Preventive Policy Enforcement with Minimum User Intervention Against SMS Malware in Android Devices

摘要

In this paper, we propose MinDroid, a usercentric preventive policy enforcement system against SMS malware in Android devices. The design of MinDroid takes into consideration the user's little understanding of the Android permission system. This can be done by deriving the policy rules from the behavioral model of the malicious SMS applications rather than adopting user-defined rules. MinDroid requires user intervention only during the first T time units from the application installation time. The user during this time period is notified to accept or reject the SMS-sending operations.MinDroid execution is specified as a finite statemachine, and its security properties are formally proven using Metric Temporal Logic.We also showthat Min- Droid is resilient against threats trying to compromise its correct functionality. In addition, an analytical study demonstrates that MinDroid offers good performance in terms of detection time and execution cost in comparison with intrusion detection systems based on static and dynamic analysis. The detection efficiency of MinDroid is also studied in terms of detection rate, false positive rate, andROCdistance.Aprototype implementation of MinDroid is tested under Android emulator.