Custom privacy guards in Android

Abstract

In a thriving world fueled by advancements in mobile technology, there is a growing need for better system security for user data protection. Being the world market leader in mobile operating system software, Android provides an ecosystem to innocent users and malware families alike. Hence it is chosen as a starting point to implement advanced security mechanisms against privilege escalation attacks. LogicDroid is a custom Android OS that provides reinforced system security and fine-grained user-defined resource access. The operating principle of LogicDroid is based on a runtime kernel monitor module that detects privilege escalation attacks using an attack detection algorithm specified and modified by the user using an application called Security Controller. The security monitor functions in conjunction with various hooks implemented within the Android Framework layer. This project completes implementation of resource provider hooks and tests the real world application of LogicDroid, by porting it onto a Samsung Galaxy Nexus device and testing it against well documented and characterized malware applications. The effectiveness of these tests is analyzed using the Dalvik Debug Monitor and Wireshark analysis of the mobile device’s TCP dump. Additionally, minor corrections are made to the Security Controller application. Finally, the modified release of Android Marshmallow integrated with LogicDroid components is ported onto a Huawei Nexus 6P device and tested against malware applications.