Á¤º¸°úÇÐȸ³í¹®Áö (Journal of KIISE)
| ÇѱÛÁ¦¸ñ(Korean Title) |
·çÆÃµÈ ¾Èµå·ÎÀ̵å Æù¿¡¼ SEAndroid¸¦ ÀÌ¿ëÇÑ È¿°úÀûÀÎ ¾Û µ¥ÀÌÅÍ º¸È£ ±â¹ý |
| ¿µ¹®Á¦¸ñ(English Title) |
An Effective Technique for Protecting Application Data using Security Enhanced (SE) Android in Rooted Android Phones |
| ÀúÀÚ(Author) |
Á¤À±½Ä
Á¶¼ºÁ¦
Youn-sik Jeong
Seong-je Cho
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 44 NO. 04 PP. 0352 ~ 0362 (2017. 04) |
Çѱ۳»¿ë
(Korean Abstract) |
º» ³í¹®¿¡¼´Â ·çÆÃµÈ ´Ü¸» ȯ°æ¿¡¼ SEAndroidÀÇ º¸¾È À§ÇùÀ» ü°èÀûÀ¸·Î ºÐ¼®ÇÏ°í, È¿°úÀûÀ¸·Î ¾Û µ¥ÀÌÅ͸¦ º¸È£ÇÏ´Â ±â¹ýÀ» Á¦¾ÈÇÑ´Ù. ·çÆõÇÁö ¾ÊÀº ¾Èµå·ÎÀÌµå ´Ü¸»ÀÇ °æ¿ì, Á¢±ÙÁ¦¾î ¸ðµ¨¿¡ ÀÇÇØ ÇÑ ¾ÛÀÇ µ¥ÀÌÅÍ´Â ÇØ´ç ¾Û¸¸ÀÌ Á¢±ÙÇÒ ¼ö ÀÖ´Ù. ÇÏÁö¸¸, ·çÆÃµÈ ´Ü¸»ÀÇ °æ¿ì Á¢±ÙÁ¦¾î ¸ðµ¨ÀÌ ¹«·ÂȵǾî, ·çÆ® ±ÇÇÑ ½©ÀÌ ÀÓÀÇ·Î ´Ù¸¥ ¾ÛÀÇ ¹Î°¨ÇÑ µ¥ÀÌÅÍ¿¡ Á¢±ÙÇϰųª ¾Ç¼º ¾ÛÀÌ ´Ù¸¥ ¾ÛÀÇ µ¥ÀÌÅ͸¦ ¿ÜºÎ·Î À¯ÃâÇÒ ¼öµµ ÀÖ´Ù. À̸¦ ¹æ¾îÇϱâ À§ÇØ, º» ³í¹®¿¡¼´Â ±âÁ¸ SEAndroidÀÇ LSM(Linux Security Module) Hook ÇÔ¼ö¸¦ ¼öÁ¤ÇÏ¿© Á¦ÇÑµÈ ÇÁ·Î¼¼½º¸¸ÀÌ Æ¯Á¤ ¾Û µ¥ÀÌÅ͸¦ Á¢±ÙÇÒ ¼ö ÀÖµµ·Ï ÇÏ¿´´Ù. ¶ÇÇÑ »õ·Î¿î µµ¸ÞÀΠŸÀÔÀÇ °ü¸® ÇÁ·Î¼¼½º¸¦ Ãß°¡ÇÏ¿´°í, ÇØ´ç ÇÁ·Î¼¼½º·Î ÇÏ¿©±Ý »õ·Î ¼³Ä¡µÇ´Â ¾ÛÀÇ µð·ºÅ丮 ŸÀÔÀ» ºÐ¸®ÇÏ¿© °ü¸®ÇÏ°Ô ÇÏ¿´´Ù. ½ÇÇèÀ» ÅëÇØ, Á¦¾È ±â¹ýÀÌ ¾Û µ¥ÀÌÅ͸¦ È¿°úÀûÀ¸·Î º¸È£ÇÔ°ú ¼º´É ¿À¹öÇìµå°¡ 2ÃÊ À̳»ÀÓÀ» º¸ÀδÙ.
|
¿µ¹®³»¿ë
(English Abstract) |
This paper analyzes security threats in Security Enhanced (SE) Android and proposes a new technique to efficiently protect application data including private information on rooted Android phones. On an unrooted device, application data can be accessed by the application itself according to the access control models. However, on a rooted device, a root-privileged shell can disable part or all of the access control model enforcement procedures. Therefore, a root-privileged shell can directly access sensitive data of other applications, and a malicious application can leak the data of other applications outside the device. To address this problem, the proposed technique allows only some specific processes to access to the data of other applications including private information by modifying the existing SEAndroid Linux Security Module (LSM) Hook function. Also, a new domain type of process is added to the target system to enforce stronger security rules. In addition, the proposed technique separates the directory type of a newly installed application and the directory type of previously installed applications. Experimental results show that the proposed technique can effectively protect the data of each application and incur performance overhead up to or less than 2 seconds.
|
| Å°¿öµå(Keyword) |
¾Èµå·ÎÀ̵å
·çÆÃ
SEAndroid
Á¢±ÙÁ¦¾î
¾Û µ¥ÀÌÅÍ º¸È£
Android
rooting
SE Android
access control
application data protection
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
