YAASE

Yet another android security extension

Giovanni Russello, Bruno Crispo, Earlence Fernandes, Yury Zhauniarovich

Research output: Chapter in Book/Report/Conference proceedingConference contribution

29 Citations (Scopus)

Abstract

Three hundred and fifty thousand Android phones are activated each day. The open philosophy adopted by Google makes it easy for third-parties to develop and distribute applications. Unfortunately, the same applies to malicious applications that pose a real threat to users'privacy. The limited security model implemented on the Android Platform has failed in thwarting these attacks. In this paper, we present Yet Another Android Security Extension (YAASE) that provides a fine-grained security mechanism while protecting the user from malicious applications that attempt to leak sensitive information via network access or by privilege spreading through collusion. We have implemented YAASE and evaluated its performance overhead. Preliminary results show the approach is indeed feasible.

Original languageEnglish
Title of host publicationProceedings - 2011 IEEE International Conference on Privacy, Security, Risk and Trust and IEEE International Conference on Social Computing, PASSAT/SocialCom 2011
Pages1033-1040
Number of pages8
DOIs
Publication statusPublished - 1 Dec 2011
Externally publishedYes
Event2011 IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2011 and 2011 IEEE International Conference on Social Computing, SocialCom 2011 - Boston, MA
Duration: 9 Oct 201111 Oct 2011

Other

Other2011 IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2011 and 2011 IEEE International Conference on Social Computing, SocialCom 2011
CityBoston, MA
Period9/10/1111/10/11

ASJC Scopus subject areas

  • Hardware and Architecture
  • Safety, Risk, Reliability and Quality

Cite this

Russello, G., Crispo, B., Fernandes, E., & Zhauniarovich, Y. (2011). YAASE: Yet another android security extension. In Proceedings - 2011 IEEE International Conference on Privacy, Security, Risk and Trust and IEEE International Conference on Social Computing, PASSAT/SocialCom 2011 (pp. 1033-1040). [6113256] https://doi.org/10.1109/PASSAT/SocialCom.2011.151

YAASE : Yet another android security extension. / Russello, Giovanni; Crispo, Bruno; Fernandes, Earlence; Zhauniarovich, Yury.

Proceedings - 2011 IEEE International Conference on Privacy, Security, Risk and Trust and IEEE International Conference on Social Computing, PASSAT/SocialCom 2011. 2011. p. 1033-1040 6113256.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Russello, G, Crispo, B, Fernandes, E & Zhauniarovich, Y 2011, YAASE: Yet another android security extension. in Proceedings - 2011 IEEE International Conference on Privacy, Security, Risk and Trust and IEEE International Conference on Social Computing, PASSAT/SocialCom 2011., 6113256, pp. 1033-1040, 2011 IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2011 and 2011 IEEE International Conference on Social Computing, SocialCom 2011, Boston, MA, 9/10/11. https://doi.org/10.1109/PASSAT/SocialCom.2011.151
Russello G, Crispo B, Fernandes E, Zhauniarovich Y. YAASE: Yet another android security extension. In Proceedings - 2011 IEEE International Conference on Privacy, Security, Risk and Trust and IEEE International Conference on Social Computing, PASSAT/SocialCom 2011. 2011. p. 1033-1040. 6113256 https://doi.org/10.1109/PASSAT/SocialCom.2011.151
Russello, Giovanni ; Crispo, Bruno ; Fernandes, Earlence ; Zhauniarovich, Yury. / YAASE : Yet another android security extension. Proceedings - 2011 IEEE International Conference on Privacy, Security, Risk and Trust and IEEE International Conference on Social Computing, PASSAT/SocialCom 2011. 2011. pp. 1033-1040
@inproceedings{598bd81f38304ee4a8ad99494041c0b4,
title = "YAASE: Yet another android security extension",
abstract = "Three hundred and fifty thousand Android phones are activated each day. The open philosophy adopted by Google makes it easy for third-parties to develop and distribute applications. Unfortunately, the same applies to malicious applications that pose a real threat to users'privacy. The limited security model implemented on the Android Platform has failed in thwarting these attacks. In this paper, we present Yet Another Android Security Extension (YAASE) that provides a fine-grained security mechanism while protecting the user from malicious applications that attempt to leak sensitive information via network access or by privilege spreading through collusion. We have implemented YAASE and evaluated its performance overhead. Preliminary results show the approach is indeed feasible.",
author = "Giovanni Russello and Bruno Crispo and Earlence Fernandes and Yury Zhauniarovich",
year = "2011",
month = "12",
day = "1",
doi = "10.1109/PASSAT/SocialCom.2011.151",
language = "English",
isbn = "9780769545783",
pages = "1033--1040",
booktitle = "Proceedings - 2011 IEEE International Conference on Privacy, Security, Risk and Trust and IEEE International Conference on Social Computing, PASSAT/SocialCom 2011",

}

TY - GEN

T1 - YAASE

T2 - Yet another android security extension

AU - Russello, Giovanni

AU - Crispo, Bruno

AU - Fernandes, Earlence

AU - Zhauniarovich, Yury

PY - 2011/12/1

Y1 - 2011/12/1

N2 - Three hundred and fifty thousand Android phones are activated each day. The open philosophy adopted by Google makes it easy for third-parties to develop and distribute applications. Unfortunately, the same applies to malicious applications that pose a real threat to users'privacy. The limited security model implemented on the Android Platform has failed in thwarting these attacks. In this paper, we present Yet Another Android Security Extension (YAASE) that provides a fine-grained security mechanism while protecting the user from malicious applications that attempt to leak sensitive information via network access or by privilege spreading through collusion. We have implemented YAASE and evaluated its performance overhead. Preliminary results show the approach is indeed feasible.

AB - Three hundred and fifty thousand Android phones are activated each day. The open philosophy adopted by Google makes it easy for third-parties to develop and distribute applications. Unfortunately, the same applies to malicious applications that pose a real threat to users'privacy. The limited security model implemented on the Android Platform has failed in thwarting these attacks. In this paper, we present Yet Another Android Security Extension (YAASE) that provides a fine-grained security mechanism while protecting the user from malicious applications that attempt to leak sensitive information via network access or by privilege spreading through collusion. We have implemented YAASE and evaluated its performance overhead. Preliminary results show the approach is indeed feasible.

UR - http://www.scopus.com/inward/record.url?scp=84856188819&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84856188819&partnerID=8YFLogxK

U2 - 10.1109/PASSAT/SocialCom.2011.151

DO - 10.1109/PASSAT/SocialCom.2011.151

M3 - Conference contribution

SN - 9780769545783

SP - 1033

EP - 1040

BT - Proceedings - 2011 IEEE International Conference on Privacy, Security, Risk and Trust and IEEE International Conference on Social Computing, PASSAT/SocialCom 2011

ER -