Android security : on-the-fly security policies update
LogicDroid is a customized Android operating system which contains a security extension based on metric linear-time temporal logic (MTL) to capture privilege escalation attacks. By adding various hooks in Android OS, the call chains among applications and processes can be tracked by the monitor insi...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2015
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/62616 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | LogicDroid is a customized Android operating system which contains a security extension based on metric linear-time temporal logic (MTL) to capture privilege escalation attacks. By adding various hooks in Android OS, the call chains among applications and processes can be tracked by the monitor inside the kernel. The detection algorithm is determined by a security policy specification language. However, a single policy cannot capture all the attack scenarios, LogicDroid needs different policies to be able to handle new forms of attacks. The current implementation of LogicDroid only allows updating of policies by using the offline generated loadable kernel module. Because of the complexity in changing the policy, this Final Year Project was created to simplify the process. The purpose of this project is to modify the structure of LogicDroid’s security monitor so that modification of the policies can be done on-the-fly in a running instance of LogicDroid, without having to do offline compilation. This involves a redesign of the monitor to include a logic interpreter that can take as an input a security policy and updates its enforcement subroutines. The project contains two parts: the first part is the implementation of intermediate interpreter to interpret the policy specification language to string data structure that can be read by the monitor. The second part is to enable a secure path from Application level to Linux kernel to allow updating the policy in a running instance of LogicDroid. |
|---|