13,337 research outputs found
AdSplit: Separating smartphone advertising from applications
A wide variety of smartphone applications today rely on third-party
advertising services, which provide libraries that are linked into the hosting
application. This situation is undesirable for both the application author and
the advertiser. Advertising libraries require additional permissions, resulting
in additional permission requests to users. Likewise, a malicious application
could simulate the behavior of the advertising library, forging the user's
interaction and effectively stealing money from the advertiser. This paper
describes AdSplit, where we extended Android to allow an application and its
advertising to run as separate processes, under separate user-ids, eliminating
the need for applications to request permissions on behalf of their advertising
libraries.
We also leverage mechanisms from Quire to allow the remote server to validate
the authenticity of client-side behavior. In this paper, we quantify the degree
of permission bloat caused by advertising, with a study of thousands of
downloaded apps. AdSplit automatically recompiles apps to extract their ad
services, and we measure minimal runtime overhead. We also observe that most ad
libraries just embed an HTML widget within and describe how AdSplit can be
designed with this in mind to avoid any need for ads to have native code
Malware detection techniques for mobile devices
Mobile devices have become very popular nowadays, due to its portability and
high performance, a mobile device became a must device for persons using
information and communication technologies. In addition to hardware rapid
evolution, mobile applications are also increasing in their complexity and
performance to cover most needs of their users. Both software and hardware
design focused on increasing performance and the working hours of a mobile
device. Different mobile operating systems are being used today with different
platforms and different market shares. Like all information systems, mobile
systems are prone to malware attacks. Due to the personality feature of mobile
devices, malware detection is very important and is a must tool in each device
to protect private data and mitigate attacks. In this paper, analysis of
different malware detection techniques used for mobile operating systems is
provides. The focus of the analysis will be on the to two competing mobile
operating systems - Android and iOS. Finally, an assessment of each technique
and a summary of its advantages and disadvantages is provided. The aim of the
work is to establish a basis for developing a mobile malware detection tool
based on user profiling.Comment: 11 pages, 6 figure
Enforcing Application Security on Android Mobile Devices
Security in new generation mobile devices is currently a problem of capital importance.
Smartphones and tablets have become extremely popular in the last years, especially in developed country where smartphones and tablets account for 95% of active mobile devices. Due to their popularity, these devices have fast drawn the attention of malicious developers. Attackers have started to implement and distribute applications able to harm user’s privacy, user’s money and even device and data integrity. Malicious developers have cleverly exploited the simplicity of app distribution, the sensitivity of information and operation accessible through mobile devices, together with the user limited attention to security issues. This
thesis presents the study, design and implementation of a multi-component security framework for the popular Android operative system. The aim of this thesis is to provide a lightweight and user friendly security tool, extensible and modular, able to tackle current and future security threats on Android devices. The framework exploits white list-based methodologies to detect at runtime malicious behaviors of application, without being prone to the problem of zero-day-attacks (i.e. new threats not yet discovered by the community). The white-list approach is combined with a black-list security enforcement, to reduce the likelihood of false alarms and to tackle known misbehaviors before they effectively take place. Moreover the framework also combines static and dynamic analysis. It exploits probabilistic contract theory and app metadata to detect dangerous applications before they are installed (static analysis). Furthermore, detects and stop malicious kernel level events and API calls issued by applications at runtime (dynamic analysis), to avoid harm to user and her device. The framework is configurable and can be both totally transparent to the user, or have a stronger interaction when the user
is more interested in a security awareness of her device. The presented security framework has been extensively tested against a testbed of more than 12000 applications including two large Android malware databases. Detection rate (95%) and false positive rate (1 per day) prove the effectiveness of the presented framework.
Furthermore, a study of usability which includes energy evaluation and more than 200 user feedback is presented. These results show both the limited overhead (4% battery, 1.4% performance) imposed by the framework and the good user acceptance
Ghera: A Repository of Android App Vulnerability Benchmarks
Security of mobile apps affects the security of their users. This has fueled
the development of techniques to automatically detect vulnerabilities in mobile
apps and help developers secure their apps; specifically, in the context of
Android platform due to openness and ubiquitousness of the platform. Despite a
slew of research efforts in this space, there is no comprehensive repository of
up-to-date and lean benchmarks that contain most of the known Android app
vulnerabilities and, consequently, can be used to rigorously evaluate both
existing and new vulnerability detection techniques and help developers learn
about Android app vulnerabilities. In this paper, we describe Ghera, an open
source repository of benchmarks that capture 25 known vulnerabilities in
Android apps (as pairs of exploited/benign and exploiting/malicious apps). We
also present desirable characteristics of vulnerability benchmarks and
repositories that we uncovered while creating Ghera.Comment: 10 pages. Accepted at PROMISE'1
- …