A cloud-based architecture to crowdsource mobile app privacy leaks
作者: Dimitrios Papamartzivanos , Dimitrios Damopoulos , Georgios Kambourakis
关键词:
摘要: Most would agree that modern app-markets have been flooded with applications not only threaten the security of OS superficially, but also in their majority, trample on user's privacy through exposure sensitive information necessarily needed for operation. In this context, current work revolves around 3 key questions: Is there a way end-user to easily track - many times hidden leaks occurring due mobile apps operate? Can crowdsourcing provide quantitative assessment per app terms level? And if yes, which cloud-based mechanism can detect and alert changes apps' behavior? Motivated by aforementioned questions, we design system operates under logic, aim i) real-time privacy-flow tracking service, ii) collaborative infrastructure exchanging related level, iii) potentially behavior-driven detection an effort take advantage data its maximum efficasy.
acm.org
sci-hub.se 参考文章(16)
Yajin Zhou, Xinwen Zhang, Xuxian Jiang, Vincent W. Freeh, Taming information-stealing smartphone applications (on Android) trust and trustworthy computing. pp. 93- 107 ,(2011) , 10.1007/978-3-642-21599-5_7
Clint Gibler, Jonathan Crussell, Jeremy Erickson, Hao Chen, AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale trust and trustworthy computing. pp. 291- 307 ,(2012) , 10.1007/978-3-642-30921-2_17
Функ Кристиан, Гарнаева Мария Александровна, Kaspersky security Bulletin 2013 Вопросы кибербезопасности. ,(2014)
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
Dimitrios Damopoulos, Georgios Kambourakis, Georgios Portokalidis, The best of both worlds: a framework for the synergistic operation of host and cloud anomaly-based IDS for smartphones european workshop on system security. pp. 6- ,(2014) , 10.1145/2592791.2592797
Iker Burguera, Urko Zurutuza, Simin Nadjm-Tehrani, Crowdroid Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '11. pp. 15- 26 ,(2011) , 10.1145/2046614.2046619
Dong-Jie Wu, Ching-Hao Mao, Te-En Wei, Hahn-Ming Lee, Kuo-Ping Wu, DroidMat: Android Malware Detection through Manifest and API Calls Tracing information security. pp. 62- 69 ,(2012) , 10.1109/ASIAJCIS.2012.18
Saman Zonouz, Amir Houmansadr, Robin Berthier, Nikita Borisov, William Sanders, Secloud: A cloud-based comprehensive and lightweight security solution for smartphones Computers & Security. ,vol. 37, pp. 215- 227 ,(2013) , 10.1016/J.COSE.2013.02.002
Georgios Portokalidis, Philip Homburg, Kostas Anagnostakis, Herbert Bos, Paranoid Android: versatile protection for smartphones annual computer security applications conference. pp. 347- 356 ,(2010) , 10.1145/1920261.1920313
Marco V. Barbera, Sokol Kosta, Julinda Stefa, Pan Hui, Alessandro Mei, CloudShield: Efficient anti-malware smartphone patching with a P2P network on the cloud international conference on peer-to-peer computing. pp. 50- 56 ,(2012) , 10.1109/P2P.2012.6335810