hal-00747640, version 1
Increasing Android Security using a Lightweight OVAL-based Vulnerability Assessment Framework
Martín Barrère
a, 1Gaëtan Hurel
a, 1Rémi Badonnel a, 1Olivier Festor a, 1
5th IEEE Symposium on Configuration Analytics and Automation (SafeConfig'12) (2012)
Résumé : Mobile computing devices and the services offered by them are utilized by millions of users on a daily basis. However, they operate in hostile environments getting exposed to a wide variety of threats. Accordingly, vulnerability management mechanisms are highly required. We present in this paper a novel approach for increasing the security of mobile devices by efficiently detecting vulnerable configurations. In that context, we propose a modeling for performing vulnerability assessment activities as well as an OVAL-based distributed framework for ensuring safe configurations within the Android platform. We also describe an implementation prototype and evaluate its performance through an extensive set of experiments.
- a – INRIA
- 1 : MADYNES (INRIA Nancy - Grand Est / LORIA)
- INRIA – CNRS : UMR7503 – Université de Lorraine
- Collaboration : EU FP7 Univerself / FI-WARE PPP
- Domaine : Informatique/Réseaux et télécommunications
- Mots-clés : Mobile computing – security – Android – OVAL – XOvaldi – vulnerability assessment – vulnerability management
- hal-00747640, version 1
- http://hal.inria.fr/hal-00747640
- oai:hal.inria.fr:hal-00747640
- Contributeur : Martín Barrère
- Soumis le : Vendredi 2 Novembre 2012, 13:18:12
- Dernière modification le : Vendredi 2 Novembre 2012, 13:54:47
Documents associés
Exporter