Malware poses a serious threat to the Android ecosystem. Moreover, even benign applications can sometimes constitute security and privacy risks to their users, as they might contain vulnerabilities, or they might perform unwanted actions. Previous research has shown that the current Android security model is not sufficient to protect against these threats, and several solutions have been proposed to enable the specification and enforcing of finer-grained security policies. Unfortunately, many existing solutions suffer from several limitations: they require modifications to the Android framework, root access to the device, to create a modified version of an existing app that cannot be installed without enabling unsafe options, or they cannot completely sandbox native code components. In this work, we propose a novel approach that aims to sandbox arbitrary Android applications. Our solution, called NJAS, works by executing an Android application within the context of another one, and it achieves sandboxing by means of system call interposition. In this paper, we show that our solution overcomes major limitations that affect existing solutions. In fact, it does not require any modification to the framework, does not require root access to the device, and does not require the user to enable unsafe options. Moreover, the core sandboxing mechanism cannot be evaded by using native code components.
@inproceedings{Bianchi2015NJAS_Sandboxing,
title = {{NJAS: Sandboxing Unmodified Applications in Non-rooted Devices Running Stock Android}},
author = {Bianchi, Antonio and Fratantonio, Yanick and Kruegel, Christopher and Vigna, Giovanni},
booktitle = {Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices},
series = {SPSM '15},
year = {2015},
address = {New York, NY, USA},
doi = {10.1145/2808117.2808122},
isbn = {978-1-4503-3819-6},
pages = {27--38},
publisher = {ACM},
url = {https://doi.org/10.1145/2808117.2808122}
}