BIBLIOGRAFIA DEL TRABAJO DE GRADO

Size: px
Start display at page:

Download "BIBLIOGRAFIA DEL TRABAJO DE GRADO"

Transcription

1 Ingeniería de Sistemas CIS1310SD03 BIBLIOGRAFIA DEL TRABAJO DE GRADO El siguiente documento contiene toda la bibliografía usada para el desarrollo del Trabajo de Grado. RAUL CALERO ASENCIOS PONTIFICIA UNIVERSIDAD JAVERIANA FACULTAD DE INGENIERIA CARRERA DE INGENIERIA DE SISTEMAS BOGOTÁ, D.C. 2013

2 BIGLIOGRAFIA: 13.5 Heap Overflows :: Chapter 13. Application-Level Risks :: Network Security Assessment :: Networking :: etutorials.org. Accessed March 15, Level+Risks/13.5+Heap+Overflows/ Position Independent Executables. Accessed March 15, : Live Wallpaper - Savannah for Android (live.photo.savanna) Trojaned Distribution. Accessed April 28, Felt, Adrienne Porter, Mathew Finifter, Erika Chin, Steven Hanna, and David Wagner. A Survey of Mobile Malware in the Wild. University of California, Berkeley, Adobe - Instalación de Adobe Flash Player. Accessed April 6, Android - Radio Layer Interface. Accessed March 18, Android 4.1 APIs Android Developers. Accessed March 22, Android Assistant(18 Features) - Aplicaciones de Android En Google Play. Accessed April 8, https://play.google.com/store/apps/details?id=com.advancedprocessmanager&hl=es. Android Developers. Accessed April 28, Android Developers Blog. Accessed April 28, Android Device Policy Administration Tutorial - Marakana. Accessed April 3, Android Outscores ios in U.S. Smartphone Sales, Says Report Mobile - CNET News. Accessed April 26, Android Security Overview Android Open Source. Accessed February 18, Felt, Adrienne Porter, Erika Chin, Steve Hanna, Dawn Song, and David Wagner. Android Permissions Demystified. In Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 11. New York, NY, USA: ACM, doi: /

3 Hari, N., and B. Prasad. Android Architecture. Accessed May 13, Huang, Jim. Android IPC Mechanism. Accessed March 12, Marforio, Claudio, Hubert Ritzdorf, Aurelien Francillon, and Srdjan Capkun. Analysis of the Communication Between Colluding Applications on Modern Smartphones, Android Under Siege: Popularity Comes at a Price. TREND MICRO, security-roundup-android-under-siege-popularity-comes-at-a-price.pdf. Android Zygote Startup - elinux.org. Accessed April 3, Android.Adwlauncher Technical Details Symantec. Accessed November 18, Android.bluetooth Android Developers. Accessed March 6, Android.hardware.usb Android Developers. Accessed March 7, Android.media Android Developers. Accessed March 9, Android.net.wifi Android Developers. Accessed March 8, Android.Stels Symantec. Accessed April 6, Android.Walkinwat Symantec. Accessed November 15, Android/platform_external_opencore GitHub. Accessed March 2, https://github.com/android/platform_external_opencore. Angry Birds Space - Aplicaciones Android En Google Play. Accessed April 8, https://play.google.com/store/apps/details?id=com.rovio.angrybirdsspace.ads&feature=search_resul t#?t=w251bgwsmswxldesimnvbs5yb3zpby5hbmdyewjpcmrzc3bhy2uuywrzil0. Nauman, Mohammad, Sohail Khan, and Xinwen Zhang. Apex: Extending Android Permission Model and Enforcement with User-defined Runtime Constraints. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS 10. New York, NY, USA: ACM, doi: /

4 Shabtai, Asaf, Uri Kanonov, Yuval Elovici, Chanan Glezer, and Yael Weiss. Andromaly : a Behavioral Malware Detection Framework for Android Devices. J. Intell. Inf. Syst. 38, no. 1 (February 2012): doi: /s x. Aplicaciones de Android En Google Play. Accessed November 18, https://play.google.com/store. Application Fundamentals Android Developers. Accessed March 12, Backes, Michael, Sebastian Gerling, Christian Hammer, Matteo Maffei, and Philip von Styp- Rekowsky. AppGuard Real-time Policy Enforcement for Third-party Applications, BatteryManager Android Developers. Accessed March 9, Bell LaPadula Model. Accessed November 20, Bell-La Padula, Biba and Clark-Wilson Security Models «Commondork. Accessed November 28, Blog.trendmicro.es - El Blog de Seguridad de Trend Microblog.trendmicro.es El Blog de Seguridad de Trend Micro. Accessed April 27, Brute Force Attack - OWASP. Accessed March 16, https://www.owasp.org/index.php/brute_force_attack. Camera Android Developers. Accessed March 6, China Mobile Limited. Accessed April 8, Company Google. Accessed March 18, Construx Checklist for Architecture. Construx SOFTWARE, n.d. Architecture.pdf. Contagio Mobile. Accessed April 27, Conti, Mauro, Vu Thien Nga Nguyen, and Bruno Crispo. CRePE, CWE - CWE-134: Uncontrolled Format String (2.4). Accessed March 15,

5 CWE - CWE-415: Double Free (2.4). Accessed March 13, CxOne - Construx, Dashboards Android Developers. Accessed May 21, Descripción Del Cifrado Simétrico y Asimétrico. Accessed November 18, Device Administration Android Developers. Accessed April 3, Digest::SHA - Search.cpan.org. Accessed March 13, Osvik, D., Adi Shamir, and Eran Tromer. Cache Attacks and Countermeasures: The Case of AES. Weizmann Institute of Science and Applied Mathematics, November 20, Walsh, Eamon. Application of the flask Architecture to the x Window System Server. National Security Agency, Xu, Rubin, Hassen Saidi, and Ross Anderson. Aurasium, Suárez, Pablo, and Carlos Fontela. Documentación y Pruebas, Double Free - OWASP. Accessed March 13, https://www.owasp.org/index.php/double_free. Downloads - Dex2jar - Tools to Work with Android.dex and Java.class Files - Google Project Hosting. Accessed April 8, https://code.google.com/p/dex2jar/downloads/list. Droid Dream Light: Un Nuevo Virus Infecta 25 Apps de Android Navegante Elmundo.es. Accessed March 22, DroidDream Becomes Android Market Nightmare PCWorld. Accessed March 22, Enabling the Kernel s DMESG_RESTRICT Feature. Accessed March 16, https://lists.ubuntu.com/archives/ubuntu-devel/2011-may/ html. Stoneburner, Gary, Clark Hayden, and Alexis Feringa. Engineering Principles for Information Technology Security (A Baseline for Achieving Security), Revision A. National Institute of Standards and Technology (NIST) no. COMPUTER SECURITY (June 2004): 33.

6 ESET Latinoamérica Laboratorio» Blog Archive» Cómo Implementar Modelos de Seguridad de La Información. Accessed November 28, Essentials of the Java Programming Language, Part 1. Accessed March 12, FIPS (DSS), Digital Signature Standard. Accessed March 12, FORTIFY_SOURCE Semantics NYU Poly ISIS Lab. Accessed March 15, https://isisblogs.poly.edu/2011/04/11/fortify_source-semantics/. Gentoo Linux Documentation -- Position Independent Code Internals. Accessed March 15, Glossary Wi-Fi Alliance. Accessed April 29, Gmail: from Google. Accessed April 30, https://accounts.google.com/servicelogin?service=mail&passive=true&rm=false&continue=https:/ /mail.google.com/mail/&ss=1&scc=1&ltmpl=default&ltmplcache=2. How To Boot Into Android Safe Mode On Your Smartphone / Tablet Redmond Pie. Accessed March 12, How to Set and Write SMART Objectives. Accessed November 18, HTTPS Everywhere FAQ. Electronic Frontier Foundation. Accessed April 29, https://www.eff.org/https-everywhere/faq. HTTPS Security Improvements in Internet Explorer 7. Accessed March 13, IEEE , The Working Group Setting the Standards for Wireless LANs. Accessed April 29, Pointcheval, David. How to Encrypt Properly with RSA, Shabtai, Asaf, Yuval Fledel, Uri Kanonov, Yuval Elovici, Shlomi Dolev, and Chanan Glezer. Google Android: A Comprehensive Security Assessment. IEEE Security and Privacy 8, no. 2 (March 2010): doi: /msp Zhou, Yajin, Zhi Wang, Wu Zhou, and Xuxian Jiang. Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets. North Carolina State University,

7 Bruegge, Bernd, and Allen Dutoit. Ingenieria de Software Orientado a Objetos. PrenticeHall, Chaudhuri, Avik. Language-based Security on Android. In Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security, 1 7. PLAS 09. New York, NY, USA: ACM, doi: / Ghosh, Angana. Introducing Android 4.1 (Jelly Bean) Preview Platform, and More Android Developers Blog. Accessed March 22, Gonzalez, Rafael, and Alexandra Pomares. LA INVESTIGACIÓN CIENTÍFICA BASADA EN EL DISEÑO COMO EJE DE PROYECTOS DE INVESTIGACIÓN EN INGENIERÍA. Pontificia Universidad Javeriana - Bogotá, Colombia, _como_eje_de_proyectos_de_investigacin_en_ingeniera. Internet Engineering Task Force (IETF). Accessed April 28, ios: A Visual History. The Verge. Accessed April 7, IT Security Threats Symantec. Accessed April 28, Java SE Downloads. Accessed April 10, JD-GUI Java Decompiler. Accessed April 8, Kaspersky Lab US Antivirus & Internet Security Protection Software. Accessed April 7, Keyboard Devices Android Open Source. Accessed March 8, KeyChain Android Developers. Accessed March 13, Lookout Mobile Security. Accessed February 3, https://www.lookout.com/resources/reports/state-of-mobile-security Managing Authorization and Access Control. Accessed November 18, Mision Pontificia Universidad Javeriana. Accessed November 18, Mission Statement of the WUC» World Uyghur Congress. World Uyghur Congress -. Accessed April 8,

8 Shabtai, Asaf. Malware Detection on Mobile Devices. In 2010 Eleventh International Conference on Mobile Data Management (MDM), , doi: /mdm Shabtai, Asaf, Uri Kanonov, and Yuval Elovici. Intrusion Detection for Mobile Devices Using the Knowledge-based, Temporal Abstraction Method. J. Syst. Softw. 83, no. 8 (August 2010): doi: /j.jss Enck, William, Machigar Ongtang, and Patrick McDaniel. On Lightweight Mobile Phone Application Certification. In Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 09. New York, NY, USA: ACM, doi: / M. Bonilla, Sandra, and Jaime A. Gonzalez. MODELO DE SEGURIDAD DE LA INFORMACION 3 (January 12, 2012): Mmap_min_addr - Debian Wiki. Accessed March 10, Mobile Phone Termonologies. Accessed March 7, Mobile-Sandbox - Live Wallpaper Analysis. Accessed May 21, Modelo de Seguridad. Accessed November 17, https://www.ccncert.cni.es/publico/serieccn-stic401/es/m/security_model.htm. Navegador Web Firefox En Español de España Más Rápido, Más Seguro y Más Personalizable. Accessed September 23, NB SEforAndroid 1 - SELinux Wiki. Accessed April 3, Need for Speed Free - Google Play. Accessed April 8, https://play.google.com/store/search?q=need+for+speed+free&c=apps. OpenBinder. Accessed March 3, OpenGL ES 1_X - The Standard for Embedded Accelerated 3D Graphics. Accessed March 2, Schmidt, Aubrey-Derrick, Frank Peters, Florian Lamour, and Sahin Albayrak. Monitoring Smartphones for Anomaly Detection. In Proceedings of the 1st International Conference on MOBILe Wireless MiddleWARE, Operating Systems, and Applications, 40:1 40:6. MOBILWARE 08. ICST, Brussels, Belgium, Belgium: ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering),

9 Davi, Lucas, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, and Marcel Winandy. Privilege Escalation Attacks on Android. In Proceedings of the 13th International Conference on Information Security, ISC 10. Berlin, Heidelberg: Springer-Verlag, Holbrook, P., and J. Reynolds. RFC 1244: Site Secutiry Handbook. ISI Editors, OWASP. Accessed April 28, https://www.owasp.org/index.php/main_page. Permissions Android Developers. Accessed November 20, Portokalidis, Georgios, Philip Homburg, Kostas Anagnostakis, and Herbert Bos. Paranoid Android: Versatile Protection for Smartphones. In Proceedings of the 26th Annual Computer Security Applications Conference, ACSAC 10. New York, NY, USA: ACM, doi: / Postbank: Willkommen Auf Der Startseite. Kostenloses Girokonto, Günstiger Kredit, Angebote Für Sparen Und Anlegen - Und Vieles Mehr! Accessed April 8, https://www.postbank.de/. PowerManager Android Developers. Accessed March 8, Proyecto Educativo de La Pontificia Universidad Javeriana. Accessed April 17, README - Safe-iop - Safe_iop - a Safe Integer Operation Library for C - Safe Integer Operation Library for C - Google Project Hosting. Accessed March 9, https://code.google.com/p/safeiop/wiki/readme. RFC Point-to-Point Tunneling Protocol (PPTP). Accessed March 19, RFC Layer Two Tunneling Protocol L2TP. Accessed March 19, RFC HTTP Over TLS. Accessed March 13, RFC The Transport Layer Security (TLS) Protocol Version 1.2. Accessed March 13, https://tools.ietf.org/html/rfc5246. RFC PKCS #5: Password-Based Key Derivation Function 2 (PBKDF2) Test Vectors. Accessed March 16, RFCOMM Layer Tutorial. Accessed March 6, Whitman, Michael, and Herbert Mattord. Principles of Information Security. 4th ed. Course Technology, 2011.

10 Barrera, D., and P. Van Oorschot. Secure Software Installation on Smartphones. IEEE Security Privacy 9, no. 3 (June 2011): doi: /msp Bickford, Jeffrey, Ryan O Hare, Arati Baliga, Vinod Ganapathy, and Liviu Iftode. Rootkits on Smart Phones: Attacks, Implications and Opportunities. In Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications, HotMobile 10. New York, NY, USA: ACM, doi: / Borghello, C. Seguridad Informática: Sus Implicancias e Implementación. Universidad Tecnológica Nacional. Argentina, Fernandez, Carlos. Seguridad En Sistemas Informáticos. España: Ediciones Diaz de Santos S.A, Knuth, Donald. Sorting and Searching. Vol. 3. Second. Massachusetts: Addison-Wesley, Kuntze, N., R. Rieke, G. Diederich, R. Sethmann, K. Sohr, T. Mustafa, and K.-O. Detken. Secure Mobile Business Information Processing. In 2010 IEEE/IFIP 8th International Conference on Embedded and Ubiquitous Computing (EUC), , doi: /euc Lapadula, Len. Secure Computer Systems: Mathematical Foundations, Miluzzo, Emiliano, Nicholas D. Lane, Kristóf Fodor, Ronald Peterson, Hong Lu, Mirco Musolesi, Shane B. Eisenman, Xiao Zheng, and Andrew T. Campbell. Sensing Meets Mobile Social Networks: The Design, Implementation and Evaluation of the CenceMe Application. In Proceedings of the 6th ACM Conference on Embedded Network Sensor Systems, SenSys 08. New York, NY, USA: ACM, doi: / Ongtang, Machigar, Stephen McLaughlin, William Enck, and Patrick McDaniel. Semantically Rich Application-Centric Security in Android, Security Alert: CleanedOut The Official Lookout Blog. Accessed April 5, https://blog.lookout.com/blog/2013/02/07/security-alert-cleanedout/. Security Alert: Geinimi, Sophisticated New Android Trojan Found in Wild The Official Lookout Blog. Accessed March 20, https://blog.lookout.com/blog/2010/12/29/geinimi_trojan/. Security Alert: HongTouTou, New Android Trojan, Found in China The Official Lookout Blog. Accessed April 5, https://blog.lookout.com/blog/2011/02/15/security-alert-hongtoutou-newandroid-trojan-found-in-china/. Security Alert: SpamSoldier The Official Lookout Blog. Accessed April 8, https://blog.lookout.com/blog/2012/12/17/security-alert-spamsoldier/. Security Enhancements in Jelly Bean Android Developers Blog. Accessed March 19,

11 SEforAndroid - SELinux Wiki. Accessed March 22, Sepgsql - Security Enhanced PostgreSQL - Google Project Hosting. Accessed April 3, https://code.google.com/p/sepgsql/. Shabtai, A., Y. Fledel, and Y. Elovici. Securing Android-Powered Mobile Devices Using SELinux. IEEE Security Privacy 8, no. 3 (June 2010): doi: /msp Sibling Rivalry: The Ackposts Family. The Official Lookout Blog. Accessed April 8, https://blog.lookout.com/blog/2013/04/10/sibling-rivalry-the-ackposts-family/. Smalley, Stephen, and Robert Craig. Security Enhanced (SE) Android: Bringing Flexible MAC to Android, SMS Tutorial: Introduction to AT Commands, Basic Commands and Extended Commands. Accessed March 18, SolutionBase: Strengthen Network Defenses by Using a DMZ TechRepublic. Accessed November 18, State of Mobile Security Accessed November 19, https://www.lookout.com/resources/reports/state-of-mobile-security State of Mobile Security Accessed November 27, https://www.lookout.com/resources/reports/state-of-mobile-security-2012#lena. State of Mobile Security Accessed March 22, https://www.lookout.com/resources/reports/state-of-mobile-security Surface Manager Blog Silex Technologies. Accessed March 5, Xu, Nan, Fan Zhang, Yisha Luo, Weijia Jia, Dong Xuan, and Jin Teng. Stealthy Video Capturer: a New Video-based Spyware in 3G Smartphones. In Proceedings of the Second ACM Conference on Wireless Network Security, WiSec 09. New York, NY, USA: ACM, doi: / Zhang, Kehuan, Xiaoyong Zhou, Mehool Intwala, Apu Kapadia, and XiaoFeng Wang. Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones. Indiana University Bloomington, Balon, Nathan, and Ishraq Thabet. The Biba Security Model, Boneh, D. Twenty Years of Attacks on the RSA Cryptosystem, Bugiel, Sven, Lucas Davi, Alexandra Dmitrienko, and Thomas Fischer. Towards Taming Privilege-Escalation Attacks on Android. Fraunhofer SIT, Darmstadt, Germany, 2012.

12 ilege-escalation_attacks_on_android.pdf. Bugiel, Sven, Stephan Heuser, and Ahmad-Reza Sadeghi. Towards a Framework for Android Security Modules : Extending SE Android Type Enforcement to Android Middleware. Intel Collaborative Research Institute for Secure Computing, Cai, Liang, and Hao Chen. TouchLogger: Inferring Keystrokes On Touch Screen From Smartphone Motion. University of California, n.d. Ehringer, David. The Dalvik Virtual Machine Architecture, March Enck, W., M. Ongtang, and P. McDaniel. Understanding Android Security. IEEE Security Privacy 7, no. 1 (February 2009): doi: /msp Enck, William, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. TaintDroid, Gilbert, Peter, Landon P. Cox, Jaeyeon Jung, and David Wetherall. Toward Trustworthy Mobile Sensing. In Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications, HotMobile 10. New York, NY, USA: ACM, doi: / Grace, Michael C., Wu Zhou, Xuxian Jiang, and Ahmad-Reza Sadeghi. Unsafe Exposure Analysis of Mobile In-app Advertisements. In Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks, WISEC 12. New York, NY, USA: ACM, doi: / Harada, Toshiharu, Takashi Horie, and Kazuo Tanaka. Task Oriented Management Obviates Your Onus on Linux, Hornyack, Peter, Seungyeop Han, Jaeyeon Jung, Stuart Schechter, and David Wetherall. These Aren t the Droids You re Looking For, Shin, W., S. Kiyomoto, K. Fukushima, and T. Tanaka. Towards Formal Analysis of the Permission-Based Security Model for Android. In Fifth International Conference on Wireless and Mobile Communications, ICWMC 09, 87 92, doi: /icwmc Smalley, Stephen. The Case for SE Android. National Security Agency, n.d. Take a Closer Look at OpenBSD. Accessed March 10, Testing for Brute Force (OWASP-AT-004) - OWASP. Accessed March 16, https://www.owasp.org/index.php/testing_for_brute_force_(owasp-at-004).

13 The 7 Deadly Sins Of Information Security. Accessed March 23, The Bearer of BadNews The Official Lookout Blog. Accessed April 8, https://blog.lookout.com/blog/2013/04/19/the-bearer-of-badnews-malware-google-play/. The Chinese Wall Security Policy. Accessed November 28, To Tibet, with Love The Official Lookout Blog. Accessed April 8, https://blog.lookout.com/blog/2013/03/28/to-tibet-with-love/. UML Tools for Software Development and Modelling - Enterprise Architect UML Modeling Tool. Accessed February 21, Unix Crypt with SHA-256/512. Accessed March 13, Unsafe Exposure Analysis of Mobile In-app Advertisements. Accessed March 19, Update: RuFraud: European Premium SMS Toll Fraud on the Rise The Official Lookout Blog. Accessed November 18, https://blog.lookout.com/blog/2011/12/11/european-premium-smsfraud/. UPDATE: Security Alert: Android Trojan GGTracker Charges Premium Rate SMS Messages The Official Lookout Blog. Accessed November 18, https://blog.lookout.com/blog/2011/06/20/security-alert-android-trojan-ggtracker-charges-victimspremium-rate-sms-messages/. USB Host and Accessory Android Developers. Accessed March 6, Xu, Zhi, Kun Bai, and Sencun Zhu. TapLogger: Inferring User Inputs on Smartphone Touchscreens Using On-board Motion Sensors. In Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks, WISEC 12. New York, NY, USA: ACM, doi: / Zhou, Yajin, Xinwen Zhang, Xuxian Jiang, and Vincent W. Freeh. Taming Information-stealing Smartphone Applications (on Android). In Proceedings of the 4th International Conference on Trust and Trustworthy Computing, TRUST 11. Berlin, Heidelberg: Springer-Verlag, Carter, James. Using Gconf as an Example of How to Create an Userspace Object Manager. National Security Agency, Use Android s Safe Mode to Disable Apps and Troubleshoot Problems. Accessed March 12, Using Freed Memory - OWASP. Accessed March 15, https://www.owasp.org/index.php/using_freed_memory.

14 Using Password Systems - OWASP. Accessed March 16, https://www.owasp.org/index.php/using_password_systems. Scheuren, Fritz. WhatIsASurvey.info. Accessed November 15, Thiagarajan, Arvind, Lenin Ravindranath, Katrina LaCurts, Samuel Madden, Hari Balakrishnan, Sivan Toledo, and Jakob Eriksson. VTrack: Accurate, Energy-aware Road Traffic Delay Estimation Using Mobile Phones. In Proceedings of the 7th ACM Conference on Embedded Networked Sensor Systems, SenSys 09. New York, NY, USA: ACM, doi: / Virtual Private Networking: An Overview. Accessed March 18, Virus Bulletin : Independent Malware Advice. Accessed April 28, Virus Bulletin : Searching for Android. Accessed March 22, Virus Bulletin : VB Android Malware Exposed - an In-depth Look at the Evolution of Android Malware. Accessed November 26, VPN Technologies: Definitions and Requirements. Accessed March 19, VpnService Android Developers. Accessed March 17, Walk and Text, Otra Aplicación Android Con Versión Troyana. Accessed November 17, Walk and Text-Transparent - Aplicaciones de Android En Google Play. Accessed November 15, https://play.google.com/store/apps/details?id=com.incorporateapps.walktext&hl=es. Web of Knowledge [v.5.8] - Web of Science Home. Accessed November 21, neralsearch&sid=4bhdkepeibabkkfi1gd&preferencessaved=&highlighted_tab=wos. Welcome to UNC Computer Science Department of Computer Science. Accessed April 28, What Is ASLR? Accessed March 9, What Is Information Security. Accessed March 18,

15 What Is Piggybacking? - Definition from WhatIs.com. Accessed November 18, WhatsApp :: Home. WhatsApp.com. Accessed November 18, McCracken, Harry. Who s Winning, ios or Android? All the Numbers, All in One Place. Time. Accessed April 26, Tsai, Janice Y., Patrick Kelley, Paul Drielsma, Lorrie Faith Cranor, Jason Hong, and Norman Sadeh. Who s Viewed You?: The Impact of Feedback in a Mobile Location-sharing Application. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI 09. New York, NY, USA: ACM, doi: / Why QWERTY Was Invented. Accessed March 8, WinZip - La Utilidad de Compresión Para Windows - Comprime y Descomprime Archivos. Accessed April 8, X.Org Wiki - ProPolice. Accessed March 9, ZertSecurity The Official Lookout Blog. Accessed April 8, https://blog.lookout.com/blog/2013/05/06/zertsecurity/. Zotero Home. Accessed November 19,

Implementation and Direct Accessing of Android Authority Application in Smart Phones

Implementation and Direct Accessing of Android Authority Application in Smart Phones Implementation and Direct Accessing of Android Authority Application in Smart Phones Amit H. Choksi 1, Jaimin J. Sarvan 2 and Ronak R. Vashi 3 1 ET Dept, BVM Engg. College, V.V.Nagar-388120, Gujarat, India

More information

QRCloud: Android Vulnerability Query and Push Services Based on QR Code in Cloud Computing

QRCloud: Android Vulnerability Query and Push Services Based on QR Code in Cloud Computing Journal of Computational Information Systems 11: 11 (2015) 3875 3881 Available at http://www.jofcis.com QRCloud: Android Vulnerability Query and Push Services Based on QR Code in Cloud Computing Jingzheng

More information

Review of Malware Defense in Mobile Network using Dynamic Analysis of Android Application

Review of Malware Defense in Mobile Network using Dynamic Analysis of Android Application Review of Malware Defense in Mobile Network using Dynamic Analysis of Android Application Miss. Ashwini A. Dongre M. E. 3 rd sem, Dept. of Computer Science and engineering P. R. Patil College of engineering

More information

A proposal to realize the provision of secure Android applications - ADMS: an application development and management system -

A proposal to realize the provision of secure Android applications - ADMS: an application development and management system - 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing A proposal to realize the provision of secure Android applications - ADMS: an application development

More information

Presenting Risks Introduced by Android Application Permissions in a User-friendly Way

Presenting Risks Introduced by Android Application Permissions in a User-friendly Way Presenting Risks Introduced by Android Application Permissions in a User-friendly Way Juraj Varga, Peter Muska Slovak University of Technology in Bratislava, Slovakia juraj.varga@stuba.sk, xmuskap1@stuba.sk

More information

PRESENTING RISKS INTRODUCED BY ANDROID APPLICATION PERMISSIONS IN A USER-FRIENDLY WAY

PRESENTING RISKS INTRODUCED BY ANDROID APPLICATION PERMISSIONS IN A USER-FRIENDLY WAY Ø Ñ Å Ø Ñ Ø Ð ÈÙ Ð Ø ÓÒ DOI: 10.2478/tmmp-2014-0026 Tatra Mt. Math. Publ. 60 (2014), 85 100 PRESENTING RISKS INTRODUCED BY ANDROID APPLICATION PERMISSIONS IN A USER-FRIENDLY WAY Juraj Varga Peter Muska

More information

Android s External Device Attack: Demonstration and Security Suggestions

Android s External Device Attack: Demonstration and Security Suggestions , pp. 317-326 http://dx.doi.org/10.14257/ijsia.2015.9.4.29 Android s External Device Attack: Demonstration and Security Suggestions Zhang Wei, Yang Chao and Chen Yunfang * Nanjing University of Posts and

More information

Taming Information-Stealing Smartphone Applications (on Android)

Taming Information-Stealing Smartphone Applications (on Android) Taming Information-Stealing Smartphone Applications (on Android) Yajin Zhou 1, Xinwen Zhang 2, Xuxian Jiang 1, and Vincent W. Freeh 1 1 Department of Computer Science, NC State University yajin zhou@ncsu.edu,

More information

DETECTION OF CONTRAVENTION IN MOBILE CLOUD SERVICES

DETECTION OF CONTRAVENTION IN MOBILE CLOUD SERVICES IJITE Vol. 4 No.1-2 January-December 2013, pp.13-17 International Sciences Press DETECTION OF CONTRAVENTION IN MOBILE CLOUD SERVICES D. Lakshmana Kumar 1 and G. Draksha 2 1 M.Tech. Student, Department

More information

Reputation Based Security Model for Android Applications

Reputation Based Security Model for Android Applications 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications Reputation Based Security Model for Android Applications Welderufael Berhane Tesfay, Todd Booth, and

More information

A Review on Android Security

A Review on Android Security A Review on Android Security Dr. Vikash Kumar Singh 1, Devendra Singh Kushwaha 2, Raju Sujane 3, Roshni Tiwari 4 Head (I/C), Dept. of computer Science IGNTU Amarkantak (M.P.) 1 Assistant Professor, Faculty

More information

Android Security - Common attack vectors

Android Security - Common attack vectors Institute of Computer Science 4 Communication and Distributed Systems Rheinische Friedrich-Wilhelms-Universität Bonn, Germany Lab Course: Selected Topics in Communication Management Android Security -

More information

The Behavioral Analysis of Android Malware

The Behavioral Analysis of Android Malware , pp.41-47 http://dx.doi.org/10.14257/astl.2014.63.09 The Behavioral Analysis of Android Malware Fan Yuhui, Xu Ning Department of Computer and Information Engineering, Huainan Normal University, Huainan,

More information

Review on Android and Smartphone Security

Review on Android and Smartphone Security Review Paper Abstract Research Journal of Computer and Information Technology Sciences ISSN 2320 6527 Vol. 1(6), 12-19, November (2013) Review on Android and Smartphone Security Tiwari Mohini, Srivastava

More information

Control Theoretic Adaptive Monitoring Tools for the Android Platform

Control Theoretic Adaptive Monitoring Tools for the Android Platform Control Theoretic Adaptive Monitoring Tools for the Android Platform DAVID REYNOLDS Department of Computer Science Texas State University San Marcos, USA dr1299@txstate.edu MINA GUIRGUIS Department of

More information

Smartphone Security 20-00-0615-pr. Sven Bugiel

Smartphone Security 20-00-0615-pr. Sven Bugiel Smartphone Security 20-00-0615-pr Sven Bugiel Organizational: Teams 2-3 Students per team Register your team by email to me Names, Student IDs, and email addresses of all team members Preferred and backup

More information

Two Vulnerabilities in Android OS Kernel

Two Vulnerabilities in Android OS Kernel IEEE ICC 2013 - Wireless Networking Symposium Two Vulnerabilities in Android OS Kernel Xiali Hei, Xiaojiang Du and Shan Lin Department of Computer and Information Sciences Temple University Philadelphia,

More information

Research on Situation and Key Issues of Smart Mobile Terminal Security

Research on Situation and Key Issues of Smart Mobile Terminal Security Research on Situation and Key Issues of Smart Mobile Terminal Security Hao-hao Song, Jun-bing Zhang, Lei Lu and Jian Gu Abstract As information technology continues to develop, smart mobile terminal has

More information

A Research on Camera Based Attack and Prevention Techniques on Android Mobile Phones

A Research on Camera Based Attack and Prevention Techniques on Android Mobile Phones A Research on Camera Based Attack and Prevention Techniques on Android Mobile Phones Anushree Pore, Prof. Mahip Bartere PG Student, Dept. of CSE, G H Raisoni College of Engineering, Amravati, Maharashtra,

More information

Available online at www.sciencedirect.com. ScienceDirect. The 4th International Conference on Electrical Engineering and Informatics (ICEEI 2013)

Available online at www.sciencedirect.com. ScienceDirect. The 4th International Conference on Electrical Engineering and Informatics (ICEEI 2013) Available online at www.sciencedirect.com ScienceDirect Procedia Technology 11 ( 2013 ) 650 657 The 4th International Conference on Electrical Engineering and Informatics (ICEEI 2013) Reviews on Cybercrime

More information

RecDroid: A Resource Access Permission Control Portal and Recommendation Service for Smartphone Users

RecDroid: A Resource Access Permission Control Portal and Recommendation Service for Smartphone Users RecDroid: A Resource Access Permission Control Portal and Recommendation Service for Smartphone Users Bahman Rashidi Virginia Commonwealth University rashidib@vcu.edu Carol Fung Virginia Commonwealth University

More information

Firewall-based Solution for Preventing Privilege Escalation Attacks in Android

Firewall-based Solution for Preventing Privilege Escalation Attacks in Android International Journal of Computer Networks and Communications Security VOL. 2, NO. 9, SEPTEMBER 2014, 318 327 Available online at: www.ijcncs.org ISSN 2308-9830 C N C S Firewall-based Solution for Preventing

More information

The Droid Knight: a silent guardian for the Android kernel, hunting for rogue smartphone malware applications

The Droid Knight: a silent guardian for the Android kernel, hunting for rogue smartphone malware applications Virus Bulletin 2013 The Droid Knight: a silent guardian for the Android kernel, hunting for rogue smartphone malware applications Next Generation Intelligent Networks Research Center (nexgin RC) http://wwwnexginrcorg/

More information

A RISK ASSESSMENT STUDY OF CHILDREN PRIVACY OF THE MOBILE APPs

A RISK ASSESSMENT STUDY OF CHILDREN PRIVACY OF THE MOBILE APPs A RISK ASSESSMENT STUDY OF CHILDREN PRIVACY OF THE MOBILE APPs Mazen Alghamdi 1, Ron Ruhl 2, Sergey Butakov 3, Dale Lindskog 4 Master of Information Systems Security Management, Concordia University College

More information

Performance Measuring in Smartphones Using MOSES Algorithm

Performance Measuring in Smartphones Using MOSES Algorithm Performance Measuring in Smartphones Using MOSES Algorithm Ms.MALARVIZHI.M, Mrs.RAJESWARI.P ME- Communication Systems, Dept of ECE, Dhanalakshmi Srinivasan Engineering college, Perambalur, Tamilnadu, India,

More information

Detection and Identification of Android Malware Based on Information Flow Monitoring

Detection and Identification of Android Malware Based on Information Flow Monitoring Detection and Identification of Android Malware Based on Information Flow Monitoring Radoniaina Andriatsimandefitra, Valérie Viet Triem Tong To cite this version: Radoniaina Andriatsimandefitra, Valérie

More information

DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices

DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Xueqiang Wang, Kun Sun, Yuewu Wang and Jiwu Jing Data Assurance and Communication Security Research Center, Institute of Information

More information

ESUKOM: Smartphone Security for Enterprise

ESUKOM: Smartphone Security for Enterprise ESUKOM: Smartphone Security for Enterprise Networks Ingo Bente 1 Josef von Helden 1 Bastian Hellmann 1 Joerg Vieweg 1 Kai-Oliver Detken 2 1 Trust@FHH Research Group Fachhochschule Hannover Ricklinger Stadtweg

More information

Detection of Malicious Android Mobile Applications Based on Aggregated System Call Events

Detection of Malicious Android Mobile Applications Based on Aggregated System Call Events Detection of Malicious Android Mobile Applications Based on Aggregated System Call Events You Joung Ham and Hyung-Woo Lee devices, and analyses the characteristics of malicious apps with activation pattern

More information

Android Security Extensions 2. Giovanni Russello g.russello@auckland.ac.nz

Android Security Extensions 2. Giovanni Russello g.russello@auckland.ac.nz Android Security Extensions 2 Giovanni Russello g.russello@auckland.ac.nz Preparing the Report A report must be provided before your presentation The report should be 4 pages long The content of the report

More information

Would You Mind Forking This Process? A Denial of Service attack on Android (and Some Countermeasures)

Would You Mind Forking This Process? A Denial of Service attack on Android (and Some Countermeasures) Would You Mind Forking This Process? A Denial of Service attack on Android (and Some Countermeasures) Alessandro Armando DIST, Università degli Studi di Genova, Italy, armando@dist.unige.it Security &

More information

SECURITY IN ANDROID BASED SMARTPHONE

SECURITY IN ANDROID BASED SMARTPHONE SECURITY IN ANDROID BASED SMARTPHONE Mr. Sumedh P. Ingale 1, Prof. Sunil R. Gupta 2 1 ME (CSE),First Year,Department of CSE,Prof. Ram Meghe Institute Of Technology and Research, Badnera,Amravati. Sant

More information

The Open University s repository of research publications and other research outputs

The Open University s repository of research publications and other research outputs Open Research Online The Open University s repository of research publications and other research outputs PrimAndroid: privacy policy modelling and analysis for Android applications Conference Item How

More information

API Tracing Tool for Android-Based Mobile Devices

API Tracing Tool for Android-Based Mobile Devices API Tracing Tool for Android-Based Mobile Devices Seonho Choi, Michael Bijou, Kun Sun, and Edward Jung Abstract We developed an Application Programming Interface (API) tracing tool for Android-based mobile

More information

Smartphone applications Common Criteria is going Mobile ICCC2012 Paris

Smartphone applications Common Criteria is going Mobile ICCC2012 Paris Dr. Jens Oberender SRC Security Research & Consulting GmbH Smartphone applications ICCC2012 Paris How to CC-evaluate smartphone apps? Agenda Specify Security Target TOE scope Application specific SFRs

More information

Short Paper: A Look at SmartPhone Permission Models

Short Paper: A Look at SmartPhone Permission Models Short Paper: A Look at SmartPhone Permission Models Kathy Wain Yee Au, Yi Fan Zhou, Zhen Huang, Phillipa Gill and David Lie Dept. of Electrical and Computer Engineering University of Toronto, Canada ABSTRACT

More information

DroidBarrier: Know What is Executing on Your Android

DroidBarrier: Know What is Executing on Your Android DroidBarrier: Know What is Executing on Your Android Hussain M. J. Almohri almohri@cs.ku.edu.kw Department of Computer Science Kuwait University, Kuwait Danfeng (Daphne) Yao danfeng@cs.vt.edu Department

More information

Android Architecture. Alexandra Harrison & Jake Saxton

Android Architecture. Alexandra Harrison & Jake Saxton Android Architecture Alexandra Harrison & Jake Saxton Overview History of Android Architecture Five Layers Linux Kernel Android Runtime Libraries Application Framework Applications Summary History 2003

More information

Analysis of advanced issues in mobile security in android operating system

Analysis of advanced issues in mobile security in android operating system Available online atwww.scholarsresearchlibrary.com Archives of Applied Science Research, 2015, 7 (2):34-38 (http://scholarsresearchlibrary.com/archive.html) ISSN 0975-508X CODEN (USA) AASRC9 Analysis of

More information

Research and Design of Universal and Open Software Development Platform for Digital Home

Research and Design of Universal and Open Software Development Platform for Digital Home Research and Design of Universal and Open Software Development Platform for Digital Home CaiFeng Cao School of Computer Wuyi University, Jiangmen 529020, China cfcao@126.com Abstract. With the development

More information

Running Head: AWARENESS OF BYOD SECURITY CONCERNS 1. Awareness of BYOD Security Concerns. Benjamin Tillett-Wakeley. East Carolina University

Running Head: AWARENESS OF BYOD SECURITY CONCERNS 1. Awareness of BYOD Security Concerns. Benjamin Tillett-Wakeley. East Carolina University Running Head: AWARENESS OF BYOD SECURITY CONCERNS 1 Awareness of BYOD Security Concerns Benjamin Tillett-Wakeley East Carolina University AWARENESS OF BYOD SECURITY CONCERNS 2 Abstract This paper will

More information

Mobile Application Security Sharing Session May 2013

Mobile Application Security Sharing Session May 2013 Mobile Application Security Sharing Session Agenda Introduction of speakers Mobile Application Security Trends and Challenges 5 Key Focus Areas for an mobile application assessment 2 Introduction of speakers

More information

IJREAT International Journal of Research in Engineering & Advanced Technology, Volume 1, Issue 1, March, 2013 ISSN: 2320-8791 www.ijreat.

IJREAT International Journal of Research in Engineering & Advanced Technology, Volume 1, Issue 1, March, 2013 ISSN: 2320-8791 www.ijreat. Intrusion Detection in Cloud for Smart Phones Namitha Jacob Department of Information Technology, SRM University, Chennai, India Abstract The popularity of smart phone is increasing day to day and the

More information

A Practical Analysis of Smartphone Security*

A Practical Analysis of Smartphone Security* A Practical Analysis of Smartphone Security* Woongryul Jeon 1, Jeeyeon Kim 1, Youngsook Lee 2, and Dongho Won 1,** 1 School of Information and Communication Engineering, Sungkyunkwan University, Korea

More information

Implement Data Security in Today's Operating System Group Members

Implement Data Security in Today's Operating System Group Members Implement Data Security in Today's Operating System Group Members 1 Muhammad Aleem, 2 Muhammad Tahir, 3 Nasir Jamal 1 MSCS-20, 2 MSCS-06, 3 MSCS-01 Department of Information Technology, University of Sargodha

More information

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise

More information

Lynn Margaret Batten. IT Security Research Services & Deakin University, Melbourne, Australia. June 2015

Lynn Margaret Batten. IT Security Research Services & Deakin University, Melbourne, Australia. June 2015 Lynn Margaret Batten IT Security Research Services & Deakin University, Melbourne, Australia June 2015 Smart devices versus PCs WebView versus Web 2.0 Tracking Certificates Mallory Countermeasures. On

More information

Crowdroid: Behavior-Based Malware Detection System for Android

Crowdroid: Behavior-Based Malware Detection System for Android Crowdroid: Behavior-Based Malware System for Iker Burguera and Urko Zurutuza Electronics and Computing Department Mondragon University 20500 Mondragon, Spain iker.burguera@alumni.eps.mondragon.edu, uzurutuza@mondragon.edu

More information

Defending Behind The Device Mobile Application Risks

Defending Behind The Device Mobile Application Risks Defending Behind The Device Mobile Application Risks Tyler Shields Product Manager and Strategist Veracode, Inc Session ID: MBS-301 Session Classification: Advanced Agenda The What The Problem Mobile Ecosystem

More information

High Secure Mobile Operating System Based on a New Mobile Internet Device Hardware Architecture

High Secure Mobile Operating System Based on a New Mobile Internet Device Hardware Architecture , pp. 127-136 http://dx.doi.org/10.14257/ijfgcn.2015.8.1.14 High Secure Mobile Operating System Based on a New Mobile Internet Device Hardware Architecture Gengxin Sun and Sheng Bin International College

More information

Kaspersky Security 10 for Mobile Implementation Guide

Kaspersky Security 10 for Mobile Implementation Guide Kaspersky Security 10 for Mobile Implementation Guide APPLICATION VERSION: 10.0 MAINTENANCE RELEASE 1 Dear User, Thank you for choosing our product. We hope that you will find this documentation useful

More information

URANOS: User-Guided Rewriting for Plugin-Enabled ANdroid ApplicatiOn Security

URANOS: User-Guided Rewriting for Plugin-Enabled ANdroid ApplicatiOn Security URANOS: User-Guided Rewriting for Plugin-Enabled ANdroid ApplicatiOn Security Daniel Schreckling, Stephan Huber, Focke Höhne, and Joachim Posegga Institute of IT-Security and Security Law University of

More information

Analysis of the Communication between Colluding Applications on Modern Smartphones

Analysis of the Communication between Colluding Applications on Modern Smartphones Analysis of the Communication between Colluding Applications on Modern Smartphones Claudio Marforio, Hubert Ritzdorf, Aurélien Francillon, Srdjan Capkun Institute of Information Security ETH Zurich, Switzerland

More information

Denial of Convenience Attack to Smartphones Using a Fake Wi-Fi Access Point

Denial of Convenience Attack to Smartphones Using a Fake Wi-Fi Access Point Denial of Convenience Attack to Smartphones Using a Fake Wi-Fi Access Point Erich Dondyk College of Engineering and Computer Science University of Central Florida Orlando, United States of America Email:

More information

Pentesting Mobile Applications

Pentesting Mobile Applications WEB 应 用 安 全 和 数 据 库 安 全 的 领 航 者! 安 恒 信 息 技 术 有 限 公 司 Pentesting Mobile Applications www.dbappsecurity.com.cn Who am I l Frank Fan: CTO of DBAPPSecurity Graduated from California State University as a Computer

More information

Malware Analysis for Android Operating

Malware Analysis for Android Operating Malware Analysis for Android Operating Kriti Sharma, Trushank Dand, Tae Oh and William Stackpole Abstract The number of mobile devices has dramatically increased in the last decade. As the mobile devices

More information

Creating and Using Databases for Android Applications

Creating and Using Databases for Android Applications Creating and Using Databases for Android Applications Sunguk Lee * 1 Research Institute of Industrial Science and Technology Pohang, Korea sunguk@rist.re.kr *Correspondent Author: Sunguk Lee* (sunguk@rist.re.kr)

More information

Reminders. Lab opens from today. Many students want to use the extra I/O pins on

Reminders. Lab opens from today. Many students want to use the extra I/O pins on Reminders Lab opens from today Wednesday 4:00-5:30pm, Friday 1:00-2:30pm Location: MK228 Each student checks out one sensor mote for your Lab 1 The TA will be there to help your lab work Many students

More information

DroidAuditor: Forensic Analysis of Application-Layer Privilege Escalation Attacks on Android

DroidAuditor: Forensic Analysis of Application-Layer Privilege Escalation Attacks on Android Technical Report Nr. TUD-CS-2016-0025 January 28, 2016 DroidAuditor: Forensic Analysis of Application-Layer Privilege Escalation Attacks on Android Authors Stephan Heuser, Marco Negro, Praveen Kumar Pendyala,

More information

Emerging Mobile Platforms: Firefox OS and Tizen

Emerging Mobile Platforms: Firefox OS and Tizen Emerging Mobile Platforms: Firefox OS and Tizen Olga Gadyatskaya 1, Fabio Massacci 2, and Yury Zhauniarovich 3 Department of Information Engineering and Computer Science, University of Trento Povo 2, Via

More information

A Multi-Criteria-based Evaluation of Android Applications

A Multi-Criteria-based Evaluation of Android Applications A Multi-Criteria-based Evaluation of Android Applications Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Marinella Petrocchi, Andrea Saracino, and Daniele Sgandurra Dipartimento di Ingegneria dell

More information

WallDroid: Cloud Assisted Virtualized Application Specific Firewalls for the Android OS

WallDroid: Cloud Assisted Virtualized Application Specific Firewalls for the Android OS 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications WallDroid: Cloud Assisted Virtualized Application Specific Firewalls for the Android OS Caner Kilinc,

More information

International Journal of Advance Research in Computer Science and Management Studies

International Journal of Advance Research in Computer Science and Management Studies Volume 3, Issue 3, March 2015 ISSN: 2321 7782 (Online) International Journal of Advance Research in Computer Science and Management Studies Research Article / Survey Paper / Case Study Available online

More information

A Review OnEmployee Monitoring Application Using Android Smartphone s Neha S. Mankar 1, Sweeti M. Shambharkar 2 and Asst. Prof. Priti P.

A Review OnEmployee Monitoring Application Using Android Smartphone s Neha S. Mankar 1, Sweeti M. Shambharkar 2 and Asst. Prof. Priti P. A Review OnEmployee Monitoring Application Using Android Smartphone s Neha S. Mankar 1, Sweeti M. Shambharkar 2 and Asst. Prof. Priti P. Dafale 3 mankarneha7@gmail.com 1 swt2855@rediffmail.com 2 pritidfl@gmail.com

More information

Android Malicious apps and Malware Security: A Review

Android Malicious apps and Malware Security: A Review International Journal of Computer Sciences and Engineering Open Access Review Paper Volume-4, Issue-4 E-ISSN: 2347-2693 Android Malicious apps and Malware Security: A Review Vishal Kumar Gujare 1* and

More information

The dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more

The dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more The dramatic growth in mobile device malware continues to escalate at an ever-accelerating pace. These threats continue to become more sophisticated while the barrier to entry remains low. As specific

More information

ANDROID BASED MOBILE APPLICATION DEVELOPMENT and its SECURITY

ANDROID BASED MOBILE APPLICATION DEVELOPMENT and its SECURITY ANDROID BASED MOBILE APPLICATION DEVELOPMENT and its SECURITY Suhas Holla #1, Mahima M Katti #2 # Department of Information Science & Engg, R V College of Engineering Bangalore, India Abstract In the advancing

More information

WIND RIVER SECURE ANDROID CAPABILITY

WIND RIVER SECURE ANDROID CAPABILITY WIND RIVER SECURE ANDROID CAPABILITY Cyber warfare has swiftly migrated from hacking into enterprise networks and the Internet to targeting, and being triggered from, mobile devices. With the recent explosion

More information

An Empirical Evaluation of the Android Security Framework

An Empirical Evaluation of the Android Security Framework An Empirical Evaluation of the Android Security Framework Alessandro Armando 1,2, Alessio Merlo 1,3,, and Luca Verderame 1 1 DIBRIS, Università degli Studi di Genova, Italy name.surname@unige.it 2 Security

More information

Android Security Extensions

Android Security Extensions Android Security Extensions Android Security Model Main objective is simplicity Users should not be bothered Does the user care? Most do not care until its too late But We do It needs a more advanced security

More information

Basic Computer Security Part 2

Basic Computer Security Part 2 Basic Computer Security Part 2 Presenter David Schaefer, MBA OCC Manager of Desktop Support Adjunct Security Instructor: Walsh College, Oakland Community College, Lawrence Technology University Welcome

More information

Harvesting Developer Credentials in Android Apps

Harvesting Developer Credentials in Android Apps 8 th ACM Conference on Security and Privacy in Wireless and Mobile Networks, New York City, Jun 24-26 Harvesting Developer Credentials in Android Apps Yajin Zhou, Lei Wu, Zhi Wang, Xuxian Jiang Florida

More information

Mobile Phones Operating Systems

Mobile Phones Operating Systems Mobile Phones Operating Systems José Costa Software for Embedded Systems Departamento de Engenharia Informática (DEI) Instituto Superior Técnico 2015-05-28 José Costa (DEI/IST) Mobile Phones Operating

More information

Agenda. John Veldhuis, Sophos The playing field Threats Mobile Device Management. Pagina 2

Agenda. John Veldhuis, Sophos The playing field Threats Mobile Device Management. Pagina 2 Mobile Security Agenda John Veldhuis, Sophos The playing field Threats Mobile Device Management Pagina 2 The Changing Mobile World Powerful devices Access everywhere Mixed ownership User in charge Powerful

More information

Hacking your Droid ADITYA GUPTA

Hacking your Droid ADITYA GUPTA Hacking your Droid ADITYA GUPTA adityagupta1991 [at] gmail [dot] com facebook[dot]com/aditya1391 Twitter : @adi1391 INTRODUCTION After the recent developments in the smart phones, they are no longer used

More information

Remote Desktop Access through Android Mobiles and Android Mobiles Access through Web Browser

Remote Desktop Access through Android Mobiles and Android Mobiles Access through Web Browser Remote Desktop Access through Android Mobiles and Android Mobiles Access through Web Browser 1 Karan Sandeep Bhandari, 2 Vishnu Baliram Mandole, 3 Akash Dattatray Munde, 4 Sachin B. Takmare Bharati Vidyapeeth

More information

Smartphone Security. A Holistic view of Layered Defenses. David M. Wheeler, CISSP, CSSLP, GSLC. (C) 2012 SecureComm, Inc. All Rights Reserved

Smartphone Security. A Holistic view of Layered Defenses. David M. Wheeler, CISSP, CSSLP, GSLC. (C) 2012 SecureComm, Inc. All Rights Reserved Smartphone Security A Holistic view of Layered Defenses David M. Wheeler, CISSP, CSSLP, GSLC 1 The Smartphone Market The smartphone security market is expected to grow at a rate of 44 percent annually

More information

Tutorial on Smartphone Security

Tutorial on Smartphone Security Tutorial on Smartphone Security Wenliang (Kevin) Du Professor wedu@syr.edu Smartphone Usage Smartphone Applications Overview» Built-in Protections (ios and Android)» Jailbreaking and Rooting» Security

More information

Dude, Ask The Experts!: Android Resource Access Permission Recommendation with RecDroid

Dude, Ask The Experts!: Android Resource Access Permission Recommendation with RecDroid Dude, Ask The Experts!: Android Resource Access Permission Recommendation with RecDroid Bahman Rashidi Carol Fung Department of Computer Science Virginia Commonwealth University Richmond, VA, USA {rashidib,

More information

Lecture Embedded System Security A. R. Sadeghi, @TU Darmstadt, 2011 2012 Introduction Mobile Security

Lecture Embedded System Security A. R. Sadeghi, @TU Darmstadt, 2011 2012 Introduction Mobile Security Smartphones and their applications have become an integral part of information society Security and privacy protection technology is an enabler for innovative business models Recent research on mobile

More information

Owner-centric Protection of Unstructured Data on Smartphones

Owner-centric Protection of Unstructured Data on Smartphones Owner-centric Protection of Unstructured Data on Smartphones Yajin Zhou 1, Kapil Singh 2, and Xuxian Jiang 1 1 North Carolina State University yajin zhou@ncsu.edu, jiang@cs.ncsu.edu 2 IBM T.J. Watson Research

More information

Studying Security Weaknesses of Android System

Studying Security Weaknesses of Android System , pp. 7-12 http://dx.doi.org/10.14257/ijsia.2015.9.3.02 Studying Security Weaknesses of Android System Jae-Kyung Park* and Sang-Yong Choi** *Chief researcher at Cyber Security Research Center, Korea Advanced

More information

ios Security Decoded Dave Test Classroom and Lab Computing Penn State ITS Feedback - http://j.mp/psumac33

ios Security Decoded Dave Test Classroom and Lab Computing Penn State ITS Feedback - http://j.mp/psumac33 ios Security Decoded Dave Test Classroom and Lab Computing Penn State ITS Feedback - http://j.mp/psumac33 Why care about ios Security? 800M 800 million ios devices activated 130 million in last year 98%

More information

Android 5.0: Lollipop OS

Android 5.0: Lollipop OS IJISET - International Journal of Innovative Science, Engineering & Technology, Vol. 2 Issue 6, June 2015. www.ijiset.com Android 5.0: Lollipop OS ISSN 2348 7968 Meenakshi M.Tech Student, Department of

More information

Berlin Institute of Technology FG Security in Telecommunications

Berlin Institute of Technology FG Security in Telecommunications Berlin Institute of Technology FG Security in Telecommunications Weiss L4Android: A Generic Operating System Framework for Secure Smartphones Workshop on Security and Privacy in Smartphones and Mobile

More information

Introduction to Android

Introduction to Android Introduction to Android Poll How many have an Android phone? How many have downloaded & installed the Android SDK? How many have developed an Android application? How many have deployed an Android application

More information

Research on Monitoring Method of. Permission Requests by Mobile Applications

Research on Monitoring Method of. Permission Requests by Mobile Applications Contemporary Engineering Sciences, Vol. 7, 2014, no. 31, 1683-1689 HIKARI Ltd, www.m-hikari.com http://dx.doi.org/10.12988/ces.2014.411226 Research on Monitoring Method of Permission Requests by Mobile

More information

Smartphone Security Limitations: Conflicting Traditions

Smartphone Security Limitations: Conflicting Traditions Smartphone Security Limitations: Conflicting Traditions Nathaniel Husted School of Informatics and Computing Indiana University, Bloomington nhusted@indianaedu Hassen Saïdi Computer Science Labratory SRI

More information

Towards a Silent Mobile Sensing Framework for Smart Cities

Towards a Silent Mobile Sensing Framework for Smart Cities Towards a Silent Mobile Sensing Framework for Smart Cities Farah Hariri, Guy Daher, Hussein Sibai, Karim Frenn, Sevag Doniguian, and Zaher Dawy Electrical and Computer Engineering Department American University

More information

Security Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2

Security Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2 BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution

More information

A Cloud Based Security System For Cellular Phones. Helwan University, Egypt. www.ijreat.org

A Cloud Based Security System For Cellular Phones. Helwan University, Egypt. www.ijreat.org A Cloud Based Security System For Cellular Phones Ehab M. Alkhafajy 1, Taha M. Mohamed 2, Mahmoud M. El-Khouly 3 1,2,3 Information Technology Department, Faculty of Computers and Information, Helwan University,

More information

Index Terms: Smart phones, Malwares, security, permission violation, malware detection, mobile devices, Android, security

Index Terms: Smart phones, Malwares, security, permission violation, malware detection, mobile devices, Android, security Permission Based Malware Detection Approach Using Naive Bayes Classifier Technique For Android Devices. Pranay Kshirsagar, Pramod Mali, Hrishikesh Bidwe. Department Of Information Technology G. S. Moze

More information

Kaspersky Security for Mobile Administrator's Guide

Kaspersky Security for Mobile Administrator's Guide Kaspersky Security for Mobile Administrator's Guide APPLICATION VERSION: 10.0 SERVICE PACK 1 Dear User, Thank you for choosing our product. We hope that you will find this documentation useful and that

More information

A Survey on Mobile Forensic for Android Smartphones

A Survey on Mobile Forensic for Android Smartphones IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661,p-ISSN: 2278-8727, Volume 17, Issue 2, Ver. 1 (Mar Apr. 2015), PP 15-19 www.iosrjournals.org A Survey on Mobile Forensic for Android Smartphones

More information

Detecting Zero-Day Attacks in Real Time on Day Zero

Detecting Zero-Day Attacks in Real Time on Day Zero Detecting Zero-Day Attacks in Real Time on Day Zero Standards Certification Education & Training Publishing Conferences & Exhibits Industrial Device Integrity Assessment Hardware, OS & Software Malware

More information

Ensuring the security of your mobile business intelligence

Ensuring the security of your mobile business intelligence IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive

More information

An Introduction to Android. Huang Xuguang Database Lab. Inha University 2009.11.2 Email: xuguanghuang@yahoo.cn

An Introduction to Android. Huang Xuguang Database Lab. Inha University 2009.11.2 Email: xuguanghuang@yahoo.cn An Introduction to Android Huang Xuguang Database Lab. Inha University 2009.11.2 Email: xuguanghuang@yahoo.cn Outline Background What is Android? Development for Android Background Internet users and Mobile

More information

Deploying iphone and ipad Security Overview

Deploying iphone and ipad Security Overview Deploying iphone and ipad Security Overview ios, the operating system at the core of iphone and ipad, is built upon layers of security. This enables iphone and ipad to securely access corporate services

More information

DiffUser: Differentiated User Access Control on Smartphones

DiffUser: Differentiated User Access Control on Smartphones DiffUser: Differentiated User Access Control on Smartphones Xudong Ni, Zhimin Yang, Xiaole Bai, Adam C. Champion, and Dong Xuan Department of Computer Science and Engineering The Ohio State University

More information

DRAFT Standard Statement Encryption

DRAFT Standard Statement Encryption DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS-70-006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held

More information