Article thumbnail

The Dangers of Rooting: Data Leakage Detection in Android Applications

By Luca Casati and Andrea Visconti

Abstract

Mobile devices are widely spread all over the world, and Android is the most popular operative system in use. According to Kaspersky Lab’s threat statistic (June 2017), many users are tempted to root their mobile devices to get an unrestricted access to the file system, to install different versions of the operating system, to improve performance, and so on. The result is that unintended data leakage flaws may exist. In this paper, we (i) analyze the security issues of several applications considered relevant in terms of handling user sensitive information, for example, financial, social, and communication applications, showing that 51.6% of the tested applications suffer at least of an issue and (ii) show how an attacker might retrieve a user access token stored inside the device thus exposing users to a possible identity violation. Notice that such a token, and a number of other sensitive information, can be stolen by malicious users through a man-in-the-middle (MITM) attack

Topics: Telecommunication, TK5101-6720
Publisher: Hindawi Limited
Year: 2018
DOI identifier: 10.1155/2018/6020461
OAI identifier: oai:doaj.org/article:28185f5918d947bd811d6dc13ee9efe4
Journal:
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • https://doaj.org/toc/1875-905X (external link)
  • https://doaj.org/toc/1574-017X (external link)
  • http://dx.doi.org/10.1155/2018... (external link)
  • https://doaj.org/article/28185... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.