Skip to main content.

AppGuard - Real-time policy enforcement for third-party applications

Michael Backes, Sebastian Gerling, Christian Hammer, Matteo Maffei, and Philipp von Styp-Rekowsky

Updated: 17th December, 2012

Problem Description

Android has become the most popular operating system for mobile devices, which makes it a prominent target for malicious software. The security concept of Android is based on app isolation and access control for critical system resources. However, users can only review and accept permission requests at install time, or else they cannot install an app at all. Android neither supports permission revocation after the installation of an app, nor dynamic permission assignment. Additionally, the current permission system is too coarse for many tasks and cannot easily be refined. We present an inline reference monitor system that overcomes these deficiencies. It extends Android's permission system to impede overly curious behaviors; it supports complex policies, and mitigates vulnerabilities of third-party apps and the OS. It is the first solution that provides a practical extension of the current Android permission system as it can be deployed to all Android devices without modification of the firmware or root access to the smartphone. Our experimental analysis shows that we can remove permissions for overly curious apps as well as defend against several recent real-world attacks on Android phones with very little space and runtime overhead.

Where to get AppGuard?

AppGuard can be downloaded here.

Scientific Publication

Attention in the media


ARD Tagesschau   27. Juli. 2010 0 Uhr (External link)

Print media and websites   04. Juli. 2012 (External link)
Heise Online   05. Juli. 2012 (External link)   05. Juli. 2012 (External link)   06. Juli. 2012 (External link)
Wirtschafts Woche   27. Juli. 2012 (External link)
Focus Online   27. Juli. 2012 (External link)


Deutschlandradio Kultur - Radiofeuilleton: Elektronische Welten   05. Juli. 2012 (External link)


In case of questions please contact:

 Prof. Dr. Michael Backes   [backes (at) cs (dot) uni-saarland (dot) de]