Towards Taming Privilege-Escalation Attacks on Android
Download: Paper (PDF)
Date: 7 Feb 2012
Document Type: Briefing Papers
Additional Documents: Slides
Associated Event: NDSS Symposium 2012
Android is vulnerable to application-level privilege escalation attacks (confused deputy and colluding applications). We present the design and implementation of a security framework for Android towards mitigating these attacks through a system-centric and policy-driven approach with runtime monitoring of communication channels between applications at multiple layers (middleware IPC, file-system, and network).