Detecting Colluding Inter-App Communication in Mobile Environment

The increase in computing capabilities of mobile devices has, in the last few years, made possible a plethora of complex operations performed from smartphones and tablets end users, for instance, from a bank transfer to the full management of home automation. Clearly, in this context, the detection of malicious applications is a critical and challenging task, especially considering that the user is often totally unaware of the behavior of the applications installed on their device. In this paper, we propose a method to detect inter-app communication i.e., a colluding communication between different applications with data support to silently exfiltrate sensitive and private information. We based the proposed method on model checking, by representing Android applications in terms of automata and by proposing a set of logic properties to reduce the number of comparisons and a set of logic properties automatically generated for detecting colluding applications. We evaluated the proposed method on a set of 1092 Android applications, including different colluding attacks, by obtaining an accuracy of 1, showing the effectiveness of the proposed method.

Download Full-text

Android Collusion: Detecting Malicious Applications Inter-Communication through SharedPreferences

Information ◽

10.3390/info11060304 ◽

2020 ◽

Vol 11 (6) ◽

pp. 304 ◽

Cited By ~ 2

Author(s):

Rosangela Casolare ◽

Fabio Martinelli ◽

Francesco Mercaldo ◽

Antonella Santone

Keyword(s):

Model Checking ◽

Mobile Devices ◽

Temporal Logic ◽

Private Information ◽

Recent Trend ◽

Experimental Results ◽

Single Application ◽

Collusion Attack ◽

Android Applications ◽

Inter Communication

The Android platform is currently targeted by malicious writers, continuously focused on the development of new types of attacks to extract sensitive and private information from our mobile devices. In this landscape, one recent trend is represented by the collusion attack. In a nutshell this attack requires that two or more applications are installed to perpetrate the malicious behaviour that is split in more than one single application: for this reason anti-malware are not able to detect this attack, considering that they analyze just one application at a time and that the single colluding application does not exhibit any malicious action. In this paper an approach exploiting model checking is proposed to automatically detect whether two applications exhibit the ability to perform a collusion through the SharedPreferences communication mechanism. We formulate a series of temporal logic formulae to detect the collusion attack from a model obtained by automatically selecting the classes candidate for the collusion, obtained by two heuristics we propose. Experimental results demonstrate that the proposed approach is promising in collusion application detection: as a matter of fact an accuracy equal to 0.99 is obtained by evaluating 993 Android applications.

Download Full-text

Study to Improve Security for IoT Smart Device Controller: Drawbacks and Countermeasures

Security and Communication Networks ◽

10.1155/2018/4296934 ◽

2018 ◽

Vol 2018 ◽

pp. 1-14 ◽

Cited By ~ 4

Author(s):

Xin Su ◽

Ziyu Wang ◽

Xiaofeng Liu ◽

Chang Choi ◽

Dongmin Choi

Keyword(s):

Mobile Devices ◽

Private Information ◽

Smart Device ◽

Security Threats ◽

Security Mechanism ◽

Mobile Environment ◽

Emerging Issues ◽

Fully Connected

Including mobile environment, conventional security mechanisms have been adapted to satisfy the needs of users. However, the device environment-IoT-based number of connected devices is quite different to the previous traditional desktop PC- or mobile-based environment. Based on the IoT, different kinds of smart and mobile devices are fully connected automatically via device controller, such as smartphone. Therefore, controller must be secure compared to conventional security mechanism. According to the existing security threats, these are quite different from the previous ones. Thus, the countermeasures applied should be changed. However, the smart device-based authentication techniques that have been proposed to date are not adequate in terms of usability and security. From the viewpoint of usability, the environment is based on mobility, and thus devices are designed and developed to enhance their owners’ efficiency. Thus, in all applications, there is a need to consider usability, even when the application is a security mechanism. Typically, mobility is emphasized over security. However, considering that the major characteristic of a device controller is deeply related to its owner’s private information, a security technique that is robust to all kinds of attacks is mandatory. In this paper, we focus on security. First, in terms of security achievement, we investigate and categorize conventional attacks and emerging issues and then analyze conventional and existing countermeasures, respectively. Finally, as countermeasure concepts, we propose several representative methods.

Download Full-text

Call Graph and Model Checking for Fine-Grained Android Malicious Behaviour Detection

Applied Sciences ◽

10.3390/app10227975 ◽

2020 ◽

Vol 10 (22) ◽

pp. 7975

Author(s):

Giacomo Iadarola ◽

Fabio Martinelli ◽

Francesco Mercaldo ◽

Antonella Santone

Keyword(s):

Data Structure ◽

Model Checking ◽

Private Information ◽

Control Flow ◽

Graph Data ◽

Call Graph ◽

Fine Grained ◽

Call Graphs ◽

Android Applications ◽

Flow Graphs

The increasing diffusion of mobile devices, widely used for critical tasks such as the transmission of sensitive and private information, corresponds to an increasing need for methods to detect malicious actions that can undermine our data. As demonstrated in the literature, the signature-based approach provided by antimalware is not able to defend users from new threats. In this paper, we propose an approach based on the adoption of model checking to detect malicious families in the Android environment. We consider two different automata representing Android applications, based respectively on Control Flow Graphs and Call Graphs. The adopted graph data structure allows to detect potentially malicious behaviour and also localize the code where the malicious action happens. We experiment the effectiveness of the proposed method evaluating more than 3000 real-world Android samples (with 2552 malware belonging to 21 malicious family), by reaching an accuracy ranging from 0.97 to 1 in malicious family detection.

Download Full-text

Building Standardized and Secure Mobile Health Services Based on Social Media

Electronics ◽

10.3390/electronics9122208 ◽

2020 ◽

Vol 9 (12) ◽

pp. 2208

Author(s):

Jesús D. Trigo ◽

Óscar J. Rubio ◽

Miguel Martínez-Espronceda ◽

Álvaro Alesanco ◽

José García ◽

...

Keyword(s):

Social Media ◽

Mobile Devices ◽

Mobile Health ◽

Healthcare Services ◽

Small Scale ◽

Proof Of Concept ◽

Privacy And Security ◽

Health Level 7 ◽

Information Embedding ◽

Android Applications

Mobile devices and social media have been used to create empowering healthcare services. However, privacy and security concerns remain. Furthermore, the integration of interoperability biomedical standards is a strategic feature. Thus, the objective of this paper is to build enhanced healthcare services by merging all these components. Methodologically, the current mobile health telemonitoring architectures and their limitations are described, leading to the identification of new potentialities for a novel architecture. As a result, a standardized, secure/private, social-media-based mobile health architecture has been proposed and discussed. Additionally, a technical proof-of-concept (two Android applications) has been developed by selecting a social media (Twitter), a security envelope (open Pretty Good Privacy (openPGP)), a standard (Health Level 7 (HL7)) and an information-embedding algorithm (modifying the transparency channel, with two versions). The tests performed included a small-scale and a boundary scenario. For the former, two sizes of images were tested; for the latter, the two versions of the embedding algorithm were tested. The results show that the system is fast enough (less than 1 s) for most mHealth telemonitoring services. The architecture provides users with friendly (images shared via social media), straightforward (fast and inexpensive), secure/private and interoperable mHealth services.

Download Full-text

Decoupling Model Checking from IPv6 in Multicast Methodologies

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b1463.0882s819 ◽

2019 ◽

Vol 8 (2S8) ◽

pp. 667-671

Keyword(s):

Model Checking ◽

End Users ◽

Extreme Programming ◽

Grand Challenge ◽

Symmetric Encryption

IPv6 must work [16]. In fact, few end-users would disagree with the refinement of ran-domized algorithms. We prove that though the location-identity split and replication are never incompatible, extreme programming and symmetric encryption can collude to sur-mount this grand challenge.

Download Full-text

Immersive Mobile Telepresence Systems: A Systematic Literature Review

Journal of Mobile Multimedia ◽

10.13052/jmm1550-4646.1535 ◽

2020 ◽

Author(s):

Rodrigo Luis de Souza da Silva ◽

Lohan Rodrigues Narcizo Ferreira ◽

Lidiane Teixeira Pereira

Keyword(s):

Literature Review ◽

Mobile Devices ◽

Systematic Literature Review ◽

Communication Media ◽

Mobile Environment ◽

Remote Collaboration ◽

Research Opportunities ◽

Internet Connection

Telepresence can be defined as a system that provides remote collaboration between people in different locations, creating the feeling that both users share in fact the environment. The advances in communication, media and internet, has made possible the popularization of these systems. Smartphones have become increasingly powerful in processing, less expensive and more widespread. A single device combines various sensors, one or more cameras and internet connection, thus a potential hardware for telepresence applications. The main objective of this paper is to present a Systematic Literature Review to identify the main characteristics of immersive telepresence systems designed for mobile environment and to analyze research opportunities that can be further exploited or optimized. This research revealed that the development of immersive telepresence systems for mobile devices has increased in recent years, but is not yet widespread.

Download Full-text

Information Security Innovation

Information Security in Diverse Computing Environments - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-4666-6158-5.ch016 ◽

2014 ◽

pp. 303-315

Author(s):

Jan H. P. Eloff ◽

Mariki M. Eloff ◽

Madeleine A. Bihina Bella ◽

Donovan Isherwood ◽

Moses T. Dlamini ◽

...

Keyword(s):

Information Security ◽

Mobile Devices ◽

End Users ◽

End User ◽

Loosely Coupled ◽

Security Services ◽

Time Interaction ◽

Cloud Environments ◽

User Centric ◽

Increasing Demand

The increasing demand for online and real-time interaction with IT infrastructures by end users is facilitated by the proliferation of user-centric devices such as laptops, iPods, iPads, and smartphones. This trend is furthermore propounded by the plethora of apps downloadable to end user devices mostly within mobile-cum-cloud environments. It is clear that there are many evidences of innovation with regard to end user devices and apps. Unfortunately, little, if any, information security innovation took place over the past number of years with regard to the consumption of security services by end users. This creates the need for innovative security solutions that are human-centric and flexible. This chapter presents a framework for consuming loosely coupled (but interoperable) cloud-based security services by a variety of end users in an efficient and flexible manner using their mobile devices.

Download Full-text

Information Security Innovation

Cloud Security ◽

10.4018/978-1-5225-8176-5.ch012 ◽

2019 ◽

pp. 264-277

Author(s):

Jan H. P. Eloff ◽

Mariki M. Eloff ◽

Madeleine A. Bihina Bella ◽

Donovan Isherwood ◽

Moses T. Dlamini ◽

...

Keyword(s):

Information Security ◽

Mobile Devices ◽

End Users ◽

End User ◽

Loosely Coupled ◽

Security Services ◽

Time Interaction ◽

Cloud Environments ◽

User Centric ◽

Increasing Demand

Download Full-text

Exploring M-Commerce and Social Media

Research Paradigms and Contemporary Perspectives on Human-Technology Interaction - Advances in Human and Social Aspects of Technology ◽

10.4018/978-1-5225-1868-6.ch001 ◽

2017 ◽

pp. 1-21 ◽

Cited By ~ 1

Author(s):

Panagiota Papadopoulou

Keyword(s):

Social Media ◽

Mobile Devices ◽

Mobile Phones ◽

Mobile Environment ◽

Commercial Activity ◽

Business Opportunities ◽

Negative Effect ◽

Similarities And Differences ◽

Use Of Social Media ◽

Mobile Context

The proliferation of mobile phones and tablets shape a new arena for online commercial activity with unprecedented opportunities and challenges. In this omnipresent mobile environment, understanding consumer behavior constitutes a challenge for m-commerce vendors, as they seek to understand factors that affect it, positively and negatively, and to integrate social media in their mobile strategy and across mobile devices. This paper presents an exploratory qualitative research examining separately mobile phones and tablets and the use of social media, in the context of m-commerce. The results of our qualitative analysis show important factors for m-commerce and social media adoption and use, highlighting the similarities and differences between mobile phones and tablets. Our qualitative results also reveal factors having a negative effect to m-commerce, for both mobile devices. Business opportunities enabled by social media for m-commerce and how these can be leveraged in this promising multiple-device mobile context are also discussed.

Download Full-text

An Efficient Information Services-Centric Framework for Commuter

International Journal of Information Systems in the Service Sector ◽

10.4018/jisss.2012010102 ◽

2012 ◽

Vol 4 (1) ◽

pp. 22-39

Author(s):

Wee Siong Ng ◽

Justin Cheng ◽

XianJun Wang ◽

Sivakumar Viswanathan

Keyword(s):

Mobile Devices ◽

Traffic Congestion ◽

Traffic Management ◽

Spatial Information ◽

Urban Environments ◽

Mobile Environment ◽

Real Time Traffic ◽

Efficient Information ◽

Matching Mechanism ◽

Information Consumers

One of the major objectives of Advanced Traffic Management Systems (ATMS) is to reduce traffic congestion in urban environments by improving the efficiency of utilization of existing transport infrastructures. Many creative and efficient technologies have been developed over the years. Although commuters, especially drivers, take a critical part in containing traffic congestion problems, they are playing a passive role in the traffic-management ecosystem. Considerably, this is due to the information asymmetry between ATMS decision makers and commuters; what is missing is a matching mechanism to create a bridge between information providers and information consumers in the mobile environment. The authors’ solution provides an efficient services-centric framework for delivering pertinent information to commuters. Probe vehicles are used to estimate the real-time traffic flow and disseminate this information effectively to users’ mobile devices. A 2-level indexing scheme is designed to effectively index the grid cells which contain the spatial information and a location-aware mobile application and back-end services are also implemented. Processed information is disseminated to users’ mobile devices through wireless means and presented in a user friendly interface. Experimental results show that this system is scalable and responsive.

Download Full-text