A Markov adversary model to detect vulnerable iOS devices and vulnerabilities in iOS apps
作者: Christian J. D'Orazio , Rongxing Lu , Kim-Kwang Raymond Choo , Athanasios V. Vasilakos
DOI: 10.1016/J.AMC.2016.08.051
关键词:
摘要: Adversary model to detect vulnerable iOS devices and vulnerabilities in apps.Security privacy of mobile device app users.Markov process for modelling (in)security state or apps.iOS vulnerabilities. With the increased convergence technologies whereby a user can access, store transmit data across different real-time, risks will arise from factors such as lack appropriate security measures place users not having requisite levels awareness fully understanding how be used their advantage. In this paper, we adapt our previously published adversary digital rights management (DRM) apps demonstrate it analyse (non-DRM) that potentially exploited. Using model, investigate several (jailbroken non-jailbroken) devices, Australian Government Medicare Expert Plus (MEP) app, Commonwealth Bank Australia Western Union PayPal PocketCloud Remote Desktop Simple Transfer Pro reveal unknown We then identified exploited expose user's sensitive personally identifiable information stored on transmitted device. conclude with recommendations enhance these devices.
acm.org
sci-hub.se 参考文章(37)
D. Dolev, A. Yao, On the security of public key protocols IEEE Transactions on Information Theory. ,vol. 29, pp. 198- 208 ,(1983) , 10.1109/TIT.1983.1056650
Steve Quirolgico, Jeffrey Voas, Rick Kuhn, Vetting Mobile Apps IT Professional. ,vol. 13, pp. 9- 11 ,(2011) , 10.1109/MITP.2011.73
Aaron Beuhring, Kyle Salous, Beyond Blacklisting: Cyberdefense in the Era of Advanced Persistent Threats ieee symposium on security and privacy. ,vol. 12, pp. 90- 93 ,(2014) , 10.1109/MSP.2014.86
Jonathan Zdziarski, Identifying back doors, attack points, and surveillance mechanisms in iOS devices Digital Investigation. ,vol. 11, pp. 3- 19 ,(2014) , 10.1016/J.DIIN.2014.01.001
Stephen M. Dye, Karen Scarfone, A standard for developing secure mobile applications Computer Standards & Interfaces. ,vol. 36, pp. 524- 530 ,(2014) , 10.1016/J.CSI.2013.09.005
James Imgraben, Alewyn Engelbrecht, Kim-Kwang Raymond Choo, Always connected, but are smart mobile users getting more security savvy? A survey of smart mobile device users Behaviour & Information Technology. ,vol. 33, pp. 1347- 1360 ,(2014) , 10.1080/0144929X.2014.934286
Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, X. Sean Wang, AppIntent: analyzing sensitive data transmission in android for privacy leakage detection computer and communications security. pp. 1043- 1054 ,(2013) , 10.1145/2508859.2516676
Seung-Hyun Seo, Aditi Gupta, Asmaa Mohamed Sallam, Elisa Bertino, Kangbin Yim, Detecting mobile malware threats to homeland security through static analysis Journal of Network and Computer Applications. ,vol. 38, pp. 43- 53 ,(2014) , 10.1016/J.JNCA.2013.05.008
Min-Woo Park, Young-Hyun Choi, Jung-Ho Eom, Tai-Myoung Chung, Dangerous Wi-Fi access point: attacks to benign smartphone applications ubiquitous computing. ,vol. 18, pp. 1373- 1386 ,(2014) , 10.1007/S00779-013-0739-Y
Mariantonietta La Polla, Fabio Martinelli, Daniele Sgandurra, A Survey on Security for Mobile Devices IEEE Communications Surveys and Tutorials. ,vol. 15, pp. 446- 471 ,(2013) , 10.1109/SURV.2012.013012.00028