SCanDroid: Automated Security Certification of Android

dc.contributor.authorFuchs, Adam P.
dc.contributor.authorChaudhuri, Avik
dc.contributor.authorFoster, Jeffrey S.
dc.date.accessioned2011-09-02T19:12:37Z
dc.date.available2011-09-02T19:12:37Z
dc.date.issued2009-11-20
dc.description.abstractAndroid is a popular mobile-device platform developed by Google. Android’s application model is designed to encourage applications to share their code and data with other applications. While such sharing can be tightly controlled with permissions, in general users cannot determine what applications will do with their data, and thereby cannot decide what permissions such applications should run with. In this paper we present SCANDROID, a tool for reasoning automatically about the security of Android applications. SCanDroid’s analysis is modular to allow incremental checking of applications as they are installed on an Android device. It extracts security specifications from manifests that accompany such applications, and checks whether data flows through those applications are consistent with those specifications. To our knowledge, SCanDroid is the first program analysis tool for Android, and we expect it to be useful for automated security certification of Android applications.en_US
dc.identifier.urihttp://hdl.handle.net/1903/11847
dc.language.isoen_USen_US
dc.relation.ispartofseriesUM Computer Science Department;CS-TR-4991
dc.titleSCanDroid: Automated Security Certification of Androiden_US
dc.typeTechnical Reporten_US

Files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
CS-TR-4991.pdf
Size:
392.5 KB
Format:
Adobe Portable Document Format