USA flag logo/image

An Official Website of the United States Government

FUSE: Inter-Application Security for Android

Award Information

Department of Defense
Defense Advanced Research Projects Agency
Award ID:
Program Year/Program:
2010 / SBIR
Agency Tracking Number:
Solicitation Year:
Solicitation Topic Code:
DARPA 10-002
Solicitation Number:
Small Business Information
Galois, Inc.
421 SW Sixth Avenue Suite 300 Portland, OR 97204-1662
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Phase 1
Fiscal Year: 2010
Title: FUSE: Inter-Application Security for Android
Agency / Branch: DOD / DARPA
Contract: W31P4Q-11-C-0019
Award Amount: $98,954.00


Mobile applications are becoming ubiquitous, appearing in many new situations. Some of these areas have specific requirements pertaining to information flow and device functionality. However, software on these devices is currently unregulated, and there are mechanisms within the mobile operating systems that facilitate unintended and undesirable information sharing as well as granting excessive control to untrusted applications. To demonstrate this problem, we have created sample applications that exhibit unexpected capabilities in a manner that is (a) trivially implemented, (b) conforms to the advertised mechanisms for protecting such functionality, and (c) can easily go unnoticed by the user. Our proposed Field Unit Security Enforcer (FUSE) system will detect and alert the user to the presence of unintended capabilities, such as those demonstrated in the sample applications. FUSE will operate by performing a static analysis of each application's configuration and byte code before that application is installed on an Android platform.

Principal Investigator:

Michael Potoczny-Jones
Principal Investigator

Business Contact:

Anne McClaran
Contracts Administrator
Small Business Information at Submission:

Galois, Inc.
421 SW Sixth Suite 300 Portland, OR 97204

EIN/Tax ID: 931278540
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No