Three hundred and fifty thousand Android phones are activated each day. The open philosophy adopted by Google makes it easy for third-parties to develop and distribute applications. Unfortunately, the same applies to malicious applications that pose a real threat to users' privacy. The limited security model implemented on the Android Platform has failed in thwarting these attacks. In this paper, we present Yet Another Android Security Extension (YAASE) that provides a fine-grained security mechanism while protecting the user from malicious applications that attempt to leak sensitive information via network access or by privilege spreading through collusion. We have implemented YAASE and evaluated its performance overhead. Preliminary results show the approach is indeed feasible.
Scheda prodotto non validato
I dati visualizzati non sono stati ancora sottoposti a validazione formale da parte dello Staff di IRIS, ma sono stati ugualmente trasmessi al Sito Docente Cineca (Loginmiur).
Titolo: | YAASE: Yet Another Android Security Extension | |
Autori: | G. Russello; B. Crispo; E. Fernandes; Y. Zhauniarovich | |
Autori Unitn: | ||
Titolo del volume contenente il saggio: | 2011 IEEE Third International Conference on Privacy, Security, Risk and Trust | |
Luogo di edizione: | New York | |
Casa editrice: | IEEE | |
Anno di pubblicazione: | 2011 | |
Codice identificativo Scopus: | 2-s2.0-84856188819 | |
ISBN: | 978-1-4577-1931-8 | |
Handle: | http://hdl.handle.net/11572/95411 | |
Appare nelle tipologie: | 04.1 Saggio in atti di convegno (Paper in proceedings) |