Securing Android

Sufatrio,; Tan, Darell J. J.; Chua, Tong-Wei; Thing, Vrizlynn L. L.

doi:10.1145/2733306

Cited by 96 publications

(14 citation statements)

References 70 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In particular, La Polla et al [41] surveyed smartphone security threats and their solutions for the period 2004-2011, but has very limited coverage of Android. In the survey papers [29,42,47] the authors focus on the Android platform, but they only perform an informal analysis of the security model. Some work have analyzed the limitations and weaknesses of the Android security model.…”

Section: Related Workmentioning

confidence: 99%

Formal Analysis of Android's Permission-Based Security Model

Betarte¹,

Campo²,

Luna³

et al. 2016

SACS

View full text Add to dashboard Cite

In this work we present a comprehensive formal specification of an idealized formulation of Android's permission model. Permissions in Android are basically tags that developers declare in their applications, more precisely in the so-called application manifest, to gain access to sensitive resources. Several analyses have recently been carried out concerning the security of the Android system. Few of them, however, pay attention to the formal aspects of the permission enforcing framework. We provide a complete and uniform formulation of several security properties using the higher order logic of the Calculus of Inductive Constructions and sketch the proofs that have been developed and verified using the Coq proof assistant. We also analyze how the changes introduced in the latest version of Android, that allows to manage permissions at runtime, impact the presented model.

show abstract

Section: Related Workmentioning

confidence: 99%

Formal Analysis of Android's Permission-Based Security Model

Betarte¹,

Campo²,

Luna³

et al. 2016

SACS

View full text Add to dashboard Cite

show abstract

“…Malicious libraries can then abuse the permissions they are given on behalf of the application and use any number of the malicious attack strategies discussed further on [13].…”

Section: Ad Librariesmentioning

confidence: 99%

Risks behind Device Information Permissions in Android OS

Alshehri¹,

Hewins²,

McCulley³

et al. 2017

View full text Add to dashboard Cite

In the age of smartphones, people do most of their daily work using their smartphones due to significant improvement in smartphone technology. When comparing different platforms such as Windows, iOS, Android, and Blackberry, Android has captured the highest percentage of total market share [1]. Due to this tremendous growth, cybercriminals are encouraged to penetrate various mobile marketplaces with malicious applications. Most of these applications require device information permissions aiming to collect sensitive data without user's consent. This paper investigates each element of system information permissions and illustrates how cybercriminals can harm users' privacy. It presents some attack scenarios using READ_PHONE_STATE permission and the risks behind it. In addition, this paper refers to possible attacks that can be performed when additional permissions are combined with READ_PHONE_STATE permission. It also discusses a proposed solution to defeat these types of attacks.

show abstract

“…Unfortunately, the speed and efficiency of new internet technologies is reflected in rising cybercrime [8,13,14]. The financial sector that security has enhanced is no exception on online platforms.…”

Section: Security Issues and Requirementsmentioning

confidence: 99%

The Data Processing Approach for Preserving Personal Data in FinTech-Driven Paradigm

Kim¹,

Hong²

2016

IJSIA

View full text Add to dashboard Cite

FinTech-driven paradigm shift in financial service poses challenges for financial sector in balancing the potential benefits of development with the potential risks. It is difficult to detect as advanced threats, so the extent of the damage cannot be foreseen in the financial sector. In this paper, we suggest the approach based on trust about processing data including personally identifiable information for preserving and protecting in the environment using FinTech.

show abstract

Securing Android

Cited by 96 publications

References 70 publications

Formal Analysis of Android's Permission-Based Security Model

Formal Analysis of Android's Permission-Based Security Model

Risks behind Device Information Permissions in Android OS

The Data Processing Approach for Preserving Personal Data in FinTech-Driven Paradigm

Contact Info

Product

Resources

About