| 改进的Android强制访问控制模型 |
| |
| 引用本文: | 蒋绍林,王金双,于晗,张涛,陈融.改进的Android强制访问控制模型[J].计算机应用,2013,33(6):1630-1636. |
| |
| 作者姓名: | 蒋绍林 王金双 于晗 张涛 陈融 |
| |
| 作者单位: | 解放军理工大学 指挥信息系统学院,南京 210007 |
| |
| 基金项目: | 理工大学预先研究基金资助项目(KYZYZLXY1208) |
| |
| 摘 要: | 为了降低Android平台受应用层权限提升攻击的可能性,研究分析了对利用隐蔽信道进行的合谋攻击具有较好防御能力的XManDroid模型,针对该模型存在无法检测多应用多权限合谋攻击的问题,采用构建进程间通信连接图并利用有色图记录应用通信历史的方法,提出了一种基于通信历史的细粒度强制访问控制模型。对原型系统的测试结果表明:所提出的模型能够很好地解决XManDroid模型存在的问题。
|
| 关 键 词: | 安卓系统 权限机制 安全沙盒 强制访问控制 权限提升攻击 |
| 收稿时间: | 2012-12-03 |
| 修稿时间: | 2013-01-15 |
Improved mandatory access control model for Android |
| |
| JIANG Shaolin WANG Jinshuang YU Han ZHANG Tao CHEN Rong.Improved mandatory access control model for Android[J].journal of Computer Applications,2013,33(6):1630-1636. |
| |
| Authors: | JIANG Shaolin WANG Jinshuang YU Han ZHANG Tao CHEN Rong |
| |
| Affiliation: | College of Command Information System, PLA University of Science and Technology, Nanjing Jiangsu 210007, China |
| |
| Abstract: | In order to protect Android platforms from the application-level privilege escalation attacks, this paper analyzed the XManDroid access control model, which has better ability on fighting these attacks, especially the collusion attack on the covert channel. To address the problem that XManDroid could not detect the multi-application and multi-permissions collusion attacks, this paper proposed an improved mandatory access control model which recorded the communication history of applications by building an IPC links colored diagram. At last, the test result on the prototype system show that the new model can solve the problem in the XManDroid well. |
| |
| Keywords: | Android system permission sandbox mandatory access control privilege escalation attack |
|
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
