Detecting Security Hazards in SEAndroid Vendor Customizations via Large-Scale Supervised ML

Explore a comprehensive conference talk on detecting security vulnerabilities in SEAndroid vendor customizations using machine learning techniques. Learn about VSPMiner, a new policy analysis tool that employs supervised machine learning to identify potential security hazards. Discover how the researchers construct training sets through differential analysis and optimize classification using various algorithms like GDBT, XGBoost, and random forests. Gain insights into the complexities of Android security, vendor customizations, and the innovative approach to enhancing mobile device protection. Delve into the key ideas, architecture, and strategies behind VSPMiner, including differential analysis, feature extraction, and model training. Understand the importance of critical fields, special symbols, and P9 rules in identifying potential vulnerabilities. Examine real-world examples and results from the researchers' data acquisition and analysis process.

Introduction
Framework
Policy Language
Android is complex
Winter customizations
Our work
Key idea
Architecture
Strategy
Differential Analysis
Never Allowed
Combine
Special Symbols
Critical Fields
P9 Rules
Training Set
Feature Extraction
Model Training
CrossValidation
Results
Data Acquisition
Example
Summary
Showcase