Privacy Sensitive Resource Access Monitoring for Android Systems

Zhao, Leah; Chan, Neil Wong Hon; Yang, Shanchieh Jay; Melton, Rachel E.

doi:10.1109/icccn.2015.7288451

Cited by 6 publications

(2 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Android utilizes the Linux security model and layers through a user-based permission system [42]. Apps can access resources through the permission system to gain access to resources such as the camera, GPS, Bluetooth, telephony functions, network connections, and other sensors [42]. Such permissions are granted to apps by users when they install an app.…”

Section: Android Operating Systemmentioning

confidence: 99%

Toward a framework for detecting privacy policy violations in android application code

Slavin

Wang

Hosseini

et al. 2016

Proceedings of the 38th International Conference on Software Engineering

144

View full text Add to dashboard Cite

Mobile applications frequently access sensitive personal information to meet user or business requirements. Because such information is sensitive in general, regulators increasingly require mobileapp developers to publish privacy policies that describe what information is collected. Furthermore, regulators have fined companies when these policies are inconsistent with the actual data practices of mobile apps. To help mobile-app developers check their privacy policies against their apps' code for consistency, we propose a semi-automated framework that consists of a policy terminology-API method map that links policy phrases to API methods that produce sensitive information, and information flow analysis to detect misalignments. We present an implementation of our framework based on a privacy-policy-phrase ontology and a collection of mappings from API methods to policy phrases. Our empirical evaluation on 477 top Android apps discovered 341 potential privacy policy violations.

show abstract

Section: Android Operating Systemmentioning

confidence: 99%

Toward a framework for detecting privacy policy violations in android application code

Slavin

Wang

Hosseini

et al. 2016

Proceedings of the 38th International Conference on Software Engineering

144

View full text Add to dashboard Cite

show abstract

“…We utilize a collection methodology [4] whereby typical data collection utilizes application or background service installed on the mobile device with user permission to collect data such as application IP flow call logs, location, Wi-Fi transmission, etc.…”

Section: Introductionmentioning

confidence: 99%

Cloud based security solution for android smartphones

Marengereke

Sornalakshmi

2015

2015 International Conference on Circuits, Power and Computing Technologies [ICCPCT-2015]

View full text Add to dashboard Cite

In this paper, we define SIEM and we discuss Android security monitoring as well as recent research in Android security systems. Then, we propose a cloud based security system for collection, visualization, analysis and correlation of application logs, statistics and determining abnormal application and network behavior on the device. If abnormal behavior is detected an appropriate alert is sent back to the device for remedial action. In the case of abnormal network traffic, then firewall rules to be updated on an implementation of an IPTABLES/ NETFILTER firewall to block unwarranted network traffic. Furthermore a web interface is created to enable visualization of logs and all data collected from the device. So it serves as an intrusion mitigation solution coupled with security information audit web portal. This paper highlights the architecture of the proposed system.

show abstract

SCANNER: Sequence clustering of android resource accesses

Chan

Yang

2017

2017 IEEE Conference on Dependable and Secure Computing

View full text Add to dashboard Cite

Privacy Sensitive Resource Access Monitoring for Android Systems

Cited by 6 publications

References 6 publications

Toward a framework for detecting privacy policy violations in android application code

Toward a framework for detecting privacy policy violations in android application code

Cloud based security solution for android smartphones

SCANNER: Sequence clustering of android resource accesses

Contact Info

Product

Resources

About