【Android论文栏目提醒】:网学会员为广大网友收集整理了,基于安卓系统安全的分析与研究 - 编程语言,希望对大家有所帮助!
2012 Fifth International Conference on Intelligent ComputationTechnology and AutomationAnalysis and Research of SystemSecurity Based on AndroidHan BingNorth China University of Technology Beijing 100144 Chinajluhan_bin163.comAbstract—Android is a smart mobile terminal operating platform core on Linux. Butdue to its open-source software and programmable framework character it leads theAndroid system vulnerable to get virus attacks. This paper has deeply researched fromthe Linux system security mechanism Android-specific security mechanisms andother protection mechanisms. And on this basis Android devices have achievedclosely guarded on normal state. So that attackers can not use the kernel module orcore library to get highest access permission and be attacked. Meanwhile to furtherstrengthen he security of Android devices it enables them to properly handle thehigh-risk threat. This paper also strengthened intrusion detection system HIDSbased on the host in order to detect malicious software and strengthen the Androidsystem-level access control.Keywords-Android System Security Abnormity DetectionI. I NTRODUCTIONAndroid is a software stack for mobile devices that includes an operating systemmiddleware and key applications. The Android SDK provides the tools and APIsnecessary to begin developing applications on the Android platform using the Javaprogramming language.1 Android is planned to run on many different types ofdevices. For developers the range and number of devices means a huge potentialaudience: the more devices that run Android applications the more users who canaccess application. In exchange however it also means that applications will have tocope with that same variety of hardware.Android platform is based on Linux technology and composed of operating systemuser interface and application components. It allows developer freedom access andmodify the source code. It is the free mobile terminal platform with open theapplication program equality no boundaries between applications facilitate and rapidapplication development and other advantages. Its issuance breaks monopoly status ofthe Microsoft Windows Mobile operating system and Nokias Symbian operatingsystem in he smart mobile telephone platform while the advantages of its platformalso greatly enriched the variety of handheld device software functions. It becomesthe intelligent terminal market leader.Android platform is a set of software package for mobile devices it includes anoperating system middleware and key applications. Android uses the most innovativecharacteristic.It allows anyone develop him own applications and freely distributed. But when openprovides various conveniences for developers and users it also increases the safetymisery.Due to the lack application development and issuance of effective control the user islikely downloaded and installed malicious written by software hackers. This willresult in some or all of the features in the mobile telephone not work properly. So itdeeply studies Androids security mechanisms it can effectively enhance theprotection ability and great significanceII. ANDROID P LATFORM ARCHITECTUREAndroid has built-in tools and support which make it easy for applications to do thatwhile at the same time letting the system maintain control of what types of devicesapplication is available to. With a bit of forethought and some minor changes inapplications manifest file it can ensure that users whose devices can’t runapplication will never see it in the Android Market and will not get in trouble bydownloading it. This can explains how it can control which devices have access to itsapplications and how to prepare its applications to make sure they reach the rightaudience.Android provides an open development platform and offers developers the capabilityto build greatly rich and innovative applications. Developers are free to be superiorityof device hardware access location information run background service set alarmadd inform to the status barand so on. Developers have full access to the same framework. The coreapplications use APIs. The application architecture is designed to simplify the reuse ofcomponents any application can publish its abilities and any other application maythen make use of those abilities. This same mechanism permits components to bereplaced by the user.From top to bottom Android platform is composed of the Linux kernel systemlibraries Android run time application framework and so on five parts. It is shown inFigure 1 of the following:A.Linux KernelAndroid relies on Linux 2.6 version. It provides core system services: securitymemory management process management network group driven model. The corepart is equivalent to a abstract level between the hardware layer and other software inthe systemsB. Library and Android RuntimeAndroid includes a set of C/C libraries. Various components of Android system areuse now. These functions are exposed to developers through the Android applicationframework. Androids core libraries provide most of the function to the Java classlibraries. Every Android application runs in its own process and enjoys theproprietary instance distributed by Dalvik virtual machineand support multiple virtual machines efficiently run on the same device.Figure 1. Android System ArchitectureC. Application FrameworkUpper core application program of Android system is reply on frame arrangementAPI development application architecture can simplify component reuse mechanism.Any application can publish its own features. These functions can be used to anyother application of course it is restricted from the framework constraints safetystandards and the same to reuse mechanism the framework supports componentreplacement.D. ApplicationsAndroid applications are written in Java programming language. The Android SDKtools compile the code—along with any data and resource files—into an Androidpackage an archive file with an .apk suffix. All the code in a single .apk file isconsidered to be one application and is thefile that Android-powered devices use to install the application.The Android platform default includes a set of core applications. It includes homebrowser communication services contacts and other applications. These applicationsare written by the Java programming language. It can provides developers a reference.As the Android platform applications equality developers can write their ownapplications to replace the default applications provided by Android.III. ANDROID S YSTEM SECURITYThe core design idea of Android security architecture is as the following. In thedefault settings all applications do not have permission for other applicationssystems or users greater impact on the operation. This includes read and write userprivacy data contacts or e-mail read and write otherapplications files access the network or block devices and so on.Androids security mechanism is mainly reflected in two aspects: Android systemsecurity and data security. Android system security is referred to the protection ofsmart terminal itself to operating system. It can prevent unauthorized user externalaccess and authorized service permission. It includes users behaviour detectionoperating authority and other measures. The data security is referred to ensure theintegrity and legitimacy of stored data it requires the system can properly transmitdata the authorization process successfully read data.A. Android system security protectionAndroid system safety inherited the design of Linux in the design ideology Androidprovided security memory management process management network managementdrive model and other core service in the kernel. The kernel part is actually a abstractlevel between hardware abstraction layer and other software group. In practiceoperation each Android application runs in its own process. Android systemapplications are run in some low-level function such as threads and low memorymanagement Android itself is a separate operating and permission system. In theoperating system each application runs with a unique system identity Linux user IDand group ID. Each parts of the system were also using their own independentidentification mode.The most security functions of the system are provided by the permission mechanism.Permission can be restricted to particular specific process operations and can alsorestrict URL permission to access specific data segment.B. Android Data Security ProtectionAndroid is a operating system with privilege-separated. Each application runs with adistinct system identity in android. Parts of the system are also separated into distinctidentities. So Linux separates applications from one another and the system.Additional finer-grained security features are provided by a quotpermissionquot mechanismthat enforces restrictions on the specific operations that a particular process canperform and per-URI permissions for granting ad-hoc access tospecific pieces of data. Data security mainly relies on software signature mechanism.Android and applications are both needed sign. When it releases at first it needgenerate a public key andprivate key through development/tools/make_key. Thetools ./out/host/linux-x86/framework/signapk.jar provided by Android the main roleof signature is to modify program limited to the same source. The system has twomain ways to detect. If the program is upgrade install it needs check whether thesignature certificate of old and new program areconsistent. If it is not the same it will failed install. To application permission forthe protected level of signature or signature or system it will check the certificate ofpermission requester and permission of declarer is the same.It uses AndroidManifest.xml file to achieve software’s data security function. Whenthe specified software services is called the system first checks AndroidManifest.Xml file in the software namely the software master configuration file. Whichcontains a ltuses-permissiongt label to declare operating authority :ltmanifestgt ltuses-permissionandroid:namequotandroid.permission.READ_quot /gtltuses-permission android: namequotandroid.permission.RECEIVE_quot /gtltuses-permissionandroid:namequotandroid.permission.SEND_quot /gt lt/manifestgtAccording to the permission declaration system checks the relevant permission whensoftware installation and calling. If the system will successfully execute when itown with the permission otherwise it reject operation.IV. ANDROID SECURITY P ERFORMANCE I MPROVEMENTAlthough the Android security mechanisms has ensured through the system and datasecurity mechanisms but it does not mean that there is no android security risks.Current there is securityrisks exist and combined with todays mobile devices againstattack this paper has deeply researched on the android mobile devices based on Linuxkernel attacks. To ensure system security requirements it is necessary to implementdetecting malicious software on mobile devices. The software has evaluated therunning process. This framework relies on a lightweight agent and continuoussamples various characteristics on the device. Using self-learning adaptive method toanalyze the collected data and then infer the devices health status. Frameworkprovides API extraction keyboard touch screen scheduling and memory and Linuxkernel operating. Android devices have developed many applications. The SDKprovides many tools to facilitate. These tools could be accessed according to thecommand line or AndroidDevelopment Tools. As Android could straight call the tools Developing with Eclipse.So it needs the preferred method when it develops applications.When it selects to develop another IDE or a simple text editor and calls the tools onthe command line or with scripts. As it will have to call command line tools manuallyonoccasion this is a less streamlined way to develop. At the same time it will haveaccess to the same number of functions that it would have in Eclipse. As theAndroid system is based on the Linux kernel so it there exists a lot of vulnerabilitieslike Linux it has become the focus of the current target attacked by hackers. Becauseit exist loophole hackers have developed a number ofexploits to steal users privacy deductions and other malicious software. Themalicious software can start malicious processes in the background through automaticnetwork. It stole the privacy content of mobile telephones and directly threat userssecurity.Intrusion detection systemframework is designed as the following in figure 2:In order to further strengthen the Android system and underlying access control whichbelong to privileged user in critical Linux process. System adopts SELinux to avoidan attacker controlling the system process using high-privilege. When the system isrunning SELinux on Android.Experiments show that Android devices running on SELinux is feasible. The user canestablish a customized security policy to improve the system security levelV. CONCLUSIONSThe Android’s goal is to establish a enormous installed base for developers to takeadvantage. One of the method it will accomplish this is according to different kinds ofhardware running the same software environment. But it also recognizes that onlydevelopers know which kinds of devices their applications make sense on. It has builtin tools to the SDK and set up policies and requirements to ensure that developersremain in control of their apps today and inthe future. With the information it just read and the resources listed in the sidebar ofthis document it can publish its application with the confidence that only userswho can run it will see it. In this paper it has analysis Android systems securitymechanisms with widely used in mobile platforms. It has separately introduced itssystem architecture securitymechanism and safety problems. Through it has analysis Android securitymechanisms and its components it has set to the Android security safetymechanism side system security and data security. It has promoted system security tosystem permission. At the same time it analysis the Android security risks it hasdeeply researched the attack based on Linux kernel. It has proposed securitymechanisms based on SELinux policy theory to ensure system security on applicationprogram framework layer. Not only from the Linux kernel layer it uses Androidssecurity framework to ensure system security from the application layer intrusion soit is essential to research and develop the method to protect the Android framework.This work will be the reference base to the Android further security analysis.ACKNOWLEDGMENTThe work is supported by quotScience Park Cupquot Studentsscientific and technological innovation projects quotDesign andImplementation of Personalized smart telephone lock/unlock quot of North China University of Technology in 2011.REFERENCES1 http://developer.android.com/guide/basics/what-is-android.html2 Android Kernel Issues.http://www.kandroid.org.3 Benj amin Speckmann.The Android mobile platformEB /OL.2008-04-26.4 http: www.emich.edu /compsci /projects/Master_thesis-Benjamin_Specklnann.pdf□5 Gong lei zhou chong Development and Research of mobile terminalapplication based on Android J. Computer and Modernization2008.86-89.6 Shabtai AFledel YElovici Y.Securing Android-powered mobiledevices using SELinux.IEEE Security amp Privacy2010:36 —44.7 Chatterjee S. Abhichandani T. Haiqing Li.TuIu B. Jongbok Byun.Instant messaging and presence technologies for collegecampuses J . IEEE Net wo rk 2005 19 3 : 22-33.8 Chan Yeob YeunSalman Mohammed Al-Marzouqi. PracticalImplementations for Securing VoIP Enabled Mobile Devices.International Conference on Network and System Security NSS2009 3rd.9 ED P Saint..Andre. RFC3921 Ex tensible messag ing and presencepro tocol XM PP : instant messag ing and presence S . S. l. .IETF 2004.10 Shin WKwak SKiyomoto Set al.A small but non-negligible flaw inthe Android permission scheme.IEEE Internati.