FASE: Functionality-Aware Security Enforcement

This paper addresses the challenge of dynamically securing mobile applications against integrity and confidentiality threats while preserving their core functionality. Existing solutions for online security enforcement often cause undesirable side effects, if not crashes, due to unconstrained modification of run-time values (e.g., anonymization of sensitive user identifiers even when these are used for authentication).

We present Functionality-Aware Security Enforcement (FASE), a new run-time protection approach that addresses this important limitation. Our approach is based on the following key ideas: (i) fine-grained data flow tracking, able to precisely localize the (sub)values amenable to modification, (ii) an on-the-fly technique for repairing subsets of data that may compromise security, (iii) a declarative domain specific language (DSL) for expressing functional constraints over both the application and its library dependencies, and (iv) an online synthesizer which automatically replaces sensitive values with values satisfying the DSL constraints.

We implemented FASE for Android, and evaluated it on 20 real-world mobile apps. Our experimental results show that FASE is useful in practice: its average run-time overhead is less than 12%, the system avoids the crashes, visual side effects, and run-time errors exhibited by current solutions, and the apps' policies are readable and concise.

Author(s):

Petar Tsankov    
ETH Zurich
Switzerland

Marco Pistoia    
IBM T. J. Watson Research Center
United States

Omer Tripp    
Google
United States

Martin Vechev    
ETH Zurich
Switzerland

Pietro Ferrara    
Julia
Italy