FUSE: Inter-Application Security for Android

Award Information
Agency:
Department of Defense
Amount:
$1,120,974.00
Program:
SBIR
Contract:
W31P4Q-12-C-0024
Solitcitation Year:
2011
Solicitation Number:
2011.2
Branch:
Defense Advanced Research Projects Agency
Award Year:
2011
Phase:
Phase II
Agency Tracking Number:
10SB2-0084
Solicitation Topic Code:
SB102-002
Small Business Information
Galois, Inc.
421 SW Sixth, Suite 300, Portland, OR, -
Hubzone Owned:
N
Woman Owned:
N
Socially and Economically Disadvantaged:
N
Duns:
098009918
Principal Investigator
 Joe Hurd
 Principal Investigator
 (503) 808-7202
 joe@galois.com
Business Contact
 Jodee LeRoux
Title: Contracts
Phone: (503) 808-7209
Email: jodee@galois.com
Research Institution
 Stub
Abstract
The increasingly common use of mobile software platforms such as Android provides convenience and cost savings by consolidating multiple functions within one device. This consolidation comes at a price, however: the interactions between the various software applications (apps) is hard to predict. The underlying operating system provides security mechanisms to isolate apps and control communication between them, but these mechanisms must be used correctly. Tools currently exist to analyze apps in isolation to search for behaviors that might lead to violations of an expected security policy. However, none of these tools currently analyze collections of apps to determine how they interact in a deployed system. Phase I of this effort has demonstrated that such inter-app behavior analysis is indeed feasible through the development of a simple prototype of a tool set we call FUSE. Our Phase II work will consist of maturing the FUSE prototype, building a more sophisticated user interface, and exploring new research directions to improve the scope and precision of the analysis.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government