SLR-SELinux: Enhancing the Security Footstone of SEAndroid with Security Label Randomization. (26th October 2020)
- Record Type:
- Journal Article
- Title:
- SLR-SELinux: Enhancing the Security Footstone of SEAndroid with Security Label Randomization. (26th October 2020)
- Main Title:
- SLR-SELinux: Enhancing the Security Footstone of SEAndroid with Security Label Randomization
- Authors:
- Ding, Yan
Dong, Pan
Li, Zhipeng
Tan, Yusong
Huang, Chenlin
Wei, Lifeng
Zuo, Yudan - Other Names:
- Das Ashok Kumar Academic Editor.
- Abstract:
- Abstract : The root privilege escalation attack is extremely destructive to the security of the Android system. SEAndroid implements mandatory access control to the system through the SELinux security policy at the kernel mode, making the general root privilege escalation attacks unenforceable. However, malicious attackers can exploit the Linux kernel vulnerability of privilege escalation to modify the SELinux security labels of the process arbitrarily to obtain the desired permissions and undermine system security. Therefore, investigating the protection method of the security labels in the SELinux kernel is urgent. And the impact on the existing security configuration of the system must also be reduced. This paper proposes an optimization scheme of the SELinux mechanism based on security label randomization to solve the aforementioned problem. At the system runtime, the system randomizes the mapping of the security labels inside and outside the kernel to protect the privileged security labels of the system from illegal obtainment and tampering by attackers. This method is transparent to users; therefore, users do not need to modify the existing system security configuration. A tamper-proof detection method of SELinux security label is also proposed to further improve the security of the method. It detects and corrects the malicious tampering behaviors of the security label in the critical process of the system timely. The above methods are implemented in the Linux system,Abstract : The root privilege escalation attack is extremely destructive to the security of the Android system. SEAndroid implements mandatory access control to the system through the SELinux security policy at the kernel mode, making the general root privilege escalation attacks unenforceable. However, malicious attackers can exploit the Linux kernel vulnerability of privilege escalation to modify the SELinux security labels of the process arbitrarily to obtain the desired permissions and undermine system security. Therefore, investigating the protection method of the security labels in the SELinux kernel is urgent. And the impact on the existing security configuration of the system must also be reduced. This paper proposes an optimization scheme of the SELinux mechanism based on security label randomization to solve the aforementioned problem. At the system runtime, the system randomizes the mapping of the security labels inside and outside the kernel to protect the privileged security labels of the system from illegal obtainment and tampering by attackers. This method is transparent to users; therefore, users do not need to modify the existing system security configuration. A tamper-proof detection method of SELinux security label is also proposed to further improve the security of the method. It detects and corrects the malicious tampering behaviors of the security label in the critical process of the system timely. The above methods are implemented in the Linux system, and the effectiveness of security defense is proven through theoretical analysis and experimental verification. Numerous experiments show that the effect of this method on system performance is less than 1%, and the success probability of root privilege escalation attack is less than 10 −9 . … (more)
- Is Part Of:
- Wireless communications and mobile computing. Volume 2020(2020)
- Journal:
- Wireless communications and mobile computing
- Issue:
- Volume 2020(2020)
- Issue Display:
- Volume 2020, Issue 2020 (2020)
- Year:
- 2020
- Volume:
- 2020
- Issue:
- 2020
- Issue Sort Value:
- 2020-2020-2020-0000
- Page Start:
- Page End:
- Publication Date:
- 2020-10-26
- Subjects:
- Wireless communication systems -- Periodicals
Mobile communication systems -- Periodicals
621.38205 - Journal URLs:
- https://onlinelibrary.wiley.com/journal/15308677 ↗
https://www.hindawi.com/journals/wcmc/ ↗
http://onlinelibrary.wiley.com/ ↗ - DOI:
- 10.1155/2020/8866996 ↗
- Languages:
- English
- ISSNs:
- 1530-8669
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 9323.860000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 14760.xml