayed3 1 Bank Misr, Department of Information Comm. Technology, Cairo, Egypt 2, 3 Cairo University, Department of Comm. and Electronics, Cairo, Egypt E-mail: 1alymagdy2013@, 2mohsenmahroos@, 3hemayed@ ABSTRACT In this paper, we are proposing a Firewall-based solution for protecting Android operating systems against privilege escalation attacks, mainly, confused deputy attacks and collusion attacks. The proposed Firewall protects the applications that have critical privilege permission. Any other applications without the critical permission will not be able to call protected applications via privilege escalation attacks. Since the Internet is the door of attack, we consider the permission to access Internet as a critical permission. As such, any application cannot access the Internet directly or indirectly, through privilege escalation, without confirmation of the user disallowing invulnerable leakage of private data. The proposed solution allows also protection to different critical permissions through the creation of multi-critical protection zones. We implemented the multi-critical protection zones by selecting READ_CONTACTS permission and INTERNET permission as critical permissions and the applications having one of these permission or both, they will be protected by our firewall against the privilege escalation attacks. The efficiency and effectiveness of the proposed solution are evaluated in this paper along with the imposed overhead. The evaluation includes the Android with one zone firewall and with two zones firewall. Keywords: Privilege escalation attacks, Android Security, Collusion Attack, Confused Deputy Attack, Excessive privilege .

• Hệ điều hành
• International Journal of Computer Networks and Communications Security
• Firewall based solution
• Preventing privilege escalation attacks in android
• Preventing privilege escalation attacks
• Privilege escalation attack