A Review on Android Security
|
|
- Deborah Daniel
- 8 years ago
- Views:
Transcription
1 A Review on Android Security Dr. Vikash Kumar Singh 1, Devendra Singh Kushwaha 2, Raju Sujane 3, Roshni Tiwari 4 Head (I/C), Dept. of computer Science IGNTU Amarkantak (M.P.) 1 Assistant Professor, Faculty of Vocational Educational IGNTU Amarkantak (M.P.) 2 Dept. of computer Science IGNTU Amarkantak (M.P.) 3, 4 drvksingh76@gmail.com 1, devendra2904@gmail.com 2, Raju.sujane@gmail.com 3, Roshnitiwari.27@gmail.com 4 Abstract: Android has the biggest market share among all Smartphone operating system. Security is one of the main concerns for Smartphone users today. As the power and features of Smartphone s increase, so has their vulnerability for attacks by viruses etc. Perhaps android is more secured operating system than any other Smartphone operating system today. Android has very few restrictions for developer, increases the security risk for end users. In this paper we have reviewed android security model, application level security and security issues in the Android based Smartphone. 1. INTRODUCTION Android is a modern mobile platform that was designed to be truly open source. Android applications use advanced level hardware and software, as well as local and server data, exposed through the platform to bring innovation and value to consumers. To secure that data, the platform must offer an application environment that ensures the security of users, information, applications and the network [6]. Securing an open platform needs strong security architecture and rigorous security architecture. Android was designed with multi-layered security that provides the flexibleness needed for an open platform, whereas providing protection for all users of the platform. Designed to a software stack, android includes an operating system, middleware and core application as a complete [2]. Android powers hundreds of millions of mobile devices in more than 190 countries around the world. Android was designed with developers in mind. Security controls were designed to minimize the burden on developers. Security-savvy developers can simply work on versatile security controls. Developers are not very familiar with security will be protected by safe defaults. Android was also designed with device focused on user s perspective. Users can view how applications work, and manage those applications Android Platform Security Architecture Android seeks to be the foremost secure and usable OS for mobile platforms by re-purposing classical operating system security controls to: Protect user data Protect system resources (including the network) Provide application isolation To achieve security features Robust security at the Operating System level through the Linux kernel, Compulsory application sandbox for all applications Figure 1: Android Architecture Secure interposes communication, Application signing, Application defined permission and user have to grant permissions. Paper ID: 2015/IJTRM/8/2015/5612 1
2 Figure 1 summarizes the security components and considerations of the various levels of the Android. Every component assumes that the components below are properly secured. With the exception of some Android OS code running as root, all process run above the Linux Kernel is restricted by the Application Sandbox Security in Android Android is open source platform, developers will work along to enhance it [6]. Android platform is multitasking software; therefore no application will gain critical access to the components of OS [8]. Android platform is UNIX based operating system that is the most secure operating system [6]. The developers need a unique signature to publish their application on market [7]. Users will report a possible security flaw through their Google account. All applications on android need permission from the user at the time of installation Security Issues faced by Android Android is not secure as it appear, even when such robust security measures. There are several security problems faced by the android, some of them are mentioned below. Android has no security scan over the apps being uploaded on its market. There are some apps which can exploit the services of another app without permission request. Android s permission security model provides power to user to make a decision whether an app should be trusted or not. This human power introduces a lot of risk in Android system. The Open Source is available to legitimate developers as well as hackers too. Thus the Android framework cannot be trusted when it comes to develop critical systems. The Android operating system developers clearly state that they are not responsible for the security of external storage. Any app on the android platform will access device data just like the GSM and SIM marketer Ids while not the permission of the user. Android platform provides all security features, but there will always be a risk if the user will install suspicious apps or allow permission to an app without paying attention. 2. LITERATURE SURVEY W. Enck, D. Octeau, P. McDaniel and S. Chaudhuri present a study of Android application security [4]. They introduce the ded decompiler, which generate android application source code directly from its installation image. They design and execute a horizontal study of smartphone applications based on static analysis of 21 million lines of recovered code. Their analysis uncovered pervasive use / misuse of personal / phone identifiers, and deep penetration of advertizing and analytics networks. However, they did not find evidence of malware or exploitable vulnerabilities in the studied applications. They conclude by considering the implications of these preliminary findings and offer directions for future analysis. S. Powar, Dr. B. B. Meshram, surveyed on Android security framework [1], in this paper, Smartphone with open source operating systems are getting popular now days. Increased exposure of open source Smartphone is increasing the security risk also. Android is one of the most popular open source operating system for mobile platforms. Android provide a basic set of permissions to secure phone. The technique to make Android security mechanism more versatile, the current security mechanism is too rigid. User has only two options, a) Permit all permissions to install app, b) Deny all permissions will fail installation. S. Kaur and M. Kaur presented review paper on implementing security on Android application [2]. In this paper, they described how security can be improved of android operating system so that users can safely use the android smart phones. S. Smalley and R. Craig presented Security Enhanced (SE) Android: Bringing Flexible MAC to Android [3]. The android software stack for mobile devices defines and enforces its own security model for apps through its application-layer permissions model. However, at its foundation, android depends upon the UNIX operating system kernel to shield the system from malicious or imperfect apps and to isolate apps from each other. At present, android leverages UNIX operating system discretionary access control (DAC) to enforce these guarantees, despite the notable shortcomings of DAC. In this paper, they motivate and describe their work to bring flexible mandatory access control (MAC) to Android by enabling the effective use of Security Enhanced Linux (SELinux) for kernel-level MAC and by developing a set of middleware MAC extensions to the Android permissions model. P. Gilbert, W. Enck, L. P. Cox, B. G. Chun, J. Jung, A. N. Sheth and P. McDaniel, Taint Droid: An Information-Flow Tracking System for Real-time Privacy Monitoring on smartphones [5]. Now days smartphone operating systems often fail to provide users with adequate control over and Paper ID: 2015/IJTRM/8/2015/5612 2
3 visibility into how third-party applications use their private data. They address these shortcomings with TaintDroid, system-wide dynamic taint tracking and analysis system capable of at the same time tracking multiple sources of private data. Taint Droid display real-time analysis by leveraging Android s virtualized execution environment and Monitoring private data to inform use of third-party applications for phone users and valuable input for Smartphone security service firms seeking to identify misbehaving applications. B. J. Berger, M. Bunke, and K. Sohr presented an android security case study with Bauhaus. In this paper, they discovered that firms and corporation now uses security softwares for code analysis to discover security problems in application. However, given the fact that we must deal with legacy code we plead to employ the techniques long been developed in the research area of program comprehension for software security. In cooperation with a security expert, they carried out a case study with the android platform based mobile, and employed the reverse engineering toolsuite Bauhaus for this security assessment. During the investigation they found some inconsistencies in the implementation of the Android security concepts. Based on the case study, they propose several research topics in the area of reverse engineering that would support a security analyst during security assessments [12]. M. Ongtang, S. McLaughlin, W. Enck and P. McDaniel study on Semantically Rich Application-Centric Security in Android. In this paper, they consider the security requirements of smartphone applications and augment the existing Android operating system with a framework to meet them. They proposed Secure Application INTeraction (Saint), an improved infrastructure that governs install-time permission assignment and their run-time use as dictated by application provider policy. The architecture and technical details of Saint is presented, and areas for extension, optimization, and improvement explored. Saint provides necessary utility for applications to assert and control the security decisions on the android platform [14]. A.D. Schmidt, H. G. Schmidt, J. Clausen, A. Camtepe, S. Albayrak, K. Ali Yüksel and O. Kiraz study on enhancing security of Linux-based android devices. In this paper they present analysis of security mechanism in Android smartphones with a focus on its Linux. Their results are applicable to android as well as Linux-based smartphones such as OpenMoko Neo FreeRunner. They conclude threefold. First, they analyse android framework and the Linuxkernel to check security functionalities. They survey wellaccepted security mechanisms and tools which can increase device security. They provide descriptions on how to adopt these security tools on Android platform, and provide overhead analysis of techniques in terms of resource usage [16]. As open smart phones are released and will increase their market share just like Symbian, they also attract attention of malware writers. Therefore, their second contribution focuses on malware detection techniques at the kernel level. They test applicability of existing signature and intrusion detection methods in android platform. They focused in observation on the kernel, that is, identifying critical kernel event, log file, file system and network activity events, and making efficient mechanisms to monitor them in a resource restricted setting [16]. Their third contribution involves initial results of their malware detection mechanism basing on static function call analysis. They identified approximately 105 Executable and Linking Format (ELF) executables installed to the Linux side of Android. They perform a statistical analysis on the function calls used by these applications. The results can be compared to newly installed applications for detecting significant variations. Additionally, certain function calls indicate malicious activity. Therefore, they present a simple decision tree for deciding the suspiciousness of the corresponding application. Their results present a first step towards detecting malicious applications on Android-based devices [16]. C. Marforio, A. Francillon, S. Capkun study on application collusion attack on the permission-based security model and its implications for modern smartphone systems. In this paper they show technique in which permission based mechanisms are used on mobile platforms allows attacks by colluding applications that communicate over explicit and covert communication channels. These security bugs allow applications to indirectly execute operations that those applications, based on their declared permissions, should not be able to execute. Example operations include disclosure of user s private data (e.g., phone book and calendar entries) to remote parties by applications that do not have direct access to such data or cannot directly establish remote connections. They further show that on mobile platforms users are not made aware of possible implications of application collusion quite the contrary users are implicitly lead to believe that by approving the installation of each application independently, based on its declared permissions, will limit the damage that an application can cause [17]. In this title, they show that this is not correct and that application permissions should be displayed to the users differently (e.g., in their aggregated form), reflecting their actual implications. They study free applications from the Android market and show that the potential for application collusion is significant. A. Lackorzynski, M. Lange, A. Warg, S. Liebergeld, M. Peter presented L4Android: a generic operating system framework for secure smartphones. In this title they present a generic operating system framework that does away with the need for such hardware extensions. They encapsulate the original smartphone operating system in a virtual machine. Their framework allows for highly secure Paper ID: 2015/IJTRM/8/2015/5612 3
4 applications to run side-by-side with the virtual machine. It is based on a state-of-the-art micro-kernel that ensures isolation between the virtual machine and secure applications [18]. T. Luo, H. Hao, W. Du, Y. Wang, and H. Yin work on attacks on Web View in the android system. Web-View is an important element in android platforms, enabling smartphones and tablet apps to embed a simple but powerful browser within them. To achieve a much better interaction between apps and their embedded browsers, Web View provides variety of APIs, permitting code in apps to invoke the JavaScript code within pages, intercept their events, and modifies those events, using these features; apps will become customized browsers for their required web applications. Currently, within the android market, 86 % of the top twenty most downloaded apps in ten various classes use WebView [19]. The design of WebView changes the landscape of the web, particularly from the security perspective. Two essential component of the Web's security infrastructure are weakened if Web-View and its APIs are used: the Trusted Computing Base (TCB) at the client aspect, and therefore the sandbox protection enforced by browsers. As results, several attacks may be launched either against apps or by them [19]. D. Barrera, H. Güne S. Kayacık, P.C. van Oorschot, A. Somayaji study on a methodology for empirical analysis of permission-based security models and its application to android. In the paper, they present a technique for the empirical analysis of permission-based security models. Their methodology is of independent interest for visualization of permission based systems beyond current Android-specific empirical analysis. They provide some discussion identifying potential points of improvement for the android permission model, trying to increase quality where required without increasing number variety of permissions or overall complexity [21]. C. Gibler, J. Crussell, J. Erickson and H. chen case study on AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale. Under this paper, they have presented a static analysis framework for automatically searching potential leaks of sensitive data in android applications on a large scale. AndroidLeaks drastically reduces the number of applications and the number of traces that a security auditor must verify manually [22]. Burguera, U. Zurutuza, S. Nadjm study on Crowdroid: behaviour-based malware detection system for Android. In this title they take advantage of earlier approaches for dynamic analysis of application behaviour as a way for detecting malware in the android platform. The detector is embedded in an overall framework for assortment of traces from a limitless number of real users supported crowd sourcing. Their framework has been demonstrated by analysing information collected within the central server using two sorts of data sets: those from artificial malware created for test functions, and people from real malware found in the world. The technique is shown to be an effective means of analytic the malware and alerting the users of a downloaded malware. This method is avoiding the spreading of a detected malware to a larger community [23]. M.L. Polla, F. Martinelli, and D. Sgandurra presented a survey on security for mobile devices. This title surveys the vulnerabilities and security solutions over year , by targeting on high-level attacks, such those to user applications. They cluster existing approaches aimed at securing mobile devices against these kinds of attacks into many categories, on the basis of the detection principles, architectures, collected information and operating systems, particularly focusing on IDS-based models and tools. With this categorization they aim to provide a simple and concise view of the underlying model adopted by each approach [24]. W. B. Tesfay, T. Booth, and K. Andersson presented reputation based security model for android applications. They have proposed a cloud based reputation security model as a solution which greatly mitigates the malicious attacks targeting the Android market [25]. Their security solution takes advantage of the fact that each application in the android platform is assigned a unique user id (UID). Our solution stores the reputation of Android applications in an anti-malware providers cloud (AM Cloud). The experimental results witness that the proposed model could well identify the reputation index of a given application its potential of being risky or not [26]. T. Blasing, L. Batyuk, A. D. Schmidt, S. A. Camtepe, and S. Albayrak studied an android application sandbox system for suspicious software detection. They have projected an A A Sandbox (Android Application Sandbox) that performs static and dynamic analysis on android apps to notice suspicious apps. Static analysis scans the software package for malicious patterns without installing it and the dynamic analysis executes the application in a isolated environment, i.e. sandbox, that intervenes and logs low-level interactions with the system. Both the sandbox and the detection algorithms can be deployed in the cloud, providing a quick and distributed detection of suspicious app in an app store similar to Google s android Market. AASandbox might be used to improve the anti-virus apps available for the android devices [27]. T. Vidas, D. Votipka, N. Christin study on all your droid are belong to us: a survey of current android attacks. The Android security model also creates several new security sensitive concepts such as Android s application permission system and the immoderate Android market. In this title they look to Android as a specific instance of mobile computing. They first discuss the Android security model and some potential weaknesses of the model. They then Paper ID: 2015/IJTRM/8/2015/5612 4
5 provide taxonomy of attacks to the platform demonstrated by real attacks that in the end guarantee privileged access to the device [28]. S. Holla, M. M Katti work on Android based mobile application development and its securit. In this title, they discuss a layered approach for android application development where they can develop application which downloads data from the server. Also an Android Application Sandbox (AASandbox) which is able to perform both static and dynamic analysis on Android programs to automatically detect suspicious applications is also discussed [29]. 3. RESEARCH FINDING Android Components: An Android application consists of four components, having, according to its task, they are as follows. 1. Activities are the presentation layer of an application 2. Services represent background processes without a user interface. 3. Content providers are data stores that allow developers to share databases across application boundaries. 4. Finally, broadcast receivers are components that receive and react to broadcast messages, for example, the Android OS itself sends such a broadcast message if the battery is low. Each component of an application runs as a separate task, making an Android device to a large distributed system, even if all processes are running on the same device. Inter-Process Communication: The Android platform supports inter-process communication (IPC) for communication between components. One foundation for this IPC is the Binder, an Android-based kernel device that allows efficient but safe communication. A way to communicate with components not known at the development time, are messages, which may include arbitrary data, called intents. Intent is an abstract description of an operation to be performed on the platform [11]. For example, intent can start a new activity or service, or communicate with background services. An advantage of this technique is that a client application is no longer linked to a specific program, but can access any possible service for the specified need. Android Security Mechanisms: Android has two basic methods of security enforcement. Firstly, applications run as Linux processes with their own user IDs and thus are separated from each other. This way, vulnerability in one application does not affect other applications. Since Android provides IPC mechanisms, which need to be secured, a second enforcement mechanism comes into play. Android implements a reference monitor to mediate access to application components based on permission. If an application tries to access another component, the end user must grant the appropriate permissions at installation time. Furthermore, the security model has several refinements that increase the model s complexity [10]. Android Security: They conducted a case study focusing on permission checking in the Android framework and showed that the Bauhaus tool-suite can support a security expert during a security assessment [12]. Further research must be carried out to apply the techniques of program comprehension to the field of software security. Their impression is that neither the security-research community discusses this topic adequately nor is industry making use of such techniques to better understand the security status of their software. Using state-of-the-art tools for finding security bugs cannot reveal logical security problems such as undesirable interactions between components. With the increasing complexity of software, software companies need to understand the security risks of their code, and tools employing program comprehension functionality will support them with this challenging task. They truly believe that software-security comprehension will be a fruitful research topic for the future with also a broad practical impact [12]. A study of android application security in this paper finding of exposure of phone identifiers and location are consistent with previous studies; analysis framework allows observing not only the existence of dangerous functionality, however conjointly how it occurs inside the context of the application. However, the integration of those technologies into an application certification process needs overcoming logistical and technical challenges [4]. Enhancing security of Linux-based android devices, Open source APIs of android may result in benign and malicious research activities hopefully resulting in an excellent safer smartphone platform [16]. L4Android: a generic operating system framework for secure smartphones: In this title they presented a generic OS framework that facilitates the creation of secure smartphone systems. The framework consists of three core components. A microkernel acts as the secure foundation and is accompanied by a user mode runtime environment. The third component is VMs to securely encapsulate existing smartphone OSes. They implemented the core components of their framework on a mobile x86 and ARM platform. They evaluated our framework by showing how it can be applied to available as the open source L4 solve four challenges in smartphone security such as secure software smartcards, and a unified corporate and private mobile phone. Their framework does not rely on special hardware features and is thus readily applicable to a wide range of existing smartphones [18]. Attacks on Web View in the Android System: They have identified two fundamental causes of the attacks: weakening of the TCB and sandbox. Although they have not observed any real attack yet, through our case studies, they have shown that the condition for launching these attacks is already matured, and the potential victims are in the millions; it is just a matter of time before they see real Paper ID: 2015/IJTRM/8/2015/5612 5
6 and large-scale attacks. In their on-going work, they are developing solutions to secure Web View [19]. Android Leaks: automatically detecting potential privacy leaks in android applications on a large scale, Android users need a way to determine if applications are leaking their personal information. They created a mapping between API calls and the permissions they must have to execute. Android Leaks is capable of analyzing 24,350 in 30 hours. Android Leaks drastically reduces the number of applications and the number of traces that a security auditor has to verify manually [22]. Reputation based security model for android applications: Android smart phones are becoming very popular among the different smart phone platforms and this is expected to increase in popularity [12]. Despite its popularity momentum, its open source software and programmable framework behavior make it vulnerable to virus attacks [26]. In this title, they present a reputation based security mode for android applications. The title takes into consideration the fact that Smart phones are memory, battery and speed constrained and hence exploiting the cloud to do the reputation index computation of a given application. By referring to the calculated matrix of reputation built by a given application, the model will notify users on the risk of the application before installation. Applications can be classified as highly risky, medium risk, less risk and genuine all based on reputation they have built in the cloud. The experimental results show that some application need to be regarded as highly risky and therefore warn users not to install them until they improve their reputation by passing the threshold set by the reputation based security model proposed in this paper [25]. 4. CONCLUSION Now days more than 1 million Android device activated. Android has very few restrictions for developer, increases the security risk for end users. In this paper we have reviewed security issues in the Android based Smartphone. The integration of technologies into an application certification process requires overcoming logistical and technical challenges. Android provides more security than other mobile phone platforms. Kirin will help mold Android into the secure operating system needed for next-generation computing platforms. REFERENCES [1] S. Powar, Dr. B. B. Meshram, Survey on Android Security Framework, IJERA (International Journal of Engineering Research and Applications) ISSN: Volume 3, Issue 2, March -April 2013 [2] S. Kaur and M. Kaur, Review Paper on Implementing Security on Android Application, JECET, Volume 2, No. 3, June-August [3] S. Smalley and R. Craig, Security Enhanced (SE) Android: Bringing Flexible MAC to Android, Trusted Systems Research National Security Agency. [4] W. Enck, D. Octeau, P. McDaniel and S. Chaudhuri A Study of Android Application Security, The 20th USENIX conference on Security, p.21-21, August [5] W. Enck, P. Gilbert, B. G. Chun, L. P. Cox, J. Jung, P. McDaniel and A. N. Sheth, TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, 9th USENIX Symposium on Operating Systems Design and Implementation. [6] Android Open Source Project. Android Security Overview. ex.html. [7] Android Open Source Project. Publishing on GooglePlay. /publish/preparing.html. [8] Android Open Source Project. Security and permissions. permissions.html. [9] Android Open Source Project. What is Android? [10] W. Enck, M. Ongtang, and P. McDaniel, Understanding Android security, IEEE Security Privacy, vol. 7, [11] Intend, Android Developer Google, ntent/intent.html [12] B. J. Berger, M. Bunke, and K. Sohr, An Android Security Case Study with Bauhaus, Working Conference on Reverse Engineering (WCRE), Limerick, October [13] G. Dini, F. Martinelli, A. Saracino, and D. Sgandurra, MADAM: a multi-level anomaly detector for android malware, MMM-ACNS'12 Pages , [14] M. Ongtang, S. McLaughlin, W. Enck and P. McDaniel Semantically Rich Application-Centric Security in Android, Annual Computer Security Applications Conference, December 6 10, [15] A. Shabtai, Y. Fledel, U. Kanonov, Y. Elovici, S. Dolev, and C. Glezer, "Google android: A comprehensive security assessment", Security Privacy, IEEE, 8(2):35 44, march-april Paper ID: 2015/IJTRM/8/2015/5612 6
7 [16] A.D. Schmidt, H.G. Schmidt, J. Clausen, A. Camtepe, S. Albayrak, and K. Ali Yüksel and O. Kiraz, Enhancing Security of Linux-based Android Devices, Technische Universität Berlin And Sabanci University Istanbul. [17] C. Marforio, A. Francillon, S. Capkun, Application Collusion Attack on the Permission- Based Security Model and its Implications for Modern Smartphone Systems, Department of Computer Science, ETH Zurich, Switzerland [18] A. Lackorzynski, M. Lange, A. Warg, S. Liebergeld, M. Peter, L4Android: A Generic Operating System Framework for Secure Smartphones, SPSM [19] T. Luo, H. Hao, W. Du, Y. Wang, and H. Yin, Attacks on WebView in the Android System, ACSAC 2011 [20] A. Shabtai, U. Kanonov, Y. Elovici, C. Glezer, Y. Weiss, Andromaly: a behavioural malware detection framework for android devices", Journal of Intelligent Information Systems, Volume 38, Issue 1, pp , February 2012 [21] D. Barrera, H. Güne S. Kayacık, P.C. van Oorschot, A. Somayaji A Methodology for Empirical Analysis of Permission-Based Security Models and its Application to Android, Computer and communications security, CCS 10, pages [22] C. Gibler, J. Crussell, J. Erickson, and H. Chen, Android Leaks: Automatically Detecting Potential Privacy Leaks In Android Applications on a Large Scale, University of California, Davis and Sandia National Labs, Livermore, CA. [23] I. Burguera, U. Zurutuza, S.N. Tehrani, Crowdroid: behaviour-based malware detection system for Android", SPSM, Pages 15-26, 2011 [24] M.L. Polla, F. Martinelli, and D. Sgandurra, A Survey on Security for Mobile Devices, IEEE COMMUNICATIONS SURVEYS & TUTORIALS [25] W.B. Tesfay, T. Booth, and K. Andersson, Reputation Based Security Model for Android Applications, Trust, Security and Privacy in Computing and Communications, IEEE 2010 [26] H. Bing, "Analysis and Research of Systems Security Based on Android", Intelligent Computation Technology and Automation, Zhangjiajie, Hunan, January 12-14, [27] T. Bläsing, L. Batyuk, A.D. Schmidt, S.A. Camtepe, and S. Albayrak, "An Android Application Sandbox system for suspicious software detection", Malicious and Unwanted Software, Nancy, France, Oct , 2010 [28] T. Vidas, D. Votipka, and N. Christin, "All Your Droid Are Belong To Us: A Survey of Current Android Attacks", INI/CyLab, Carnegie Mellon University. [29] S. Holla, M.M. Katti, Android based mobile application development and its Security, International Journal of Computer Trends and Technology- volume3 Issue Paper ID: 2015/IJTRM/8/2015/5612 7
Review of Malware Defense in Mobile Network using Dynamic Analysis of Android Application
Review of Malware Defense in Mobile Network using Dynamic Analysis of Android Application Miss. Ashwini A. Dongre M. E. 3 rd sem, Dept. of Computer Science and engineering P. R. Patil College of engineering
More informationReview on Android and Smartphone Security
Review Paper Abstract Research Journal of Computer and Information Technology Sciences ISSN 2320 6527 Vol. 1(6), 12-19, November (2013) Review on Android and Smartphone Security Tiwari Mohini, Srivastava
More informationReputation Based Security Model for Android Applications
2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications Reputation Based Security Model for Android Applications Welderufael Berhane Tesfay, Todd Booth, and
More informationAnalysis of advanced issues in mobile security in android operating system
Available online atwww.scholarsresearchlibrary.com Archives of Applied Science Research, 2015, 7 (2):34-38 (http://scholarsresearchlibrary.com/archive.html) ISSN 0975-508X CODEN (USA) AASRC9 Analysis of
More informationPerformance Measuring in Smartphones Using MOSES Algorithm
Performance Measuring in Smartphones Using MOSES Algorithm Ms.MALARVIZHI.M, Mrs.RAJESWARI.P ME- Communication Systems, Dept of ECE, Dhanalakshmi Srinivasan Engineering college, Perambalur, Tamilnadu, India,
More informationAndroid Security - Common attack vectors
Institute of Computer Science 4 Communication and Distributed Systems Rheinische Friedrich-Wilhelms-Universität Bonn, Germany Lab Course: Selected Topics in Communication Management Android Security -
More informationPerformance Analysis Of Policy Based Mobile Virtualization in Smartphones Using MOSES Algorithm
Performance Analysis Of Policy Based Mobile Virtualization in Smartphones Using MOSES Algorithm Ms.MALARVIZHI.M, Mrs.RAJESWARI.P Abstract: Now a day s most of the people used in smart phones. Smartphone
More informationDETECTION OF CONTRAVENTION IN MOBILE CLOUD SERVICES
IJITE Vol. 4 No.1-2 January-December 2013, pp.13-17 International Sciences Press DETECTION OF CONTRAVENTION IN MOBILE CLOUD SERVICES D. Lakshmana Kumar 1 and G. Draksha 2 1 M.Tech. Student, Department
More informationThe Droid Knight: a silent guardian for the Android kernel, hunting for rogue smartphone malware applications
Virus Bulletin 2013 The Droid Knight: a silent guardian for the Android kernel, hunting for rogue smartphone malware applications Next Generation Intelligent Networks Research Center (nexgin RC) http://wwwnexginrcorg/
More informationANDROID BASED MOBILE APPLICATION DEVELOPMENT and its SECURITY
ANDROID BASED MOBILE APPLICATION DEVELOPMENT and its SECURITY Suhas Holla #1, Mahima M Katti #2 # Department of Information Science & Engg, R V College of Engineering Bangalore, India Abstract In the advancing
More informationFirewall-based Solution for Preventing Privilege Escalation Attacks in Android
International Journal of Computer Networks and Communications Security VOL. 2, NO. 9, SEPTEMBER 2014, 318 327 Available online at: www.ijcncs.org ISSN 2308-9830 C N C S Firewall-based Solution for Preventing
More informationImplementation and Direct Accessing of Android Authority Application in Smart Phones
Implementation and Direct Accessing of Android Authority Application in Smart Phones Amit H. Choksi 1, Jaimin J. Sarvan 2 and Ronak R. Vashi 3 1 ET Dept, BVM Engg. College, V.V.Nagar-388120, Gujarat, India
More informationResearch on Situation and Key Issues of Smart Mobile Terminal Security
Research on Situation and Key Issues of Smart Mobile Terminal Security Hao-hao Song, Jun-bing Zhang, Lei Lu and Jian Gu Abstract As information technology continues to develop, smart mobile terminal has
More informationInternational Journal of Advance Research in Computer Science and Management Studies
Volume 3, Issue 3, March 2015 ISSN: 2321 7782 (Online) International Journal of Advance Research in Computer Science and Management Studies Research Article / Survey Paper / Case Study Available online
More informationTutorial on Smartphone Security
Tutorial on Smartphone Security Wenliang (Kevin) Du Professor wedu@syr.edu Smartphone Usage Smartphone Applications Overview» Built-in Protections (ios and Android)» Jailbreaking and Rooting» Security
More informationA proposal to realize the provision of secure Android applications - ADMS: an application development and management system -
2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing A proposal to realize the provision of secure Android applications - ADMS: an application development
More informationBerlin Institute of Technology FG Security in Telecommunications
Berlin Institute of Technology FG Security in Telecommunications Weiss L4Android: A Generic Operating System Framework for Secure Smartphones Workshop on Security and Privacy in Smartphones and Mobile
More informationQRCloud: Android Vulnerability Query and Push Services Based on QR Code in Cloud Computing
Journal of Computational Information Systems 11: 11 (2015) 3875 3881 Available at http://www.jofcis.com QRCloud: Android Vulnerability Query and Push Services Based on QR Code in Cloud Computing Jingzheng
More informationAndroid Security Extensions
Android Security Extensions Android Security Model Main objective is simplicity Users should not be bothered Does the user care? Most do not care until its too late But We do It needs a more advanced security
More informationIJREAT International Journal of Research in Engineering & Advanced Technology, Volume 1, Issue 1, March, 2013 ISSN: 2320-8791 www.ijreat.
Intrusion Detection in Cloud for Smart Phones Namitha Jacob Department of Information Technology, SRM University, Chennai, India Abstract The popularity of smart phone is increasing day to day and the
More informationAndroid Security Extensions 2. Giovanni Russello g.russello@auckland.ac.nz
Android Security Extensions 2 Giovanni Russello g.russello@auckland.ac.nz Preparing the Report A report must be provided before your presentation The report should be 4 pages long The content of the report
More informationA Practical Analysis of Smartphone Security*
A Practical Analysis of Smartphone Security* Woongryul Jeon 1, Jeeyeon Kim 1, Youngsook Lee 2, and Dongho Won 1,** 1 School of Information and Communication Engineering, Sungkyunkwan University, Korea
More informationDetection and Identification of Android Malware Based on Information Flow Monitoring
Detection and Identification of Android Malware Based on Information Flow Monitoring Radoniaina Andriatsimandefitra, Valérie Viet Triem Tong To cite this version: Radoniaina Andriatsimandefitra, Valérie
More informationA Comprehensive Analysis of Android Security and Proposed Solutions
I.J. Computer Network and Information Security, 2014, 12, 9-20 Published Online November 2014 in MECS (http://www.mecs-press.org/) DOI: 10.5815/ijcnis.2014.12.02 A Comprehensive Analysis of Android Security
More informationUNCLASSIFIED Version 1.0 May 2012
Secure By Default: Platforms Computing platforms contain vulnerabilities that can be exploited for malicious purposes. Often exploitation does not require a high degree of expertise, as tools and advice
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationThe Behavioral Analysis of Android Malware
, pp.41-47 http://dx.doi.org/10.14257/astl.2014.63.09 The Behavioral Analysis of Android Malware Fan Yuhui, Xu Ning Department of Computer and Information Engineering, Huainan Normal University, Huainan,
More informationLynn Margaret Batten. IT Security Research Services & Deakin University, Melbourne, Australia. June 2015
Lynn Margaret Batten IT Security Research Services & Deakin University, Melbourne, Australia June 2015 Smart devices versus PCs WebView versus Web 2.0 Tracking Certificates Mallory Countermeasures. On
More informationLecture 17: Mobile Computing Platforms: Android. Mythili Vutukuru CS 653 Spring 2014 March 24, Monday
Lecture 17: Mobile Computing Platforms: Android Mythili Vutukuru CS 653 Spring 2014 March 24, Monday Mobile applications vs. traditional applications Traditional model of computing: an OS (Linux / Windows),
More informationAppRAy: UseRdRiven And fully AUtomAted AndRoid App security Assessment. dennis titze, philipp stephanow, dr. JUliAn schütte
FraunhoFer InstItute For applied and Integrated security AppRAy: UseRdRiven And fully AUtomAted AndRoid App security dennis titze, philipp stephanow, dr. JUliAn schütte App-Ray: User-driven and Fully Automated
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationCisco AppHQ Enterprise Application Center: Deploy Mobile Business Apps with Confidence
White Paper Cisco AppHQ Enterprise Application Center: Deploy Mobile Business Apps with Confidence The Enterprise Exposed The post-pc era is here, thanks to next-generation mobile devices and applications.
More informationA Perspective on the Evolution of Mobile Platform Security Architectures
A Perspective on the Evolution of Mobile Platform Security Architectures N. Asokan Nokia Research Center Joint work with Kari Kostiainen, Jan-Erik Ekberg, Elena Reshetova (Intel) Padova, July 2012 1 Introduction
More informationEnsuring Security in Cloud with Multi-Level IDS and Log Management System
Ensuring Security in Cloud with Multi-Level IDS and Log Management System 1 Prema Jain, 2 Ashwin Kumar PG Scholar, Mangalore Institute of Technology & Engineering, Moodbidri, Karnataka1, Assistant Professor,
More informationThe Cloud, Virtualization, and Security
A Cloud: Large groups of remote servers that are networked to allow centralized, shared data storage and online access to computer services or resources A Cloud: Large groups of remote servers that are
More informationProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities Protecting a business s IT infrastructure is complex. Take, for example, a retailer operating a standard multi-tier infrastructure
More informationDOBUS And SBL Cloud Services Brochure
01347 812100 www.softbox.co.uk DOBUS And SBL Cloud Services Brochure enquiries@softbox.co.uk DOBUS Overview The traditional DOBUS service is a non-internet reliant, resilient, high availability trusted
More informationUnderstanding Android s Security Framework
Understanding Android s Security Framework William Enck and Patrick McDaniel Tutorial October 2008 Systems and Internet Infrastructure Security Laboratory (SIIS) 1 2 Telecommunications Nets. The telecommunications
More informationAPI Tracing Tool for Android-Based Mobile Devices
API Tracing Tool for Android-Based Mobile Devices Seonho Choi, Michael Bijou, Kun Sun, and Edward Jung Abstract We developed an Application Programming Interface (API) tracing tool for Android-based mobile
More informationAvailable online at www.sciencedirect.com. ScienceDirect. The 4th International Conference on Electrical Engineering and Informatics (ICEEI 2013)
Available online at www.sciencedirect.com ScienceDirect Procedia Technology 11 ( 2013 ) 650 657 The 4th International Conference on Electrical Engineering and Informatics (ICEEI 2013) Reviews on Cybercrime
More informationA Review of Different Comparative Studies on Mobile Operating System
Research Journal of Applied Sciences, Engineering and Technology 7(12): 2578-2582, 2014 ISSN: 2040-7459; e-issn: 2040-7467 Maxwell Scientific Organization, 2014 Submitted: August 30, 2013 Accepted: September
More informationAndroid s External Device Attack: Demonstration and Security Suggestions
, pp. 317-326 http://dx.doi.org/10.14257/ijsia.2015.9.4.29 Android s External Device Attack: Demonstration and Security Suggestions Zhang Wei, Yang Chao and Chen Yunfang * Nanjing University of Posts and
More information... Mobile App Reputation Services THE RADICATI GROUP, INC.
. The Radicati Group, Inc. 1900 Embarcadero Road, Suite 206 Palo Alto, CA 94303 Phone 650-322-8059 Fax 650-322-8061 http://www.radicati.com THE RADICATI GROUP, INC. Mobile App Reputation Services Understanding
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationAndroid Security. Giovanni Russello g.russello@auckland.ac.nz
Android Security Giovanni Russello g.russello@auckland.ac.nz N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional
More informationRecDroid: A Resource Access Permission Control Portal and Recommendation Service for Smartphone Users
RecDroid: A Resource Access Permission Control Portal and Recommendation Service for Smartphone Users Bahman Rashidi Virginia Commonwealth University rashidib@vcu.edu Carol Fung Virginia Commonwealth University
More informationHost Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1
Host Hardening Presented by Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Background National Institute of Standards and Technology Draft Guide to General Server Security SP800-123 Server A
More informationWallDroid: Cloud Assisted Virtualized Application Specific Firewalls for the Android OS
2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications WallDroid: Cloud Assisted Virtualized Application Specific Firewalls for the Android OS Caner Kilinc,
More informationHost-based Intrusion Prevention System (HIPS)
Host-based Intrusion Prevention System (HIPS) White Paper Document Version ( esnhips 14.0.0.1) Creation Date: 6 th Feb, 2013 Host-based Intrusion Prevention System (HIPS) Few years back, it was relatively
More informationAn Integrated CyberSecurity Approach for HEP Grids. Workshop Report. http://hpcrd.lbl.gov/hepcybersecurity/
An Integrated CyberSecurity Approach for HEP Grids Workshop Report http://hpcrd.lbl.gov/hepcybersecurity/ 1. Introduction The CMS and ATLAS experiments at the Large Hadron Collider (LHC) being built at
More informationA Perspective on the Evolution of Mobile Platform Security Architectures
A Perspective on the Evolution of Mobile Platform Security Architectures Kari Kostiainen Nokia Research Center, Helsinki TIW, June 2011 Joint work with N. Asokan, Jan-Erik Ekberg and Elena Reshetova 1
More information(U)SimMonitor: A New Malware that Compromises the Security of Cellular Technology and Allows Security Evaluation
(U)SimMonitor: A New Malware that Compromises the Security of Cellular Technology and Allows Security Evaluation DR. C. NTANTOGIAN 1, DR. C. XENAKIS 1, DR. G. KAROPOULOS 2 1 DEPT. O F DIGITAL SYST EMS,
More informationEnterprise-Grade Security from the Cloud
Datasheet Website Security Enterprise-Grade Security from the Cloud Unmatched web application security experience, enhanced by real-time big data analytics, enables Incapsula to provide best-of-breed security
More informationBYOD: End-to-End Security
BYOD: End-to-End Security Alen Lo MBA(CUHK), BSc(HKU), CISA, CCP, CISSP, CISM, CEH IRCA Certified ISMS Lead Auditor, itsmf ISO 20000 Auditor Principal Consultant i-totalsecurity Consulting Limited alenlo@n2nsecurity.com
More informationA Database Security Management White Paper: Securing the Information Business Relies On. November 2004
A Database Security Management White Paper: Securing the Information Business Relies On November 2004 IPLocks, Inc. 441-A W. Trimble Road, San Jose, CA 95131 USA A Database Security Management White Paper:
More informationSecurity challenges for internet technologies on mobile devices
Security challenges for internet technologies on mobile devices - Geir Olsen [geiro@microsoft.com], Senior Program Manager for Security Windows Mobile, Microsoft Corp. - Anil Dhawan [anild@microsoft.com],
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationTrustDefender Mobile Technical Brief
TrustDefender Mobile Technical Brief Fraud Protection for Native Mobile Applications TrustDefender Mobile from ThreatMetrix is a lightweight SDK library for Google Android and Apple ios mobile devices.
More informationMedicaid MITA: Innovative COTS solutions for IT Risk Management
Medicaid MITA: Innovative COTS solutions for IT Risk Management White Paper: COTS Solutions for MITA 2.0 Medicaid MITA: Innovative COTS solutions for IT Risk Management Contents Introduction to MITA &
More informationMobility, Security Concerns, and Avoidance
By Jorge García, Technology Evaluation Centers Technology Evaluation Centers Mobile Challenges: An Overview Data drives business today, as IT managers and security executives face enormous pressure to
More informationNorton Mobile Privacy Notice
Effective: April 12, 2016 Symantec and the Norton brand have been entrusted by consumers around the world to protect their computing devices and most important digital assets. This Norton Mobile Privacy
More informationAndroid Application Analyzer
International Journal of Research Studies in Computer Science and Engineering (IJRSCSE) Volume. 1, Issue 4, August 2014, PP 32-37 ISSN 2349-4840 (Print) & ISSN 2349-4859 (Online) www.arcjournals.org Android
More informationTypes of cyber-attacks. And how to prevent them
Types of cyber-attacks And how to prevent them Introduction Today s cybercriminals employ several complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual
More informationA Research on Camera Based Attack and Prevention Techniques on Android Mobile Phones
A Research on Camera Based Attack and Prevention Techniques on Android Mobile Phones Anushree Pore, Prof. Mahip Bartere PG Student, Dept. of CSE, G H Raisoni College of Engineering, Amravati, Maharashtra,
More informationWIND RIVER SECURE ANDROID CAPABILITY
WIND RIVER SECURE ANDROID CAPABILITY Cyber warfare has swiftly migrated from hacking into enterprise networks and the Internet to targeting, and being triggered from, mobile devices. With the recent explosion
More informationHow we keep harmful apps out of Google Play and keep your Android device safe
How we keep harmful apps out of Google Play and keep your Android device safe February 2016 Bad apps create bad experiences, so we work hard to keep them off your device and out of Google Play. In 2015,
More informationAll Your Droid Are Belong To Us: A Survey of Current Android Attacks
All Your Droid Are Belong To Us: A Survey of Current Android Attacks Timothy Vidas ECE/CyLab Carnegie Mellon University Daniel Votipka INI/CyLab Carnegie Mellon University Nicolas Christin INI/CyLab Carnegie
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationUtilizing Pervasive Application Monitoring and File Origin Tracking in IT Security
4 0 0 T o t t e n P o n d R o a d W a l t h a m, M A 0 2 4 5 1 7 8 1. 8 1 0. 4 3 2 0 w w w. v i e w f i n i t y. c o m Utilizing Pervasive Application Monitoring and File Origin Tracking in IT Security
More informationMobile App Reputation
Mobile App Reputation A Webroot Security Intelligence Service Timur Kovalev and Darren Niller April 2013 2012 Webroot Inc. All rights reserved. Contents Rise of the Malicious App Machine... 3 Webroot App
More informationVMWARE Introduction ESX Server Architecture and the design of Virtual Machines
Introduction........................................................................................ 2 ESX Server Architecture and the design of Virtual Machines........................................
More informationWindows Phone 8 Security Overview
Windows Phone 8 Security Overview This white paper is part of a series of technical papers designed to help IT professionals evaluate Windows Phone 8 and understand how it can play a role in their organizations.
More informationSECURITY IN ANDROID BASED SMARTPHONE
SECURITY IN ANDROID BASED SMARTPHONE Mr. Sumedh P. Ingale 1, Prof. Sunil R. Gupta 2 1 ME (CSE),First Year,Department of CSE,Prof. Ram Meghe Institute Of Technology and Research, Badnera,Amravati. Sant
More informationCyberArk Privileged Threat Analytics. Solution Brief
CyberArk Privileged Threat Analytics Solution Brief Table of Contents The New Security Battleground: Inside Your Network...3 Privileged Account Security...3 CyberArk Privileged Threat Analytics : Detect
More informationTHOUSANDS OF APPS CAN'T BE WRONG: MOBILE APPLICATION ANALYSIS AT SCALE
THOUSANDS OF APPS CAN'T BE WRONG: MOBILE APPLICATION ANALYSIS AT SCALE Chris Eng Vice President, Research Session ID: Session Classification: MBS-T08 Intermediate Agenda State of Mobility in the Enterprise
More informationBlackBerry 10.3 Work and Personal Corporate
GOV.UK Guidance BlackBerry 10.3 Work and Personal Corporate Published Contents 1. Usage scenario 2. Summary of platform security 3. How the platform can best satisfy the security recommendations 4. Network
More informationWebsite Security. End-to-End Application Security from the Cloud. Cloud-Based, Big Data Security Approach. Datasheet: What You Get. Why Incapsula?
Datasheet: Website Security End-to-End Application Security from the Cloud Unmatched web application security experience, enhanced by real-time big data analytics, enables Incapsula to provide best-ofbreed
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationLecture Embedded System Security A. R. Sadeghi, @TU Darmstadt, 2011 2012 Introduction Mobile Security
Smartphones and their applications have become an integral part of information society Security and privacy protection technology is an enabler for innovative business models Recent research on mobile
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationMobile Devices and Malicious Code Attack Prevention
Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com WHITE PAPER Malicious Code and Mobile Devices: Best Practices for Securing Mobile Environments Sponsored
More informationAdobe Flash Player and Adobe AIR security
Adobe Flash Player and Adobe AIR security Both Adobe Flash Platform runtimes Flash Player and AIR include built-in security and privacy features to provide strong protection for your data and privacy,
More information4 Steps to Effective Mobile Application Security
Mobile Application Security Whitepaper 4 Steps to Effective Mobile Application Security Table of Contents Executive Summary 3 Mobile Security Risks in Enterprise Environments 4 The Shortcomings of Traditional
More informationDetection of Malicious Android Mobile Applications Based on Aggregated System Call Events
Detection of Malicious Android Mobile Applications Based on Aggregated System Call Events You Joung Ham and Hyung-Woo Lee devices, and analyses the characteristics of malicious apps with activation pattern
More informationWebroot Security Intelligence for Mobile Suite. Cloud-based security solutions for mobile management providers
Webroot Security Intelligence for Mobile Suite Cloud-based security solutions for mobile management providers TABLE OF CONTENTS INTRODUCTION 3 WEBROOT INTELLIGENCE NETWORK 4 MOBILE SECURITY INTELLIGENCE
More informationSecuring the Database Stack
Technical Brief Securing the Database Stack How ScaleArc Benefits the Security Team Introduction Relational databases store some of the world s most valuable information, including financial transactions,
More informationLarry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control
More informationPRESENTING RISKS INTRODUCED BY ANDROID APPLICATION PERMISSIONS IN A USER-FRIENDLY WAY
Ø Ñ Å Ø Ñ Ø Ð ÈÙ Ð Ø ÓÒ DOI: 10.2478/tmmp-2014-0026 Tatra Mt. Math. Publ. 60 (2014), 85 100 PRESENTING RISKS INTRODUCED BY ANDROID APPLICATION PERMISSIONS IN A USER-FRIENDLY WAY Juraj Varga Peter Muska
More informationAnalysis of the Communication between Colluding Applications on Modern Smartphones
Analysis of the Communication between Colluding Applications on Modern Smartphones Claudio Marforio, Hubert Ritzdorf, Aurélien Francillon, Srdjan Capkun Institute of Information Security ETH Zurich, Switzerland
More informationSecure Your Mobile Workplace
Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in
More informationCloud Database Storage Model by Using Key-as-a-Service (KaaS)
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 4 Issue 7 July 2015, Page No. 13284-13288 Cloud Database Storage Model by Using Key-as-a-Service (KaaS) J.Sivaiah
More informationDefending Behind The Device Mobile Application Risks
Defending Behind The Device Mobile Application Risks Tyler Shields Product Manager and Strategist Veracode, Inc Session ID: MBS-301 Session Classification: Advanced Agenda The What The Problem Mobile Ecosystem
More informationStudying Security Weaknesses of Android System
, pp. 7-12 http://dx.doi.org/10.14257/ijsia.2015.9.3.02 Studying Security Weaknesses of Android System Jae-Kyung Park* and Sang-Yong Choi** *Chief researcher at Cyber Security Research Center, Korea Advanced
More informationBYPASSING THE ios GATEKEEPER
BYPASSING THE ios GATEKEEPER AVI BASHAN Technology Leader Check Point Software Technologies, Ltd. OHAD BOBROV Director, Mobile Threat Prevention Check Point Software Technologies, Ltd. EXECUTIVE SUMMARY
More informationDynamic Spyware Analysis
Dynamic Spyware Analysis M. Egele 1 & C. Kruegel 1 & E. Kirda 1 & H. Yin 2,3 & D. Song 2 1 Secure Systems Lab Vienna University of Technology 2 Carnegie Mellon University 3 College of William and Mary
More informationAddressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense
A Trend Micro Whitepaper I February 2016 Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense How Trend Micro Deep Security Can Help: A Mapping to the SANS Top 20 Critical
More informationMobile Platform Security Architectures A perspective on their evolution
Mobile Platform Security Architectures A perspective on their evolution N. Asokan Kari Kostiainen 1 NA, KKo, JEE, Nokia Resarch Center 2011-2012 Introduction Recent interest in smartphone security 2 NA,
More informationAndroid Security Data from the Frontlines
SESSION ID: MBS-T07R Android Security Data from the Frontlines security@android.com aludwig@google.com Goal of this talk Provide insight into overall Android security strategy. Discuss data that is being
More informationElevation of Mobile Security Risks in the Enterprise Threat Landscape
March 2014, HAPPIEST MINDS TECHNOLOGIES Elevation of Mobile Security Risks in the Enterprise Threat Landscape Author Khaleel Syed 1 Copyright Information This document is an exclusive property of Happiest
More information