Android security : on-the-fly security policies update
LogicDroid is a customized Android operating system which contains a security extension based on metric linear-time temporal logic (MTL) to capture privilege escalation attacks. By adding various hooks in Android OS, the call chains among applications and processes can be tracked by the monitor insi...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2015
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/62616 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-62616 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-626162023-03-03T20:29:26Z Android security : on-the-fly security policies update Nguyen, Thanh Nam Alwen Fernanto Tiu School of Computer Engineering DRNTU::Engineering::Computer science and engineering::Software::Operating systems LogicDroid is a customized Android operating system which contains a security extension based on metric linear-time temporal logic (MTL) to capture privilege escalation attacks. By adding various hooks in Android OS, the call chains among applications and processes can be tracked by the monitor inside the kernel. The detection algorithm is determined by a security policy specification language. However, a single policy cannot capture all the attack scenarios, LogicDroid needs different policies to be able to handle new forms of attacks. The current implementation of LogicDroid only allows updating of policies by using the offline generated loadable kernel module. Because of the complexity in changing the policy, this Final Year Project was created to simplify the process. The purpose of this project is to modify the structure of LogicDroid’s security monitor so that modification of the policies can be done on-the-fly in a running instance of LogicDroid, without having to do offline compilation. This involves a redesign of the monitor to include a logic interpreter that can take as an input a security policy and updates its enforcement subroutines. The project contains two parts: the first part is the implementation of intermediate interpreter to interpret the policy specification language to string data structure that can be read by the monitor. The second part is to enable a secure path from Application level to Linux kernel to allow updating the policy in a running instance of LogicDroid. Bachelor of Engineering (Computer Science) 2015-04-24T02:26:50Z 2015-04-24T02:26:50Z 2015 2015 Final Year Project (FYP) http://hdl.handle.net/10356/62616 en Nanyang Technological University 50 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering::Computer science and engineering::Software::Operating systems |
| spellingShingle |
DRNTU::Engineering::Computer science and engineering::Software::Operating systems Nguyen, Thanh Nam Android security : on-the-fly security policies update |
| description |
LogicDroid is a customized Android operating system which contains a security extension based on metric linear-time temporal logic (MTL) to capture privilege escalation attacks. By adding various hooks in Android OS, the call chains among applications and processes can be tracked by the monitor inside the kernel. The detection algorithm is determined by a security policy specification language. However, a single policy cannot capture all the attack scenarios, LogicDroid needs different policies to be able to handle new forms of attacks. The current implementation of LogicDroid only allows updating of policies by using the offline generated loadable kernel module. Because of the complexity in changing the policy, this Final Year Project was created to simplify the process. The purpose of this project is to modify the structure of LogicDroid’s security monitor so that modification of the policies can be done on-the-fly in a running instance of LogicDroid, without having to do offline compilation. This involves a redesign of the monitor to include a logic interpreter that can take as an input a security policy and updates its enforcement subroutines. The project contains two parts: the first part is the implementation of intermediate interpreter to interpret the policy specification language to string data structure that can be read by the monitor. The second part is to enable a secure path from Application level to Linux kernel to allow updating the policy in a running instance of LogicDroid. |
| author2 |
Alwen Fernanto Tiu |
| author_facet |
Alwen Fernanto Tiu Nguyen, Thanh Nam |
| format |
Final Year Project |
| author |
Nguyen, Thanh Nam |
| author_sort |
Nguyen, Thanh Nam |
| title |
Android security : on-the-fly security policies update |
| title_short |
Android security : on-the-fly security policies update |
| title_full |
Android security : on-the-fly security policies update |
| title_fullStr |
Android security : on-the-fly security policies update |
| title_full_unstemmed |
Android security : on-the-fly security policies update |
| title_sort |
android security : on-the-fly security policies update |
| publishDate |
2015 |
| url |
http://hdl.handle.net/10356/62616 |
| _version_ |
1759854265275252736 |