2,407 Hits in 6.9 sec

Understanding and improving app installation security mechanisms through empirical analysis of android

David Barrera, Jeremy Clark, Daniel McCarney, Paul C. van Oorschot
2012 Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '12  
We provide a detailed analysis of two largely unexplored aspects of the security decisions made by the Android operating system during the app installation process: update integrity and UID assignment.  ...  To inform our analysis, we collect a dataset of Android application metadata and extract features from these binaries to gain a better understanding of how developers interact with the security mechanisms  ...  ; and the fourth through a Discovery Grant and as Canada Research Chair in Authentication and Computer Security.  ... 
doi:10.1145/2381934.2381949 dblp:conf/ccs/BarreraCMO12 fatcat:ps4p3nmbrzgfbe4skzx5ytsj34

Android Rooting: Methods, Detection, and Evasion

San-Tsai Sun, Andrea Cuadros, Konstantin Beznosov
2015 Zenodo  
While useful, rooting weakens the security of Android devices and opens the door for malware to obtain privileged access easily.  ...  To fill this knowledge gap, we studied existing Android rooting methods and per- formed manual and dynamic analysis on 182 selected apps, in order to identify current rooting detection methods and evaluate  ...  ACKNOWLEDGEMENTS We would like to thank anonymous reviewers for their helpful feedback, which allowed us to improve the paper and our research methods.  ... 
doi:10.5281/zenodo.3264709 fatcat:nthb2dwuwrdgnmfxoel22aifzm

A First Look at Security Risks of Android TV Apps

Yonghui Liu, Li Li, Pingfan Kong, Xiaoyu Sun, Tegawende F. Bissyande
2021 2021 36th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW)  
In this paper, we present to the community the first preliminary study on the security risks of Android TV apps.  ...  We then experimentally look at those apps from four security aspects: VirusTotal scans, requested permissions, security flaws, and privacy leaks.  ...  ACKNOWLEDGEMENTS This work was supported by the Australian Research Council (ARC) under a Discovery Early Career Researcher Award (DECRA) project DE200100016, and a Discovery project DP200100020.  ... 
doi:10.1109/asew52652.2021.00023 fatcat:hnbif5fcivgbznjo2zaae7u4va

An Empirical Analysis of Android Permission System Based on User Activities

Ankur Rameshbhai Khunt, P. Prabu
2018 Journal of Computer Science  
This improved and responsible user activities in Android OS can help the users in utilizing their device securely.  ...  For the most part, users don't focus on the asked permissions, or sometimes users do not understand the meaning of the permission and install the app on their device.  ...  In this article, we propose a new method and algorithm for the Android security.  ... 
doi:10.3844/jcssp.2018.324.333 fatcat:crkhncfoznexpifctseokli6na

Empirical Security and Privacy Analysis of Mobile Symptom Checking Applications on Google Play [article]

I Wayan Budi Sentana, Muhammad Ikram, Mohamed Ali Kaafar, Shlomo Berkovsky
2021 arXiv   pre-print
In this paper, we use a combination of techniques from both static and dynamic analysis to detect, trace and categorize security and privacy issues in 36 popular SymptomCheckers on Google Play.  ...  These improvements have seen the creation of specialized health applications, which offer consumers a range of health-related activities such as tracking and checking symptoms of health conditions or diseases  ...  Source Code Analysis: An APK is a mobile app package file format supported by the Android operating system (OS) for distribution and installation.  ... 
arXiv:2107.13754v1 fatcat:znew7cdy2nfgbcjwhqffeuocx4

Visualizing Privacy Risks of Mobile Applications through a Privacy Meter [chapter]

Jina Kang, Hyoungshick Kim, Yun Gyung Cheong, Jun Ho Huh
2015 Lecture Notes in Computer Science  
Interpreting and understanding privacy risks become quick and easy.  ...  To improve users' awareness of potential privacy implications of installing an application, we designed a "privacy meter" that visualizes the risks (in a slider bar format) imposed by the types of permissions  ...  Results This section presents the data collected through the user study and the statistical analysis results.  ... 
doi:10.1007/978-3-319-17533-1_37 fatcat:6ox7qg47yvcr7kyx3yy37i4kme

Exploring Permission-Induced Risk in Android Applications for Malicious Application Detection

Wei Wang, Xing Wang, Dawei Feng, Jiqiang Liu, Zhen Han, Xiangliang Zhang
2014 IEEE Transactions on Information Forensics and Security  
One of the central design points of Android security mechanism is permission control that restricts the access of apps to core facilities of devices.  ...  Android has been a major target of malicious applications (malapps). How to detect and keep the malapps out of the app markets is an ongoing challenge.  ...  Permission control is one of the major Android security mechanisms.  ... 
doi:10.1109/tifs.2014.2353996 fatcat:giooveurefft3m2micssvwhwfa

A Comprehensive Analysis of the Android Permissions System

Iman Almomani, Aala Al Khayer
2020 IEEE Access  
ACKNOWLEDGMENT This work was supported by the research project "ARO: Android Ransomware Ontology", Security Engineering Lab (SEL); Prince Sultan University; Riyadh; Saudi Arabia, [Grant NO: SEED-CCIS-2020  ...  Thus, Android security strongly depends on the efficiency of its permission system mechanism.  ...  of the studied applications. 3-15 237 apps with 1,703 versions Aapt tool all pre-installed, and third-party apps groups [7] empirically investigate the evo- lution of permission system  ... 
doi:10.1109/access.2020.3041432 fatcat:jcmn4zwp7bgqvju6ofs47z2nrm

Android permissions

Bhaskar Pratim Sarma, Ninghui Li, Chris Gates, Rahul Potharaju, Cristina Nita-Rotaru, Ian Molloy
2012 Proceedings of the 17th ACM symposium on Access Control Models and Technologies - SACMAT '12  
We demonstrate the effectiveness of our proposal through extensive data analysis.  ...  We propose several risk signals that and evaluate them using two datasets, one consists of 158,062 Android apps from the Android Market, and another consists of 121 malicious apps.  ...  [2] present a methodology for the empirical analysis of permission-based security models using self-organizing maps.  ... 
doi:10.1145/2295136.2295141 dblp:conf/sacmat/SarmaLGPNM12 fatcat:tkvabm5ddvg55a45zh6l3hd3d4

Kindness is a Risky Business: On the Usage of the Accessibility APIs in Android

Wenrui Diao, Yue Zhang, Li Zhang, Zhou Li, Fenghao Xu, Xiaorui Pan, Xiangyu Liu, Jian Weng, Kehuan Zhang, XiaoFeng Wang
2019 International Symposium on Recent Advances in Intrusion Detection  
Through code review and a large-scale app scanning study, we find the accessibility APIs have been misused widely.  ...  The flaws and attack cases described in this paper have been responsibly reported to the Android security team and the corresponding vendors.  ...  Acknowledgements We are grateful to our shepherd Jason Polakis and the anonymous reviewers for their insightful comments.  ... 
dblp:conf/raid/DiaoZZ0XPLWZ019 fatcat:v2wtqlkajzehhc2c7ngtlznj5e

Android Security Vulnerabilities Due to User Unawareness and Frameworks for Overcoming Those Vulnerabilities

Tauseef Ibne, Lamia Alam
2016 International Journal of Computer Applications  
With the popularity of Android smart phones everyone finds it convenient to make transactions through these smart phones.  ...  And the users of these smart phones, in most cases unaware of different types of threats.  ...  A methodology for empirical analysis of permission-based security models and its application to android[9] D. Barrera, H. Güne¸ S.  ... 
doi:10.5120/ijca2016908649 fatcat:qvbtsxlmqbeqfmowu6eeymjeuy

Small Changes, Big Changes: An Updated View on the Android Permission System [chapter]

Yury Zhauniarovich, Olga Gadyatskaya
2016 Lecture Notes in Computer Science  
We highlight some bizarre behaviors, which may be of interest for developers and security researchers. We also found a number of bugs during our analysis, and provided patches to AOSP where possible.  ...  Since the appearance of Android, its permission system was central to many studies of Android security.  ...  However, runtime permission requests were previously suggested by security researchers [50] , and the effect of dynamic permission revocation on the Android apps has been empirically evaluated [33] .  ... 
doi:10.1007/978-3-319-45719-2_16 fatcat:z7ekj45tyfh5zjjbq7hlujcvoy

PermissionWatcher: Creating User Awareness of Application Permissions in Mobile Systems [chapter]

Eric Struse, Julian Seifert, Sebastian Üllenbeck, Enrico Rukzio, Christopher Wolf
2012 Lecture Notes in Computer Science  
Both from a technical and a social point of view, they are based on the assumption that users actually understand these permissions and hence they can make an informed decision about which permission to  ...  In a field study with 1000+ Android users, we collected data that provides evidence that users are willing to follow security principles if security awareness is created and information is presented in  ...  Acknowledgements This work has been conducted within the Emmy Noether research groups Long Term Security and Mobile Interaction with Pervasive User Interfaces, both funded by the German Research Foundation  ... 
doi:10.1007/978-3-642-34898-3_5 fatcat:4qfmse47hjhqjmtafsncgmc2vq

Short Text, Large Effect: Measuring the Impact of User Reviews on Android App Security & Privacy

Duc Cuong Nguyen, Erik Derr, Michael Backes, Sven Bugiel
2019 2019 IEEE Symposium on Security and Privacy (SP)  
lead to privacy improvements of apps.  ...  Application markets streamline the end-users' task of finding and installing applications.  ...  ACKNOWLEDGEMENTS This work was supported by the German Federal Ministry of Education and Research (BMBF) through funding for the Center for IT-Security, Privacy and Accountability (CISPA) (FKZ: 16KIS0345  ... 
doi:10.1109/sp.2019.00012 dblp:conf/sp/NguyenD0B19 fatcat:2witynivezfodnmfl6drfkkuau

An Empirical Study of Web Resource Manipulation in Real-world Mobile Applications

Xiaohan Zhang, Yuan Zhang, Qianqian Mo, Hao Xia, Zhemin Yang, Min Yang, Xiaofeng Wang, Long Lu, Hai-Xin Duan
2018 USENIX Security Symposium  
to the Proceedings of the 27th USENIX Security Symposium is sponsored by USENIX.  ...  Acknowledgements We would like to thank the anonymous reviewers for their insightful comments that helped improve the quality of the paper.  ...  This work was supported in part by the National Natural Science Foundation of China (U1636204, 61602123, 61602121, U1736208) and the National Program on Key Basic Research (NO. 2015CB358800).  ... 
dblp:conf/uss/ZhangZMXY00LD18 fatcat:yu6hnse2gzhxxgcly6w6776btm
« Previous Showing results 1 — 15 out of 2,407 results