Please use this identifier to cite or link to this item:
|Title:||Android security : on-the-fly security policies update||Authors:||Nguyen, Thanh Nam||Keywords:||DRNTU::Engineering::Computer science and engineering::Software::Operating systems||Issue Date:||2015||Abstract:||LogicDroid is a customized Android operating system which contains a security extension based on metric linear-time temporal logic (MTL) to capture privilege escalation attacks. By adding various hooks in Android OS, the call chains among applications and processes can be tracked by the monitor inside the kernel. The detection algorithm is determined by a security policy specification language. However, a single policy cannot capture all the attack scenarios, LogicDroid needs different policies to be able to handle new forms of attacks. The current implementation of LogicDroid only allows updating of policies by using the offline generated loadable kernel module. Because of the complexity in changing the policy, this Final Year Project was created to simplify the process. The purpose of this project is to modify the structure of LogicDroid’s security monitor so that modification of the policies can be done on-the-fly in a running instance of LogicDroid, without having to do offline compilation. This involves a redesign of the monitor to include a logic interpreter that can take as an input a security policy and updates its enforcement subroutines. The project contains two parts: the first part is the implementation of intermediate interpreter to interpret the policy specification language to string data structure that can be read by the monitor. The second part is to enable a secure path from Application level to Linux kernel to allow updating the policy in a running instance of LogicDroid.||URI:||http://hdl.handle.net/10356/62616||Rights:||Nanyang Technological University||Fulltext Permission:||restricted||Fulltext Availability:||With Fulltext|
|Appears in Collections:||SCSE Student Reports (FYP/IA/PA/PI)|
Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.