A Survey on Android Malwares and Defense Techniques

2020 ◽  
Vol 17 (4) ◽  
pp. 1557-1565
Author(s):  
Abdesselam Beroual ◽  
Imad Fakhri Al-Shaikhli
Keyword(s):  
Point Of View ◽  
Third Party ◽  
Android Security ◽  
Market Place ◽  
Privacy And Security ◽  
Security Issues ◽  
Android Os ◽  
Android Applications ◽  
Application Developers ◽  
Google Play

Since the last few years, Android is by far the most widely utilized as an operating system for mobile devices, and this is accompanied by the development in terms of number and variety of different Android applications. Android offers a centralized market place maintained by Google named “Google Play Store,” where official and third party application developers can submit their Android applications to make them available for users. The high popularity of Android OS and its market place is becoming a worthy target by hackers and attackers to violate users’ privacy and security. Malwares were also growing in parallel with Android applications growth. It is necessary as a first step to have a solid understanding of malwares’ characteristics to help preventing potential harmful consequences. Whithin this paper, we initially present the general overview for Android OS architecture with application structure, then we highlight the popular Android security issues and focus on the existing solutions to detect and prevent Android malwares, finally, we present our point of view and suggestion for future works on the best solution to overcome the Android malwares.

scholarly journals Security Source Code Analysis of Applications in Android OS

2018 ◽  
Vol 7 (4.15) ◽  
pp. 30
Author(s):  
Sami Azam ◽  
Rajvinder Singh Sumra ◽  
Bharanidharan Shanmugam ◽  
Kheng Cher Yeo ◽  
Mirjam Jonokman ◽  
...  
Keyword(s):  
Operating System ◽  
Mobile Phones ◽  
Source Code ◽  
Security Risk ◽  
Great Flexibility ◽  
Code Analysis ◽  
Malicious Behavior ◽  
Android Os ◽  
Android Applications ◽  
Google Play

It is a known fact that Android mobile phones’ security has room for improvement. Many malicious app developers have targeted     android mobile phones, mainly because android as an open operating system provides great flexibility to developers and there are many android phones which do not have the latest security updates. With the update of marshmallow in android, applications request           permission only during runtime, but not all users have this update. This is important because user permission is required to perform    certain actions. The permissions may be irrelevant to the features provided by an application. The purpose of this research is to          investigate the use and security risk of seeming irrelevant permissions in applications available from Google store. Two different        applications which seem to ask irrelevant permissions during installation were selected from Google store. To test these applications, static analysis, dynamic analysis and reverse engineering tools were used. Findings show potentially malicious behavior, demonstrating that downloading apps from Google play store do not guarantee security.  

Cloud Security Issues and Challenges

2018 ◽  
pp. 77-92 ◽  
Author(s):  
Srinivas Sethi ◽  
Sai Sruti
Keyword(s):  
Cloud Computing ◽  
Data Privacy ◽  
Cloud Service ◽  
Cloud Security ◽  
Third Party ◽  
Service Users ◽  
Privacy And Security ◽  
Security Issues ◽  
Model Cloud ◽  
The Cost

Cloud computing refers to the basic setup for an emerging model of service delivery, that has the advantage of decreasing the cost by sharing computing, infrastructure including storage resources. This can be combined with on-demand delivery mechanism relying on a pay-per-use model. Cloud computing offers an added level of risk because of essential services provided by it to a third party, which makes it difficult to maintain data privacy and security. Security in cloud computing is a critical aspect, which has various issues and challenges related to it. Cloud service providers/ brokers and the cloud service users should make aware of safety cloud. That is the cloud is safe enough from all kinds of the threats, so that the users do not face any problem like; loss of data or data theft. There is a possibility that, a malicious user can enters the cloud by imitating an authentic user, thus corrupt the entire cloud. It can affect many users who are sharing these types of clouds. This chapter mentions the list of parameters that disturb the security of the cloud. This also explores the cloud security issues and challenges faced by cloud service provider/brokers and cloud service users like; data, privacy, and infected application. Finally, it discusses the countermeasure for handling these issues and its challenges.

scholarly journals An Empirical Analysis of using Blockchain Tech-nology with Internet of Things and its Application

2019 ◽  
Vol 8 (9S3) ◽  
pp. 1469-1475
Keyword(s):  
Internet Of Things ◽  
Real Time ◽  
Third Party ◽  
Time Data ◽  
Privacy And Security ◽  
Third Party Intervention ◽  
Security Issues ◽  
Blockchain Technology ◽  
Real Time Data ◽  
Iot Devices

Blockchain technology uses the cryptographic technique to create expanding list of data records called blocks. Along with transaction and timestamp data, each block holds a hash value obtained using cryptographic technique. Blockchain gains importance for its decentralized data transaction and authorization without the need for third-party intervention. Although, it is mostly used in Finance sector these days, due to its inherent ability to protect data it can be applied to every field of computation especially in fields where data transaction is voluminous. Internet of Things (IoT) is one such area where it involves collection, transfer and processing of real time data from objects, humans and sensors to automate various tasks. Hence, this paper reviews the blockchain technology, and how it can be coupled with IoT to overcome the privacy and security issues. This paper first systematically introduces the concept of blockchain technology, its applications along with the need for IoT devices and its implementation. Finally, it discusses the blockchain based IoT (BIoT) its architecture, advantages, challenges in implementation

scholarly journals The Myths of and Solutions for Android OS Controlled and Secure Environment

2015 ◽  
Vol 3 ◽  
pp. 54
Author(s):  
Imants Gorbāns ◽  
Ivans Kulesovs ◽  
Uldis Straujums ◽  
Jānis Buls
Keyword(s):  
Operating System ◽  
Practical Experience ◽  
Bring Your Own Device ◽  
Web Content ◽  
Security Issues ◽  
Android Os ◽  
Secure Environment ◽  
User Data ◽  
Android Applications ◽  
Authorized Access

<p class="R-AbstractKeywords"><span lang="EN-US">Android is the most popular mobile operating system nowadays both for smartphones and tablets. This fact creates many not fully recognized risks. Often even advanced users naive think that using antivirus software, firewall, encryption, updates, as well as avoiding potentially risky sites and applications are enough for security. This list is not full, but nevertheless each its item in most cases only conceals an illusion of reaching the security. Authors have summarized and pointed out several actual Android security issues and have proposed a number of possible solutions.</span></p><p class="R-AbstractKeywords"><span lang="EN-US">The practical experience as well as direct testing show that part of Android applications may contain a malware. The harmful characteristics of an application often become visible only after some runs, or after an update, or after a harmful web content is downloaded and shown by the application. It is observed that applications often try to get an unauthorized or inattentively authorized access to user data and send it outside the device. </span></p><p class="R-AbstractKeywords"><span lang="EN-US">The situation with Android applications gets more and more out of the control. The authors propose a solution to overcome the security issues, while respecting the latest Google solutions. Target group of the proposal are users that use smartphone or tablet both for private and corporate needs, i.e. Bring Your Own Device (BYOD) case.</span></p><p class="R-AbstractKeywords"><span lang="EN-US">The authors point out and compare four possible Android technical administration solutions based on the unified model for BYOD case. The authors also propose the changes to Android architecture to enhance its security. It is proposed to look at the mobile operating system as a web server. Such principle allows implementing in Android a number of security principles taken from the web servers solutions.</span></p>

scholarly journals Understanding Users’ Behavior towards Applications Privacy Policies

Electronics ◽  
2022 ◽  
Vol 11 (2) ◽  
pp. 246
Author(s):  
Salim Ullah ◽  
Muhammad Sohail Khan ◽  
Choonhwa Lee ◽  
Muhammad Hanif
Keyword(s):  
Data Analysis ◽  
Operating Systems ◽  
Daily Life ◽  
Age Groups ◽  
Third Party ◽  
Memory Location ◽  
Privacy And Security ◽  
Phone Calls ◽  
Privacy Violation ◽  
Google Play

Recently, smartphone usage has increased tremendously, and smartphones are being used as a requirement of daily life, equally by all age groups. Smartphone operating systems such as Android and iOS have made it possible for anyone with development skills to create apps for smartphones. This has enabled smartphone users to download and install applications from stores such as Google Play, App Store, and several other third-party sites. During installation, these applications request resource access permissions from users. The resources include hardware and software like contact, memory, location, managing phone calls, device state, messages, camera, etc. As per Google’s permission policy, it is the responsibility of the user to allow or deny any permissions requested by an app. This leads to serious privacy violation issues when an app gets illegal permission granted by a user (e.g., an app might request for granted map permission and there is no need for map permission in the app, and someone can thereby access your location by this app). This study investigates the behavior of the user when it comes to safeguarding their privacy while installing apps from Google Play. In this research, first, seven different applications with irrelevant permission requests were developed and uploaded to two different Play Store accounts. The apps were live for more than 12 months and data were collected through Play Store analytics as well as the apps’ policy page. The preliminary data analysis shows that only 20% of users showed concern regarding their privacy and security either through interaction with the development team through email exchange or through commenting on the platform and other means accordingly.

Cloud Security Issues and Challenges

2017 ◽  
pp. 89-104 ◽  
Author(s):  
Srinivas Sethi ◽  
Sai Sruti
Keyword(s):  
Cloud Computing ◽  
Data Privacy ◽  
Cloud Service ◽  
Cloud Security ◽  
Third Party ◽  
Service Users ◽  
Privacy And Security ◽  
Security Issues ◽  
Model Cloud ◽  
The Cost

Cloud computing refers to the basic setup for an emerging model of service delivery, that has the advantage of decreasing the cost by sharing computing, infrastructure including storage resources. This can be combined with on-demand delivery mechanism relying on a pay-per-use model. Cloud computing offers an added level of risk because of essential services provided by it to a third party, which makes it difficult to maintain data privacy and security. Security in cloud computing is a critical aspect, which has various issues and challenges related to it. Cloud service providers/ brokers and the cloud service users should make aware of safety cloud. That is the cloud is safe enough from all kinds of the threats, so that the users do not face any problem like; loss of data or data theft. There is a possibility that, a malicious user can enters the cloud by imitating an authentic user, thus corrupt the entire cloud. It can affect many users who are sharing these types of clouds. This chapter mentions the list of parameters that disturb the security of the cloud. This also explores the cloud security issues and challenges faced by cloud service provider/brokers and cloud service users like; data, privacy, and infected application. Finally, it discusses the countermeasure for handling these issues and its challenges.

scholarly journals Provable Data Possession (PDP) and Proofs of Retrievability (POR) of Current Big User Data

2021 ◽  
Vol 3 (1) ◽  
Author(s):  
Ieuan Walker ◽  
Chaminda Hewage ◽  
Ambikesh Jayal
Keyword(s):  
Conceptual Framework ◽  
Data Storage ◽  
Third Party ◽  
Privacy And Security ◽  
Provable Data Possession ◽  
Security Issues ◽  
Outsourced Data ◽  
Storage Solutions ◽  
User Data ◽  
Proofs Of Retrievability

AbstractA growing trend over the last few years is storage outsourcing, where the concept of third-party data warehousing has become more popular. This trend prompts several interesting privacy and security issues. One of the biggest concerns with third-party data storage providers is accountability. This article, critically reviews two schemas/algorithms that allow users to check the integrity and availability of their outsourced data on untrusted data stores (i.e., third-party data storages). The reviewed schemas are provable data possession (PDP) and proofs of retrievability (POR). Both are cryptographic protocols designed to provide clients the assurance that their data are secure on the untrusted data storages. Furthermore, a conceptual framework is proposed to mitigate the weaknesses of the current storage solutions.

scholarly journals Building Standardized and Secure Mobile Health Services Based on Social Media

Electronics ◽  
2020 ◽  
Vol 9 (12) ◽  
pp. 2208
Author(s):  
Jesús D. Trigo ◽  
Óscar J. Rubio ◽  
Miguel Martínez-Espronceda ◽  
Álvaro Alesanco ◽  
José García ◽  
...  
Keyword(s):  
Social Media ◽  
Mobile Devices ◽  
Mobile Health ◽  
Healthcare Services ◽  
Small Scale ◽  
Proof Of Concept ◽  
Privacy And Security ◽  
Health Level 7 ◽  
Information Embedding ◽  
Android Applications

Mobile devices and social media have been used to create empowering healthcare services. However, privacy and security concerns remain. Furthermore, the integration of interoperability biomedical standards is a strategic feature. Thus, the objective of this paper is to build enhanced healthcare services by merging all these components. Methodologically, the current mobile health telemonitoring architectures and their limitations are described, leading to the identification of new potentialities for a novel architecture. As a result, a standardized, secure/private, social-media-based mobile health architecture has been proposed and discussed. Additionally, a technical proof-of-concept (two Android applications) has been developed by selecting a social media (Twitter), a security envelope (open Pretty Good Privacy (openPGP)), a standard (Health Level 7 (HL7)) and an information-embedding algorithm (modifying the transparency channel, with two versions). The tests performed included a small-scale and a boundary scenario. For the former, two sizes of images were tested; for the latter, the two versions of the embedding algorithm were tested. The results show that the system is fast enough (less than 1 s) for most mHealth telemonitoring services. The architecture provides users with friendly (images shared via social media), straightforward (fast and inexpensive), secure/private and interoperable mHealth services.

Sign in / Sign up

Export Citation Format

Share Document