A light-weight software environment for confining android malware

Xiaolei Li; Guangdong Bai; Benjamin Thian; Zhenkai Liang; Heng Yin

doi:10.1109/SERE-C.2014.34

A light-weight software environment for confining android malware

Xiaolei Li, Guangdong Bai, Benjamin Thian, Zhenkai Liang, Heng Yin

Department of Electrical Engineering & Computer Science

Research output: Chapter in Book/Entry/Poem › Conference contribution

2 Scopus citations

Abstract

Mobile devices are becoming increasingly general-purpose, and therefore the physical boundary used to separate important resources disappears. As a result, malicious applications (apps) get chances to abuse resources that are available on the mobile platform. In this paper, we propose resource virtualization as a security mechanism for the Android system to strengthen the physical barrier between many types of resources and confine resource-abusing Android apps. The physical resources on a mobile device are virtualized to a different virtual view for selected Android apps. Resource virtualization simulates a partial but consistent virtual view of the Android resources. Therefore, it can not only confine the resource-abusing apps effectively, but also ensure the usability of these apps. We implement a system prototype, RVL, and evaluate it with real-world apps of various types. Our results demonstrate its effectiveness on malicious Android apps and its compatibility and usability on benign Android apps.

Original language	English (US)
Title of host publication	Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	158-167
Number of pages	10
ISBN (Electronic)	9781479958436
DOIs	https://doi.org/10.1109/SERE-C.2014.34
State	Published - Sep 17 2014
Event	8th International Conference on Software Security and Reliability - Companion, SERE-C 2014 - San Francisco, United States Duration: Jun 30 2014 → Jul 2 2014

Publication series

Name	Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014

Other

Other	8th International Conference on Software Security and Reliability - Companion, SERE-C 2014
Country/Territory	United States
City	San Francisco
Period	6/30/14 → 7/2/14

Keywords

Android malware
isolation
mobile security

ASJC Scopus subject areas

Artificial Intelligence
Safety, Risk, Reliability and Quality

Access to Document

10.1109/SERE-C.2014.34

Cite this

Li, X., Bai, G., Thian, B., Liang, Z., & Yin, H. (2014). A light-weight software environment for confining android malware. In Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014 (pp. 158-167). Article 6901653 (Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SERE-C.2014.34

A light-weight software environment for confining android malware. / Li, Xiaolei; Bai, Guangdong; Thian, Benjamin et al.
Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014. Institute of Electrical and Electronics Engineers Inc., 2014. p. 158-167 6901653 (Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014).

Research output: Chapter in Book/Entry/Poem › Conference contribution

Li, X, Bai, G, Thian, B, Liang, Z & Yin, H 2014, A light-weight software environment for confining android malware. in Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014., 6901653, Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014, Institute of Electrical and Electronics Engineers Inc., pp. 158-167, 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014, San Francisco, United States, 6/30/14. https://doi.org/10.1109/SERE-C.2014.34

Li X, Bai G, Thian B, Liang Z, Yin H. A light-weight software environment for confining android malware. In Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014. Institute of Electrical and Electronics Engineers Inc. 2014. p. 158-167. 6901653. (Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014). doi: 10.1109/SERE-C.2014.34

Li, Xiaolei ; Bai, Guangdong ; Thian, Benjamin et al. / A light-weight software environment for confining android malware. Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014. Institute of Electrical and Electronics Engineers Inc., 2014. pp. 158-167 (Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014).

@inproceedings{97e5dad55a6b4419813ab6d59e510b45,

title = "A light-weight software environment for confining android malware",

abstract = "Mobile devices are becoming increasingly general-purpose, and therefore the physical boundary used to separate important resources disappears. As a result, malicious applications (apps) get chances to abuse resources that are available on the mobile platform. In this paper, we propose resource virtualization as a security mechanism for the Android system to strengthen the physical barrier between many types of resources and confine resource-abusing Android apps. The physical resources on a mobile device are virtualized to a different virtual view for selected Android apps. Resource virtualization simulates a partial but consistent virtual view of the Android resources. Therefore, it can not only confine the resource-abusing apps effectively, but also ensure the usability of these apps. We implement a system prototype, RVL, and evaluate it with real-world apps of various types. Our results demonstrate its effectiveness on malicious Android apps and its compatibility and usability on benign Android apps.",

keywords = "Android malware, isolation, mobile security",

author = "Xiaolei Li and Guangdong Bai and Benjamin Thian and Zhenkai Liang and Heng Yin",

note = "Publisher Copyright: {\textcopyright} 2014 IEEE.; 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014 ; Conference date: 30-06-2014 Through 02-07-2014",

year = "2014",

month = sep,

day = "17",

doi = "10.1109/SERE-C.2014.34",

language = "English (US)",

series = "Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "158--167",

booktitle = "Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014",

}

TY - GEN

T1 - A light-weight software environment for confining android malware

AU - Li, Xiaolei

AU - Bai, Guangdong

AU - Thian, Benjamin

AU - Liang, Zhenkai

AU - Yin, Heng

PY - 2014/9/17

Y1 - 2014/9/17

N2 - Mobile devices are becoming increasingly general-purpose, and therefore the physical boundary used to separate important resources disappears. As a result, malicious applications (apps) get chances to abuse resources that are available on the mobile platform. In this paper, we propose resource virtualization as a security mechanism for the Android system to strengthen the physical barrier between many types of resources and confine resource-abusing Android apps. The physical resources on a mobile device are virtualized to a different virtual view for selected Android apps. Resource virtualization simulates a partial but consistent virtual view of the Android resources. Therefore, it can not only confine the resource-abusing apps effectively, but also ensure the usability of these apps. We implement a system prototype, RVL, and evaluate it with real-world apps of various types. Our results demonstrate its effectiveness on malicious Android apps and its compatibility and usability on benign Android apps.

AB - Mobile devices are becoming increasingly general-purpose, and therefore the physical boundary used to separate important resources disappears. As a result, malicious applications (apps) get chances to abuse resources that are available on the mobile platform. In this paper, we propose resource virtualization as a security mechanism for the Android system to strengthen the physical barrier between many types of resources and confine resource-abusing Android apps. The physical resources on a mobile device are virtualized to a different virtual view for selected Android apps. Resource virtualization simulates a partial but consistent virtual view of the Android resources. Therefore, it can not only confine the resource-abusing apps effectively, but also ensure the usability of these apps. We implement a system prototype, RVL, and evaluate it with real-world apps of various types. Our results demonstrate its effectiveness on malicious Android apps and its compatibility and usability on benign Android apps.

KW - Android malware

KW - isolation

KW - mobile security

UR - http://www.scopus.com/inward/record.url?scp=84908658534&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84908658534&partnerID=8YFLogxK

U2 - 10.1109/SERE-C.2014.34

DO - 10.1109/SERE-C.2014.34

M3 - Conference contribution

AN - SCOPUS:84908658534

T3 - Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014

SP - 158

EP - 167

BT - Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014

Y2 - 30 June 2014 through 2 July 2014

ER -

A light-weight software environment for confining android malware

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this