Poster: DyPolDroid: User-centered counter-policies against android permission-abuse attacks

Matthew Hill; Carlos E. Rubio-Medrano; Luis M. Claramunt; Jaejong Baek; Gail Joon Ahn

doi:10.1109/EuroSP51992.2021.00053

Poster: DyPolDroid: User-centered counter-policies against android permission-abuse attacks

Matthew Hill, Carlos E. Rubio-Medrano, Luis M. Claramunt, Jaejong Baek, Gail Joon Ahn

Engineering, Ira A. Fulton Schools of (IAFSE)

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Android applications are extremely popular, as they are used for banking, social media, e-commerce, etc. However, several malicious applications have recently carried out data leaks and spurious credit card charges by abusing the Android Permissions granted initially to them by unaware users in good faith. To alleviate this pressing concern, we present DyPolDroid, a dynamic, semi-automated security framework that builds upon Android Enterprise, a device-management framework for organizations, allowing for users to design and enforce custom Counter-Policies, effectively protecting against such malicious applications without requiring advanced security and/or technical expertise.

Original language	English (US)
Title of host publication	Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	704-706
Number of pages	3
ISBN (Electronic)	9781665414913
DOIs	https://doi.org/10.1109/EuroSP51992.2021.00053
State	Published - Sep 2021
Event	6th IEEE European Symposium on Security and Privacy, Euro S and P 2021 - Virtual, Online, Austria Duration: Sep 6 2021 → Sep 10 2021

Publication series

Name	Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021

Conference

Conference	6th IEEE European Symposium on Security and Privacy, Euro S and P 2021
Country/Territory	Austria
City	Virtual, Online
Period	9/6/21 → 9/10/21

Keywords

Android
Android Enterprise
Attack Patterns
Permission Abuse
Permissions

ASJC Scopus subject areas

Computer Networks and Communications
Information Systems
Information Systems and Management
Safety, Risk, Reliability and Quality

Access to Document

10.1109/EuroSP51992.2021.00053

Cite this

Hill, M., Rubio-Medrano, C. E., Claramunt, L. M., Baek, J., & Ahn, G. J. (2021). Poster: DyPolDroid: User-centered counter-policies against android permission-abuse attacks. In Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021 (pp. 704-706). (Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/EuroSP51992.2021.00053

Poster: DyPolDroid: User-centered counter-policies against android permission-abuse attacks. / Hill, Matthew; Rubio-Medrano, Carlos E.; Claramunt, Luis M. et al.
Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021. Institute of Electrical and Electronics Engineers Inc., 2021. p. 704-706 (Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Hill, M, Rubio-Medrano, CE, Claramunt, LM, Baek, J & Ahn, GJ 2021, Poster: DyPolDroid: User-centered counter-policies against android permission-abuse attacks. in Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021. Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021, Institute of Electrical and Electronics Engineers Inc., pp. 704-706, 6th IEEE European Symposium on Security and Privacy, Euro S and P 2021, Virtual, Online, Austria, 9/6/21. https://doi.org/10.1109/EuroSP51992.2021.00053

Hill M, Rubio-Medrano CE, Claramunt LM, Baek J, Ahn GJ. Poster: DyPolDroid: User-centered counter-policies against android permission-abuse attacks. In Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021. Institute of Electrical and Electronics Engineers Inc. 2021. p. 704-706. (Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021). doi: 10.1109/EuroSP51992.2021.00053

Hill, Matthew ; Rubio-Medrano, Carlos E. ; Claramunt, Luis M. et al. / Poster : DyPolDroid: User-centered counter-policies against android permission-abuse attacks. Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021. Institute of Electrical and Electronics Engineers Inc., 2021. pp. 704-706 (Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021).

@inproceedings{5dc619d5db9d48e6ad272604b1acdc5d,

title = "Poster: DyPolDroid: User-centered counter-policies against android permission-abuse attacks",

abstract = "Android applications are extremely popular, as they are used for banking, social media, e-commerce, etc. However, several malicious applications have recently carried out data leaks and spurious credit card charges by abusing the Android Permissions granted initially to them by unaware users in good faith. To alleviate this pressing concern, we present DyPolDroid, a dynamic, semi-automated security framework that builds upon Android Enterprise, a device-management framework for organizations, allowing for users to design and enforce custom Counter-Policies, effectively protecting against such malicious applications without requiring advanced security and/or technical expertise.",

keywords = "Android, Android Enterprise, Attack Patterns, Permission Abuse, Permissions",

author = "Matthew Hill and Rubio-Medrano, {Carlos E.} and Claramunt, {Luis M.} and Jaejong Baek and Ahn, {Gail Joon}",

note = "Publisher Copyright: {\textcopyright} 2021 IEEE.; 6th IEEE European Symposium on Security and Privacy, Euro S and P 2021 ; Conference date: 06-09-2021 Through 10-09-2021",

year = "2021",

month = sep,

doi = "10.1109/EuroSP51992.2021.00053",

language = "English (US)",

series = "Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "704--706",

booktitle = "Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021",

}

TY - GEN

T1 - Poster

T2 - 6th IEEE European Symposium on Security and Privacy, Euro S and P 2021

AU - Hill, Matthew

AU - Rubio-Medrano, Carlos E.

AU - Claramunt, Luis M.

AU - Baek, Jaejong

AU - Ahn, Gail Joon

PY - 2021/9

Y1 - 2021/9

N2 - Android applications are extremely popular, as they are used for banking, social media, e-commerce, etc. However, several malicious applications have recently carried out data leaks and spurious credit card charges by abusing the Android Permissions granted initially to them by unaware users in good faith. To alleviate this pressing concern, we present DyPolDroid, a dynamic, semi-automated security framework that builds upon Android Enterprise, a device-management framework for organizations, allowing for users to design and enforce custom Counter-Policies, effectively protecting against such malicious applications without requiring advanced security and/or technical expertise.

AB - Android applications are extremely popular, as they are used for banking, social media, e-commerce, etc. However, several malicious applications have recently carried out data leaks and spurious credit card charges by abusing the Android Permissions granted initially to them by unaware users in good faith. To alleviate this pressing concern, we present DyPolDroid, a dynamic, semi-automated security framework that builds upon Android Enterprise, a device-management framework for organizations, allowing for users to design and enforce custom Counter-Policies, effectively protecting against such malicious applications without requiring advanced security and/or technical expertise.

KW - Android

KW - Android Enterprise

KW - Attack Patterns

KW - Permission Abuse

KW - Permissions

UR - http://www.scopus.com/inward/record.url?scp=85119286897&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85119286897&partnerID=8YFLogxK

U2 - 10.1109/EuroSP51992.2021.00053

DO - 10.1109/EuroSP51992.2021.00053

M3 - Conference contribution

AN - SCOPUS:85119286897

T3 - Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021

SP - 704

EP - 706

BT - Proceedings - 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 6 September 2021 through 10 September 2021

ER -

Poster: DyPolDroid: User-centered counter-policies against android permission-abuse attacks

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this