Program

Location

Edwards Hall Lobby

Document Type

Poster Presentation (1 hour)

Description

As the world becomes increasingly reliant on mobile technologies, so has the importance of research in the area of mobile security in order to protect users and their data. My research is focused on the Android permissions-based security model and enhancing the effectiveness of Android application permission analysis. Android provides a permission-based security model in which access to privileged system resources is protected through security mechanisms known as Permissions. By default, an Android application does not have any privileges, but applications can request additional privileges through the use of these permissions. I present a novel method in which an Android application can be analyzed to determine the precise set of permissions an application needs to run properly and more securely on a mobile Android device. I present the tool, ACE4Android (Access-Control Explorer for Android), a Dynamic Analysis tool which, when combined with a Static Analysis tool, will allow application end users to know what they are installing when they download an application, and will allow application developers to improve the runnability and security of their applications.

Start Date

20-4-2013 1:45 PM

Comments

Sciences & Engineering Poster Session

Share

COinS
 
Apr 20th, 1:45 PM

Combining Static and Dynamic Permission Analysis for Android

Edwards Hall Lobby

As the world becomes increasingly reliant on mobile technologies, so has the importance of research in the area of mobile security in order to protect users and their data. My research is focused on the Android permissions-based security model and enhancing the effectiveness of Android application permission analysis. Android provides a permission-based security model in which access to privileged system resources is protected through security mechanisms known as Permissions. By default, an Android application does not have any privileges, but applications can request additional privileges through the use of these permissions. I present a novel method in which an Android application can be analyzed to determine the precise set of permissions an application needs to run properly and more securely on a mobile Android device. I present the tool, ACE4Android (Access-Control Explorer for Android), a Dynamic Analysis tool which, when combined with a Static Analysis tool, will allow application end users to know what they are installing when they download an application, and will allow application developers to improve the runnability and security of their applications.