222,277 research outputs found
Isolated Mobile Malware Observation
The idea behind Bring Your Own Device (BYOD) it that personal mobile devices can be used in the workplace to enhance convenience and flexibility. This development encourages organizations to allow access of personal mobile devices to business information and systems for businesses operation. However, BYOD opens a firm to various security risks such as data contamination and the exposure of user interest to criminal activities. Mobile devices were not designed to handle intense data security and advanced security features are frequently turned off. Using personal mobile devices can also expose a system to various forms of security threats like malware. This research aims to analyze mobile network traffic from suspicious mobile applications and investigate data accessible to malicious applications on mobile devices. The research is further intended to observe the behavior of malware on mobile devices. A network with a wireless communication over a centralized access control point was built. The control access point serves as the centralized location for data monitoring, capturing and analyzing of transmitted data from all the devices connected to it. The research demonstrates a procedure for data capturing for analysis from a data collection point which does not require access to each application and allows for the study of potential infections from the outside of the mobile device
Are You Annoyed? The Effects of Mobile Device User Interface and Intrusiveness of Security Notifications on User Security Perceptions
Research on the behavioral-based security of information systems within organizations and for personal use has been common over the last decade, however little is known regarding how individuals perceive the security of their mobile devices. This study seeks to explore how the security notifications within a mobile application environment alter adoption and security-related beliefs concerning their device. We proposed a theoretical model based on the technology adoption and psychological theories, and conducted a set of controlled experiments with 351 subjects in six US universities. A structural equation modeling technique was utilized to examine the overall research model. The data analysis results demonstrate that the majority of our proposed hypotheses were significant. We find that disruptive mobile security notifications cause user irritation, which negatively impacts user perception about mobile security. Mobile device user interface also has compounding effects on usersâ perceived usefulness and security with mobile devices
Secure Android Code Helper (Sach): A Tool For Assisting Secure Android Application Development
Mobile devices now store a lot of sensitive data. With many users adapting to the technical advancement of mobile devices, security of the user\u27s sensitive data becomes imperative. Security vulnerabilities in the mobile apps will lead to leakage of userââŹâ˘s sensitive data. The goal of this research is to propose a tool to help programmers create secure Android applications. The tool will warn developers about specific classes or methods that include security vulnerabilities such as data leakage and access control vulnerabilities. The tool analyzes Android source code using two approaches: 1) Parse the source code and XML to report vulnerabilities based on CERT secure coding rules for Android application development and 2) Run FlowDroid on source code, parse the output of FlowDroid and look for device ID, GPS location data being leaked to a log file or through implicit intent. The results from these approaches are combined into reports that inform developers of security vulnerabilities. The proof of concept of the tool has been implemented and tested. Future work includes completing implementation of the tool and running tests on a large number of source codes to evaluate its effectiveness
Future challenges and recommendations
Rapid advances in information technology and telecommunications, and in particular mobile and wireless communications, converge towards the emergence of a new type of âinfostructureâ that has the potential of supporting a large spectrum of advanced services for healthcare and health. Currently the ICT community produces a great effort to drill down from the vision and the promises of wireless and mobile technologies and provide practical application solutions. Research and development include data gathering and omni-directional transfer of vital information, integration of human machine interface technology into handheld devices and personal applications, security and interoperability of date and integration with hospital legacy systems and electronic patient record. The ongoing evolution of wireless technology and mobile device capabilities is changing the way healthcare providers interact with information technologies. The growth and acceptance of mobile information technology at the point of care, coupled with the promise and convenience of data on demand, creates opportunities for enhanced patient care and safety. The developments presented in this section demonstrate clearly the innovation aspects and trends towards user oriented applications
Secure Android Code Helper (Sach): A Tool For Assisting Secure Android Application Development
Mobile devices now store a lot of sensitive data. With many users adapting to the technical advancement of mobile devices, security of the user\u27s sensitive data becomes imperative. Security vulnerabilities in the mobile apps will lead to leakage of userââŹâ˘s sensitive data. The goal of this research is to propose a tool to help programmers create secure Android applications. The tool will warn developers about specific classes or methods that include security vulnerabilities such as data leakage and access control vulnerabilities. The tool analyzes Android source code using two approaches: 1) Parse the source code and XML to report vulnerabilities based on CERT secure coding rules for Android application development and 2) Run FlowDroid on source code, parse the output of FlowDroid and look for device ID, GPS location data being leaked to a log file or through implicit intent. The results from these approaches are combined into reports that inform developers of security vulnerabilities. The proof of concept of the tool has been implemented and tested. Future work includes completing implementation of the tool and running tests on a large number of source codes to evaluate its effectiveness
A New Learner's Security Behavior Model For M-Learning In Malaysian Higher Education Institution
The motivation to conduct this research came from the awareness that the mobile device exposes m-Learning to security threats and vulnerabilities. The most unfocused issues were the mobile security behavior on learners itself; despite statistically determined that the risks are developing each day on mobile application and devices. Literature has pointed out that learnersâ security behavior required to be addressed to control the mobile security threats. This research proposes a learnerâs security behavioral model for mobile learning in Malaysia Higher Education Institutions (HEIs). With the security behavior reflection, this model aimed to improve the implementation and management of mobile security in m-Learning taking consideration of the learnersâ perspective. This research consisted of four phases, Planning phase, Data Collection Phase, Analysis Phase and Model Development Phase. Four mix-method studies were conducted to generate the dimensions for the model development. Review from the experts and risk based analysis approach confirmed the research findings and validated the practicality of addressing the learnersâ behaviors in mobile security. This research contributed to better understanding of the learnersâ complexity in mobile security. The research suggested that learnersâ security behavior view is significant in preparing mobile security model. This model found to be compatible and qualified, providing the m-Learning learnersâ perception within possible security threats that significantly controls to defend against malicious and non-malicious attacks. This approach can guide on what can be done to improve learnersâ participation and responsibilities on securing m-Learning. This research also extended the existing knowledge of mobile security and m-Learning fields by focusing analytically on the intersection of both fields. New knowledge about mobile security in the m-Learning from the learnersâ security behavior perspective was derived in this research
Vulnerability Analysis of Digital Banks' Mobile Applications
There is a rapid increase in the number of mobile banking applications' users
due to an increase in smart mobile devices. Mobile banking is a financial
transaction and service offered through mobile devices. Almost all financial
institutions now provide mobile banking services to their customers. However,
the security of mobile banking applications is of huge concern because of the
amount of personal data and information they collect. If an attacker gets hold
of personal information, they can access bank payment or card accounts. This
research aims to analyze the vulnerability of the UK digital banks'
applications to identify vulnerabilities in the apps and proffer
countermeasures that can help improve the security of the bank applications.
Androbugs, a vulnerability scanner, was used to analyze the vulnerability of
six digital banks' android applications. Starling, Monese, Atom bank,
Transferwise, Monzo, and Revolut were scanned. All the scanned digital banks'
applications have vulnerabilities; however, some have more vulnerabilities than
others. For example, Revolut's mobile application has the highest number of
identified vulnerabilities. Therefore, there is need for more security in the
digital banks' applications as well as other mobile banking applications.Comment: 12 page
Design and Analysis of Smartphone Application Development Methodology
Abstractâ The use of modern Smartphone encourages by recent powerful devices such as Appleâs iPhone, Samsungâs Note, Googleâs Android devices etc. In general Smartphone application usage is rapidly growing & expanding throughout the globe. There are need set of emerging guidelines for how to build the new best possible Smartphone applications. Intelligence of mobile has created a wide range of opportunities for researchers, academicians, scientists, engineers, and developers to create the new applications for end users and businesses. Information technology industry enormously concentrates on how to best build smart phone based applications widely. There are various issues in Cutting-edge research and applications development on computational intelligence in mobile environment The mobile-based application development industry is increasingly growing up due to the huge and intensive use of applications in mobile devices; most of them are running on Android based Operating System. As such to develop, analysis and design research model for remotely accessing and control smart phone devices, object oriented strategy is one of the powerful among various traditional software development models. The Various object oriented intelligent development approaches contributes in addressing these issues, as well as discover other potential elements in the mobile paradigm. There are several issues & emerging guidelines that developers follows when building new business or social Smartphone based model.. The combination of mobile computing and computational intelligence focuses on learning model and knowledge generated by mobile users and mobile technology. Mobile technology covers various applications of computational intelligence to mobile paradigm, including intelligence, mobile data, security, mobile agent, location-based mobile information services, intelligent networks, mobile multimedia data access and control
Behaviour Profiling for Mobile Devices
With more than 5 billion users globally, mobile devices have become ubiquitous in our daily life.
The modern mobile handheld device is capable of providing many multimedia services through a
wide range of applications over multiple networks as well as on the handheld device itself. These
services are predominantly driven by data, which is increasingly associated with sensitive
information. Such a trend raises the security requirement for reliable and robust verification
techniques of users.This thesis explores the end-user verification requirements of mobile devices and proposes a novel
Behaviour Profiling security framework for mobile devices. The research starts with a critical
review of existing mobile technologies, security threats and mechanisms, and highlights a broad
range of weaknesses. Therefore, attention is given to biometric verification techniques which have
the ability to offer better security. Despite a large number of biometric works carried out in the
area of transparent authentication systems (TAS) and Intrusion Detection Systems (IDS), each have
a set of weaknesses that fail to provide a comprehensive solution. They are either reliant upon a
specific behaviour to enable the system to function or only capable of providing security for
network based services. To this end, the behaviour profiling technique is identified as a potential
candidate to provide high level security from both authentication and IDS aspects, operating in a
continuous and transparent manner within the mobile host environment.This research examines the feasibility of a behaviour profiling technique through mobile users
general applications usage, telephone, text message and multi-instance application usage with the
best experimental results Equal Error Rates (EER) of 13.5%, 5.4%, 2.2% and 10% respectively.
Based upon this information, a novel architecture of Behaviour Profiling on mobile devices is
proposed. The framework is able to provide a robust, continuous and non-intrusive verification
mechanism in standalone, TAS or IDS modes, regardless of device hardware configuration. The
framework is able to utilise user behaviour to continuously evaluate the system security status of
the device. With a high system security level, users are granted with instant access to sensitive
services and data, while with lower system security levels, users are required to reassure their
identity before accessing sensitive services.The core functions of the novel framework are validated through the implementation of a
simulation system. A series of security scenarios are designed to demonstrate the effectiveness of
the novel framework to verify legitimate and imposter activities. By employing the smoothing
function of three applications, verification time of 3 minutes and a time period of 60 minutes of
the degradation function, the Behaviour Profiling framework achieved the best performance with
False Rejection Rate (FRR) rates of 7.57%, 77% and 11.24% for the normal, protected and overall
applications respectively and with False Acceptance Rate (FAR) rates of 3.42%, 15.29% and 4.09%
for their counterparts
- âŚ