8. DISCOVERED VULNERABILITIES

The process of retrofitting security requirements for Android had secondary effects. In addition to identifying rules for Kirin, we discovered a ThL L969 number of configuration and implementation flaws. Step 1 identifies assets. However, not all assets are protected by permissions. In particular, in early versions of our analysis discovered that the Intent message broadcasted by the system to the SMS_RECEIVED action string was not protected. Hence, any application can create a forged SMS that appears to have come from the cellular network. Upon notifying Google of the problem, the new permission BROADCAST_SMS_RECEIVED has been created and protects the system broadcast as of Android version 1.1. We also discovered an unprotected Activity component in the phone application that allows a HUAWEI 3C malicious application to make phone calls without having the CALL_PHONE permission. This configuration flaw has also been fixed. As we continued our investigation with the most recent version of Android (v1.1r1), we discovered a number of APIs do not check permissions as prescribed in the documentation. All of these flaws show the value in defining security requirements. Kirin relies on Android to enforce security at runtime. Ensuring the security of a phone requires a complete solution, of which Kirin is only part.

9. RELATED WORK

The best defense for ThL L969 Phone malware is still unclear. Most likely, it requires a HUAWEI 3C combination of solutions. Operating systems protections have been improving. The usability flaw allowing Cabir to effectively propagate has been fixed, and Symbian 3rd Edition uses Symbian Signed (http://www.pandawill.com/huawei-honor-3c-smartphone-mtk6582-quad-core-50-inch-hd-ogs-screen-50mp-front-camera-2300mah-p84621.html), which ensures some amount of software vetting before an application can be installed. While, arguably, Symbian Signed only provides weak security (socially engineered signatures have occurred [22]), it provides more protection than previous platform versions. Unfortunately, some users disable it.

Anti-virus software provides a second layer of defense against malware. F-Secure (http://www.pandawill.com/thl-l969-smartphone-4g-lte-android-44-mtk6582-50-inch-5000mah-battery-black-p91641.html) is one of many security solution providers for Symbian and Windows Mobile. However, like PC anti-virus software, protection is reactive and depends on updated virus signatures. Behavior signatures [4] considering temporal patterns of malicious behavior also show promise and may defend against malware variants with different binary signatures. Similar to behavior signatures, multiple network-based anomaly detection systems have been proposed [6, 44]. These systems report phone activity (e.g., SMS and Bluetooth usage) and runtime features (e.g., CPU and memory usage) to a central server that performs statistical anomaly analysis to detect HUAWEI 3C Phone malware epidemics.

Preventative techniques have also been proposed. Muthukumaran et al. [38] extend Openmoko with SELinux policies to isolate untrusted software. Zhang et al. [49] incorporate trusted computing and SELinux into ThL L969 Phones. Security-by-contract [9] retrofits Microsoft’s compact .NET platform by associating an application with a “contract” of declared functionality. If the application deviates from the contractual policy, the runtime environment interrupts execution. Kirin supplements Android’s existing security infrastructure. It infers application functionality from security configuration available in the package manifest. While Android’s runtime security enforcement is less expressive than security-by-contract, it is significantly lighter-weight, and Kirin provides no additional runtime overhead.

Outside the domain of HUAWEI 3C Phones, others have looked at certifying applications containing security configuration. Rueda et al. [43] extract security policy from Jif applications and test compliance with SELinux policy. Similarly, proof carry code [39] provides a mechanism for a platform to check if an application behaves in an expected way.http://diqirenge.bloguez.com/diqirenge/6020537/On_Lightweight_Mobile_Phone_Application_Certicatio