(2016) SEAndroid Policy Analysis and Improvement: SELint
SEAndroid became mandatory for OEMs in Android 5.0. OEMs make mistakes when writing policies (see SEAL below). In this project, we implemented a tool to help OEMs develop better SEAndroid policies.
SELint works with source SEAndroid policies; it can be configured in advance by an expert analyst and later used by a policy developer without expert knowledge. SELint uses plugins to implement analysis functionality: this way it can be easily extended by OEMs and third parties.
The paper “SELint: an SEAndroid policy analysis tool” is available on arXiv and in the Proceedings of ICISSP 2017.
SELint is available on GitHub. More information on the Project Readme.
(2015) SEAndroid Analytics Library (SEAL)
SEAndroid became mandatory for OEMs in Android 5.0. In this project, we develop tools that can help an OEM or a researcher to analyze, understand or troubleshoot SEAndroid policies especially in the context of the target device where the policy is to be applied.
The paper “Characterizing SEAndroid Policies in the Wild” is available on arXiv and in the Proceedings of ICISSP 2016.
SEAL is available on GitHub. More information on the Project Wiki.
- Our paper is cited in the Writing SELinux Policy page in the Security section of the Android website.