|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Aurasium: Practical Policy Enforcement for Android Applications
If you have a question about this talk, please contact Wei Ming Khoo.
With the increasing popularity and growing market share of Google’s mobile platform Android, it has become the top target of latest mobile malware. Previous work on Android security and privacy control produced solutions that require modification to the operating system itself. This requires the user to root his phone to install custom firmware due to software, hardware, and policy choices by Google, the phone manufacturers, and cellular providers. There is no guarantee that these solutions will ever make their way to consumers unless Google implements them in the main Android OS source code repository.
We developed a novel approach named Aurasium that bypasses the need to change the firmware. We automatically rewrite arbitrary apps by attaching interposition code to closely watch the application’s behaviour for security and privacy violations, such as attempts to retrieve a user’s sensitive information, send SMS covertly to premium numbers, or access malicious IP addresses. Aurasium can also detect and prevent cases of privilege escalation attacks. Experiments show that we can apply Aurasium to a large corpus of benign and malicious applications with over 99% success rate.
This talk is part of the Computer Laboratory Security Seminar series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsThursday string seminars Shaping the Future - Cambridge Public Policy Lecture Series Institute of Astronomy Colloquia
Other talksReviving Sati’s corpse: the invocation of the Shakti Pithas in modern and contemporary politics Sonorous Sublimes: Music and Sound 1670–1850 Socio-Critical Reflections on the Role of the Arts in Youth Custody 'Fabulas' Crassulas Book Launch: Operation Idris: Inside the British Administration of Cyrenaica and Libya, 1942-52 by Richard Synge The genetic epidemiology of prostate cancer