Skip to main content
USENIX
  • Conferences
  • Students
Sign in
  • LEET '12 Home
  • Registration Information
  • Organizers
  • Workshop Program
  • Hotel & Travel Information
  • Students
  • Questions?
  • For Participants
  • Call for Papers
  • Past Proceedings

sponsors

General Sponsor

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home » RGBDroid: A Novel Response-Based Approach to Android Privilege Escalation Attacks
Tweet

connect with us

http://twitter.com/usenix

RGBDroid: A Novel Response-Based Approach to Android Privilege Escalation Attacks

Authors: 

Yeongung Park, Dankook University; ChoongHyun Lee, Massachusetts Institute of Technology; Chanhee Lee and JiHyeog Lim, Dankook University; Sangchul Han and Minkyu Park, Konkuk University; Seong-Je Cho, Dankook University

Abstract: 

Recent malware often collects sensitive information from third-party applications with an illegally escalated privilege to the system level (the highest level) on the Android platform. An attack to obtain root-level privilege in an Android environment can pose a serious threat to users because it breaks down the whole security system. RGBDroid (Rooting Good-Bye on Droid) is an extension to the Android smartphone platform that effectively detects and responds to the attacks associated with escalation or abuse of privileges. Considering the Android security model, which dictates that users are not allowed to get root-level privilege and that root-level privilege should be restrictively used, RGBDroid can find out whether an application illegally acquires root-level privilege, and does not permit an illegal root-level process to access protected resources according to the principle of least privilege. RGBDroid protects the Android system against malicious applications even when malware obtains root-level privilege by exploiting vulnerabilities of the Android platform.

This paper shows that i) a system can still be safely protected even after the system security is breached by privilege escalation attacks, and ii) our proposed response technique has comparative advantage over conventional prevention techniques in terms of operational overhead which can lead to significant deterioration of overall system performance. RGBDroid has been implemented on an embedded board and verified experimentally.

 

Yeongung Park, Dankook University

ChoongHyun Lee, Massachusetts Institute of Technology

Chanhee Lee, Dankook University

JiHyeog Lim, Dankook University

Sangchul Han, Konkuk University

Minkyu Park, Konkuk University

Seong-Je Cho, Dankook University

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {181328,
author = {Yeongung Park and ChoongHyun Lee and Chanhee Lee and JiHyeog Lim and Sangchul Han and Minkyu Park and Seong-Je Cho},
title = {{RGBDroid}: A Novel {Response-Based} Approach to Android Privilege Escalation Attacks},
booktitle = {5th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 12)},
year = {2012},
address = {San Jose, CA},
url = {https://www.usenix.org/conference/leet12/workshop-program/presentation/park},
publisher = {USENIX Association},
month = apr,
}
Download
Park PDF
View the slides

Presentation Video

Presentation Audio

MP3 Download OGG Download

Download Audio

  • Log in or    Register to post comments

General Sponsors

© USENIX

  • Privacy Policy
  • Contact Us