Personal tools
You are here: Home Events An Automatic Approach for Security Policies Generation

An Automatic Approach for Security Policies Generation

— filed under:

  • Lab Lunch
When Mar 01, 2016
from 01:00 PM to 02:00 PM
Where MF2
Add event to calendar vCal

Security on Android is enforced via permissions giving access to resources on the device. These permissions are often too coarse and their attribution is based on an all-or-nothing decision in the vast majority of Android versions. Additional security policies can be prescribed to impose a finer-grained control over resources. However, some key questions must be addressed: who writes the policies? What is the rational behind them? An answer could be that policies are written by experts based on intuition and prior knowledge. What can we do then in the absence of expertise? Moreover, are we sure that they provide enough coverage? What is the coverage criterion?

We present a data-driven approach for the automatic inference of anti-malware policies. it uses a training set of malware and benign applications to infer a policy under which a maximum of malware is discarded
while the number of excluded benign applications is minimized. We formulate this as a pseudo-boolean optimization problem
and use an off-the-shelf tool (such as Z3) to solve it. We report on the preliminary results obtained via our implementation.

Document Actions