DELDROID: Determination and Enforcement of Least-Privilege Architecture in Android
DELDroid is an automated system for determination of least privilege architecture in Android and its enforcement at runtime. A key contribution of our approach is the ability to limit the privileges granted to apps without the need to modify them.
DELDroid utilizes static program analysis techniques to extract the exact privileges each component needs for providing its functionality. A Multiple-Domain Matrix representation of the system's architecture is then used to automatically analyze the security posture of the system and derive its least-privilege architecture.
A security architect can further adapt the architecture to establish the proper privileges for each component. Our experiments on hundreds of real-world apps corroborate DELDroid's ability in effective enforcement of least privilege architecture and detection of security vulnerabilities with negligible overhead.
Approach Overview
![[DELDroid]](./deldroid_approach.png)
Presentation
Android Apps and Evaluation Results
- Android apps and experimental results are available in Excel Online
Implementation
- DELDroid project source code is available on GitHub.
- git clone https://mhammad2@bitbucket.org/mhammad2/covert_deldroid.git
- IC3 MySQL Database
- ArchManager Android app
- Modified Android framework (Bullhead system image for Nexus 5X) [788MB]
- Modified Android framework (System image for Android emulator) [1.5GB]
Publication
- Determination and Enforcement of Least-Privilege Architecture in Android
Mahmoud Hammad, Hamid Bagheri, and Sam Malek
International Conference of Software Architecture (ICSA 2017), Gothenburg, Sweden, April 2017. (22% acceptance rate)
[PDF]
![[seal's logo]](../../seal.png)
![[uci's logo]](../../uci.jpg)