5 research outputs found
Design and Analysis of Mobile Operating System Security Architecture using Formal Methods
The Android operating system (OS) is now used in the majority of
mobile devices.
Hence, Android security is an important issue to handle. In this
work, we tackle
the problem using two separate approaches: directly modifying
Android OS and
developed a framework to provide a guarantee of
non-interference.
Firstly, we present a design and an implementation of a security
policy specifi-
cation language based on metric linear-time temporal logic (MTL)
to specify timing-
dependent security policies. The design of the language is driven
by the problem of
runtime monitoring of applications in mobile devices. A main case
of the study is the
privilege escalation attack in the Android OS, where an
unprivileged app gains ac-
cess to privileged resource or functionalities through indirect
flow. To capture these
attacks, we extend MTL with recursive definitions to express call
chains between
apps. We then show how our language design can be used to specify
policies to
detect privilege escalation under various fine-grained
constraints. We present a new
algorithm for monitoring safety policies written in our
specification language. The
monitor does not need to store the entire history of events
generated by the apps. We
modified the Android OS kernel to allow us to insert our
generated monitors mod-
ularly. We have tested the modified OS (LogicDroid) on an actual
device, and show
that it is effective in detecting policy violations. Furthermore,
LogicDroid is able to
prevent a previously unknown exploit to breach Android security
which allows an
unprivileged application to access certain critical and
privileged functionalities of an
Android phone, such as making phone calls, terminating phone
calls, and sending
SMS, without having to ask any permissions to do so.
Subsequently, we provided a framework to ensure non-interference
properties
of DEX bytecode. Each application in Android runs in an instance
of the Dalvik
virtual machine, which is a register-based virtual machine (VM).
Most applications
for Android are developed using Java, compiled to Java bytecode
and further into
DEX bytecode. Following a methodology that has been developed for
Java byte-
code certification by Barthe et al., we developed a type-based
method for certifying
non-interference property of a DEX program. To this end, we
develop a formal oper-
ational semantics of the Dalvik VM, a type system for DEX
bytecode, and prove the
soundness of the type system with respect to a notion of
non-interference. We have
also formalized the proof of a subset of DEX in Coq for an
additional guarantee that
our proof is correct.
We then study the translation process from Java bytecode to DEX
bytecode, as
implemented in the dx tool in the Android SDK. We show that an
abstracted version
of the translation from Java bytecode to DEX bytecode preserves
the non-interference
property. More precisely, we show that if the Java bytecode is
typable in Barthe
et al.’s type system, then its translation is typable in our
type system.
This result opens up the possibility to leverage existing
bytecode verifiers for Java to certify
non-interference properties of Android bytecode
Advanced Topics in Systems Safety and Security
This book presents valuable research results in the challenging field of systems (cyber)security. It is a reprint of the Information (MDPI, Basel) - Special Issue (SI) on Advanced Topics in Systems Safety and Security. The competitive review process of MDPI journals guarantees the quality of the presented concepts and results. The SI comprises high-quality papers focused on cutting-edge research topics in cybersecurity of computer networks and industrial control systems. The contributions presented in this book are mainly the extended versions of selected papers presented at the 7th and the 8th editions of the International Workshop on Systems Safety and Security—IWSSS. These two editions took place in Romania in 2019 and respectively in 2020. In addition to the selected papers from IWSSS, the special issue includes other valuable and relevant contributions. The papers included in this reprint discuss various subjects ranging from cyberattack or criminal activities detection, evaluation of the attacker skills, modeling of the cyber-attacks, and mobile application security evaluation. Given this diversity of topics and the scientific level of papers, we consider this book a valuable reference for researchers in the security and safety of systems
Renforcement formel et automatique de politiques de sécurité dans des applications Android par réécriture
Autant les applications Android ont réussi à positionner Android parmi les systèmes d'exploitation les plus utilisés, autant elles ont facilité aux créateurs de maliciels de s'introduire et de compromettre ses appareils. Une longue liste de menaces causées par les applications téléchargées vise l'intégrité du système et la vie privée de ses utilisateurs. Malgré l'évolution incessante du système Android pour améliorer son mécanisme de sécurité, le niveau de sophistication des logiciels malveillants a augmenté et s'adapte continuellement avec les nouvelles mesures. L'une des principales faiblesses menaçant la sécurité de ce système est le manque abyssal d'outils et d'environnements permettant la spécification et la vérification formelle des comportements des applications avant que les dommages ne soient causés. À cet égard, les méthodes formelles semblent être le moyen le plus naturel et le plus sûr pour une spécification et une vérification rigoureuses et non ambiguës de telles applications. Notre objectif principal est de développer un cadre formel pour le renforcement de politiques de sécurité dans les applications Android. L'idée est d'établir une synergie entre le paradigme orienté aspect et les méthodes formelles. L'approche consiste à réécrire le programme de l'application en ajoutant des tests de sécurité à certains points soigneusement sélectionnés pour garantir le respect de la politique de sécurité. La version réécrite du programme préserve tous les bons comportements de la version originale qui sont conformes à la politique de sécurité et agit contre les mauvais.As much as they have positioned Android among the most widely used operating systems, Android applications have helped malware creators to break in and infect its devices. A long list of threats caused by downloaded applications targets the integrity of the system and the privacy of its users. While the Android system is constantly evolving to improve its security mechanism, the malware's sophistication level is skyrocketing and continuously adapting with the new measures. One of the main weaknesses threatening smartphone security is the abysmal lack of tools and environments that allow formal specification and verification of application behaviors before damage is done. In this regard, formal methods seem to be the most natural and secure way for rigorous and unambiguous specification and verification of such applications. Our ultimate goal is to formally enforce security policies on Android applications. The main idea is to establish a synergy between the aspect-oriented paradigm and formal methods such as the program rewriting technique. The approach consists of rewriting the application program by adding security tests at certain carefully selected points to ensure that the security policy is respected. The rewritten version of the program preserves all the good behaviors of the original one that comply with the security policy and acts against the bad ones