Raindroid - A System for Run-time Mitigation of Android Intent Vulnerabilities (Poster)
Bradley Schmerl, Jeffrey Gennari,
Javier Cámara and
David Garlan.
In Symposium and Bootcamp on the Science of Security, Pittsburgh, PA, 19-21 April 2016.
Online links:
Abstract
Modern frameworks are required to be extendable as well
as secure. However, these two qualities are often at odds.
In this poster we describe an approach that uses a combination of static analysis and run-time management, based
on software architecture models, that can improve security
while maintaining framework extendability. We implement
a prototype of the approach for the Android platform. Static
analysis identifies the architecture and communication patterns among the collection of apps on an Android device
and which communications might be vulnerable to attack.
Run-time mechanisms monitor these potentially vulnerable
communication patterns, and adapt the system to either
deny them, request explicit approval from the user, or allow them. |
Keywords: Human-in-the-loop, Rainbow, Science of Security.
@InProceedings{2016:Schmerl:Raindroid,
AUTHOR = {Schmerl, Bradley and Gennari, Jeffrey and C\'{a}mara, Javier and Garlan, David},
TITLE = {Raindroid - A System for Run-time Mitigation of Android Intent Vulnerabilities (Poster)},
YEAR = {2016},
MONTH = {19-21 April},
BOOKTITLE = {Symposium and Bootcamp on the Science of Security},
ADDRESS = {Pittsburgh, PA},
PDF = {http://acme.able.cs.cmu.edu/pubs/uploads/pdf/raindroid-poster.pdf},
ABSTRACT = {Modern frameworks are required to be extendable as well
as secure. However, these two qualities are often at odds.
In this poster we describe an approach that uses a combination of static analysis and run-time management, based
on software architecture models, that can improve security
while maintaining framework extendability. We implement
a prototype of the approach for the Android platform. Static
analysis identifies the architecture and communication patterns among the collection of apps on an Android device
and which communications might be vulnerable to attack.
Run-time mechanisms monitor these potentially vulnerable
communication patterns, and adapt the system to either
deny them, request explicit approval from the user, or allow them.},
KEYWORDS = {Human-in-the-loop, Rainbow, Science of Security} }
|