March 4, 2021

SpywareNews.com

Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

SEPAL: Towards a Large-scale Analysis of SEAndroid Policy Customization. (arXiv:2102.09764v1 [cs.CR])

To investigate the status quo of SEAndroid policy customization, we propose
SEPAL, a universal tool to automatically retrieve and examine the customized
policy rules. SEPAL applies the NLP technique and employs and trains a
wide&deep model to quickly and precisely predict whether one rule is
unregulated or not.Our evaluation shows SEPAL is effective, practical and
scalable. We verify SEPAL outperforms the state of the art approach (i.e.,
EASEAndroid) by 15% accuracy rate on average. In our experiments, SEPAL
successfully identifies 7,111 unregulated policy rules with a low false
positive rate from 595,236 customized rules (extracted from 774 Android
firmware images of 72 manufacturers). We further discover the policy
customization problem is getting worse in newer Android versions (e.g., around
8% for Android 7 and nearly 20% for Android 9), even though more and more
efforts are made. Then, we conduct a deep study and discuss why the unregulated
rules are introduced and how they can compromise user devices. Last, we report
some unregulated rules to seven vendors and so far four of them confirm our
findings.