Intentio ex machina: Android intent access control via an extensible application hook

Carter Yagemann, Wenliang Du

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Android’s intent framework serves as the primary method for interprocess communication (IPC) among apps. The increased volume of intent IPC present in Android devices, coupled with intent’s ability to implicitly find valid receivers for IPC, bring about new security challenges. We propose Intentio Ex Machina (IEM), an access control solution for Android intent security. IEM separates the logic for performing access control from the point of interception by placing an interface in the Android framework. This allows the access control logic to be placed inside a normal application and reached via the interface. The app, called a “user firewall”, can then receive intents as they enter the system and inspect them. Not only can the user firewall allow or block intents, but it can even modify them to a controlled extent. Since it runs as a user application, developers are able to create user firewalls that manufacturers can then integrate into their devices. In this way, IEM allows for a new genre of security application for Android systems offering a creative and interactive approach to active IPC defense.

Original languageEnglish (US)
Title of host publicationComputer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings
PublisherSpringer Verlag
Pages383-400
Number of pages18
Volume9878 LNCS
ISBN (Print)9783319457437
DOIs
StatePublished - 2016
Event21st European Symposium on Research in Computer Security, ESORICS 2016 - Heraklion, Greece
Duration: Sep 26 2016Sep 30 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9878 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other21st European Symposium on Research in Computer Security, ESORICS 2016
CountryGreece
CityHeraklion
Period9/26/169/30/16

Fingerprint

Hooks
Access Control
Access control
Firewall
Communication
Application programs
Logic
Computer system firewalls
Interfaces (computer)
Receiver
Integrate
Valid
Framework

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Yagemann, C., & Du, W. (2016). Intentio ex machina: Android intent access control via an extensible application hook. In Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings (Vol. 9878 LNCS, pp. 383-400). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9878 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-45744-4_19

Intentio ex machina : Android intent access control via an extensible application hook. / Yagemann, Carter; Du, Wenliang.

Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings. Vol. 9878 LNCS Springer Verlag, 2016. p. 383-400 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9878 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Yagemann, C & Du, W 2016, Intentio ex machina: Android intent access control via an extensible application hook. in Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings. vol. 9878 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9878 LNCS, Springer Verlag, pp. 383-400, 21st European Symposium on Research in Computer Security, ESORICS 2016, Heraklion, Greece, 9/26/16. https://doi.org/10.1007/978-3-319-45744-4_19
Yagemann C, Du W. Intentio ex machina: Android intent access control via an extensible application hook. In Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings. Vol. 9878 LNCS. Springer Verlag. 2016. p. 383-400. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-45744-4_19
Yagemann, Carter ; Du, Wenliang. / Intentio ex machina : Android intent access control via an extensible application hook. Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings. Vol. 9878 LNCS Springer Verlag, 2016. pp. 383-400 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{6c9fc09116274dd48be12b26c3d68dc9,
title = "Intentio ex machina: Android intent access control via an extensible application hook",
abstract = "Android’s intent framework serves as the primary method for interprocess communication (IPC) among apps. The increased volume of intent IPC present in Android devices, coupled with intent’s ability to implicitly find valid receivers for IPC, bring about new security challenges. We propose Intentio Ex Machina (IEM), an access control solution for Android intent security. IEM separates the logic for performing access control from the point of interception by placing an interface in the Android framework. This allows the access control logic to be placed inside a normal application and reached via the interface. The app, called a “user firewall”, can then receive intents as they enter the system and inspect them. Not only can the user firewall allow or block intents, but it can even modify them to a controlled extent. Since it runs as a user application, developers are able to create user firewalls that manufacturers can then integrate into their devices. In this way, IEM allows for a new genre of security application for Android systems offering a creative and interactive approach to active IPC defense.",
author = "Carter Yagemann and Wenliang Du",
year = "2016",
doi = "10.1007/978-3-319-45744-4_19",
language = "English (US)",
isbn = "9783319457437",
volume = "9878 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "383--400",
booktitle = "Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings",

}

TY - GEN

T1 - Intentio ex machina

T2 - Android intent access control via an extensible application hook

AU - Yagemann, Carter

AU - Du, Wenliang

PY - 2016

Y1 - 2016

N2 - Android’s intent framework serves as the primary method for interprocess communication (IPC) among apps. The increased volume of intent IPC present in Android devices, coupled with intent’s ability to implicitly find valid receivers for IPC, bring about new security challenges. We propose Intentio Ex Machina (IEM), an access control solution for Android intent security. IEM separates the logic for performing access control from the point of interception by placing an interface in the Android framework. This allows the access control logic to be placed inside a normal application and reached via the interface. The app, called a “user firewall”, can then receive intents as they enter the system and inspect them. Not only can the user firewall allow or block intents, but it can even modify them to a controlled extent. Since it runs as a user application, developers are able to create user firewalls that manufacturers can then integrate into their devices. In this way, IEM allows for a new genre of security application for Android systems offering a creative and interactive approach to active IPC defense.

AB - Android’s intent framework serves as the primary method for interprocess communication (IPC) among apps. The increased volume of intent IPC present in Android devices, coupled with intent’s ability to implicitly find valid receivers for IPC, bring about new security challenges. We propose Intentio Ex Machina (IEM), an access control solution for Android intent security. IEM separates the logic for performing access control from the point of interception by placing an interface in the Android framework. This allows the access control logic to be placed inside a normal application and reached via the interface. The app, called a “user firewall”, can then receive intents as they enter the system and inspect them. Not only can the user firewall allow or block intents, but it can even modify them to a controlled extent. Since it runs as a user application, developers are able to create user firewalls that manufacturers can then integrate into their devices. In this way, IEM allows for a new genre of security application for Android systems offering a creative and interactive approach to active IPC defense.

UR - http://www.scopus.com/inward/record.url?scp=84990064171&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84990064171&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-45744-4_19

DO - 10.1007/978-3-319-45744-4_19

M3 - Conference contribution

AN - SCOPUS:84990064171

SN - 9783319457437

VL - 9878 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 383

EP - 400

BT - Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings

PB - Springer Verlag

ER -