FireDroid
- 9 December 2013
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM) in Proceedings of the 29th Annual Computer Security Applications Conference
Abstract
Malware poses a serious threat to Android smartphones. Current security mechanisms offer poor protection and are often too inflexible to quickly mitigate new exploits. In this paper we present FireDroid, a policy-based framework for enforcing security policies by interleaving process system calls. The main advantage of FireDroid is that it is completely transparent to the applications as well as to the Android OS. FireDroid enforces security policies without modifying either the Android OS or its applications. FireDroid is able to perform security checks on third-party and pre-installed applications, as well as malicious native code. We have implemented a novel mechanism that is able to attach, identify, monitor and enforce polices for any process spawned by the Android's mother process Zygote. We have tested the effectiveness of FireDroid against real malware. Moreover, we show how FireDroid can be used as a swift solution for blocking OS and application vulnerabilities before patches are available. Finally, we provide an experimental evaluation of our approach showing that it has only a limited overhead. Given these facts, FireDroid represents a practical solution for strengthening security on Android smartphones.Keywords
Funding Information
- Auckland UniServices Limited
This publication has 19 references indexed in Scilit:
- DroidChameleonPublished by Association for Computing Machinery (ACM) ,2013
- RiskRankerPublished by Association for Computing Machinery (ACM) ,2012
- MOSESPublished by Association for Computing Machinery (ACM) ,2012
- CellsPublished by Association for Computing Machinery (ACM) ,2011
- These aren't the droids you're looking forPublished by Association for Computing Machinery (ACM) ,2011
- Android permissions demystifiedPublished by Association for Computing Machinery (ACM) ,2011
- L4AndroidPublished by Association for Computing Machinery (ACM) ,2011
- Practical and lightweight domain isolation on AndroidPublished by Association for Computing Machinery (ACM) ,2011
- A survey of mobile malware in the wildPublished by Association for Computing Machinery (ACM) ,2011
- MockDroidPublished by Association for Computing Machinery (ACM) ,2011