Detecting Security Hazards in SEAndroid Vendor Customizations via Large-Scale Supervised ML

Explore a comprehensive conference talk on detecting security vulnerabilities in SEAndroid vendor customizations using machine learning techniques. Learn about VSPMiner, a new policy analysis tool that employs supervised machine learning to identify potential security hazards. Discover how the researchers construct training sets through differential analysis and optimize classification using various algorithms like GDBT, XGBoost, and random forests. Gain insights into the complexities of Android security, vendor customizations, and the innovative approach to enhancing mobile device protection. Delve into the key ideas, architecture, and strategies behind VSPMiner, including differential analysis, feature extraction, and model training. Understand the importance of critical fields, special symbols, and P9 rules in identifying potential vulnerabilities. Examine real-world examples and results from the researchers' data acquisition and analysis process.