AuditD on Android
Porting GNU/Linux userland tools to the bionic/Linux userland of Android to provide access to the audit stream for Android applications with minimal overhead.
AuditD on Android
Porting GNU/Linux userland tools to the bionic/Linux userland of Android to provide access to the audit stream for Android applications with minimal overhead.
AuditD on Android Description
Our goal is to port a minimal set of userland tools from the GNU/Linux userland to the bionic/Linux userland of Android. We've stripped out most the functionality inherent in the Linux software including audisp, ausearch, and auparse. The audit stream is not sent directly to an AF_Unix socket (/dev/audit) by auditd. While not as elegant or robust as the Linux code, our goal is to provide access to the audit stream for Android applications with minimal overhead. Our choice for stripping down Audit is partly due to the fact bionic is horribly GNU incompatible, but also the smartphone platform should be treated than the traditional server/desktop due to resource and runtime constraints. Requirements: A rooted Android system. Running the 2.6.29 or higher x86 kernel with CONFIG_AUDITSYSCALL=y. For the ARM platform, the kernel must be patched (See section 'Custom Kernel'). We needed to copy over the audit.h kernel header because Google uses clean headers. Their utilities to clean headers are unusable by those not blessed with the power of Google (i.e., the documentation is minimal and the ixd is horrible). More details in the directory structure section.
AuditD on Android FAQ
Common questions about AuditD on Android including features, pricing, alternatives, and user reviews.
AuditD on Android is Porting GNU/Linux userland tools to the bionic/Linux userland of Android to provide access to the audit stream for Android applications with minimal overhead.. It is a Security Operations solution designed to help security teams with Linux, Audit, Kernel.
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Stay Updated with Mandos Brief
Get the latest cybersecurity updates in your inbox
TRENDING CATEGORIES
POPULAR
Security platform that provides protection, monitoring and governance for enterprise generative AI applications and LLMs against various threats including prompt injection and data poisoning.
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
Weekly cybersecurity newsletter for security leaders and professionals