NativeGuard

Protecting android applications from third-party native libraries

Mengtao Sun, Gang Tan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

44 Citations (Scopus)

Abstract

Android applications often include third-party libraries written in native code. However, current native components are not well managed by Android's security architecture. We present NativeGuard, a security framework that isolates native libraries from other components in Android applications. Leveraging the process-based protection in Android, NativeGuard isolates native libraries of an Android application into a second application where unnecessary privileges are eliminated. NativeGuard requires neither modifications to Android nor access to the source code of an application. It addresses multiple technical issues to support various interfaces that Android provides to the native world. Experimental results demonstrate that our framework works well with a set of real-world applications, and incurs only modest overhead on benchmark programs.

Original languageEnglish (US)
Title of host publicationWiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks
PublisherAssociation for Computing Machinery
Pages165-176
Number of pages12
ISBN (Print)9781450329729
DOIs
StatePublished - Jan 1 2014
Event7th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2014 - Oxford, United Kingdom
Duration: Jul 23 2014Jul 25 2014

Publication series

NameWiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks

Other

Other7th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2014
CountryUnited Kingdom
CityOxford
Period7/23/147/25/14

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications

Cite this

Sun, M., & Tan, G. (2014). NativeGuard: Protecting android applications from third-party native libraries. In WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks (pp. 165-176). (WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks). Association for Computing Machinery. https://doi.org/10.1145/2627393.2627396
Sun, Mengtao ; Tan, Gang. / NativeGuard : Protecting android applications from third-party native libraries. WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks. Association for Computing Machinery, 2014. pp. 165-176 (WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks).
@inproceedings{f4a3d2c1a71148da9e8bc850cde5664a,
title = "NativeGuard: Protecting android applications from third-party native libraries",
abstract = "Android applications often include third-party libraries written in native code. However, current native components are not well managed by Android's security architecture. We present NativeGuard, a security framework that isolates native libraries from other components in Android applications. Leveraging the process-based protection in Android, NativeGuard isolates native libraries of an Android application into a second application where unnecessary privileges are eliminated. NativeGuard requires neither modifications to Android nor access to the source code of an application. It addresses multiple technical issues to support various interfaces that Android provides to the native world. Experimental results demonstrate that our framework works well with a set of real-world applications, and incurs only modest overhead on benchmark programs.",
author = "Mengtao Sun and Gang Tan",
year = "2014",
month = "1",
day = "1",
doi = "10.1145/2627393.2627396",
language = "English (US)",
isbn = "9781450329729",
series = "WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks",
publisher = "Association for Computing Machinery",
pages = "165--176",
booktitle = "WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks",

}

Sun, M & Tan, G 2014, NativeGuard: Protecting android applications from third-party native libraries. in WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks. WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Association for Computing Machinery, pp. 165-176, 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2014, Oxford, United Kingdom, 7/23/14. https://doi.org/10.1145/2627393.2627396

NativeGuard : Protecting android applications from third-party native libraries. / Sun, Mengtao; Tan, Gang.

WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks. Association for Computing Machinery, 2014. p. 165-176 (WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - NativeGuard

T2 - Protecting android applications from third-party native libraries

AU - Sun, Mengtao

AU - Tan, Gang

PY - 2014/1/1

Y1 - 2014/1/1

N2 - Android applications often include third-party libraries written in native code. However, current native components are not well managed by Android's security architecture. We present NativeGuard, a security framework that isolates native libraries from other components in Android applications. Leveraging the process-based protection in Android, NativeGuard isolates native libraries of an Android application into a second application where unnecessary privileges are eliminated. NativeGuard requires neither modifications to Android nor access to the source code of an application. It addresses multiple technical issues to support various interfaces that Android provides to the native world. Experimental results demonstrate that our framework works well with a set of real-world applications, and incurs only modest overhead on benchmark programs.

AB - Android applications often include third-party libraries written in native code. However, current native components are not well managed by Android's security architecture. We present NativeGuard, a security framework that isolates native libraries from other components in Android applications. Leveraging the process-based protection in Android, NativeGuard isolates native libraries of an Android application into a second application where unnecessary privileges are eliminated. NativeGuard requires neither modifications to Android nor access to the source code of an application. It addresses multiple technical issues to support various interfaces that Android provides to the native world. Experimental results demonstrate that our framework works well with a set of real-world applications, and incurs only modest overhead on benchmark programs.

UR - http://www.scopus.com/inward/record.url?scp=84907392772&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84907392772&partnerID=8YFLogxK

U2 - 10.1145/2627393.2627396

DO - 10.1145/2627393.2627396

M3 - Conference contribution

SN - 9781450329729

T3 - WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks

SP - 165

EP - 176

BT - WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks

PB - Association for Computing Machinery

ER -

Sun M, Tan G. NativeGuard: Protecting android applications from third-party native libraries. In WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks. Association for Computing Machinery. 2014. p. 165-176. (WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks). https://doi.org/10.1145/2627393.2627396