BigMAC: Fine-Grained Policy Analysis of Android Firmware
USENIX Security Symposium(2020)
摘要
The Android operating system is the world's dominant mobile computing platform.
To defend against malicious applications and external attack, Android relies
upon a complex combination of discretionary and mandatory access control
mechanisms, including Linux capabilities, to maintain least privilege. To
understand the impact and interaction between these layers, we created a
framework called BigMAC that combines and instantiates all layers of the policy
together in a fine grained graph supporting millions of edges. Our model filters
out paths and types not in use on actual systems that policy analysis alone
would consider. Unlike previous work which requires a rooted device, using only
static firmware and Android domain knowledge, we are able to extract and
recreate the security state of a running system, achieving a process credential
recovery at best 74.7% and a filesystem DAC and MAC accuracy of over 98%. Using
BigMAC, we develop attack queries to discover sets of objects that can be
influenced by untrusted applications and external peripherals. Our evaluation
against Samsung S8+ and LG G7 firmwares reveals multiple policy concerns,
including untrusted apps on LG being able to communicate with a kernel
monitoring service, Samsung S8+ allowing IPC from untrusted apps to some root
processes, at least 24 processes with the CAP_SYS_ADMIN capability, and
system_server with the capability to load kernel modules. We have
reported our findings to the corresponding vendors and release BigMAC for the
community.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要