Exposing Security Risks for Commercial Mobile Devices
作者: Zhaohui Wang , Ryan Johnson , Rahul Murmuria , Angelos Stavrou
DOI: 10.1007/978-3-642-33704-8_2
关键词:
摘要: Recent advances in the hardware capabilities of mobile hand-held devices have fostered development open source operating systems and a wealth applications for phones tablet devices. This new generation smart devices, including iPhone Google Android, are powerful enough to accomplish most user tasks previously requiring personal computer. Moreover, access Personally Identifiable Information (PII) from full suite sensors such as GPS, camera, microphone others. In this paper, we discuss security threats that stem these device online application markets These include malware, data exfiltration, exploitation through USB, tracking. We present our ongoing research efforts defend or mitigate impact attacks against Our approaches involve analyzing code binaries applications, kernel-level encryption, controlling communication mechanisms synchronizing contents with computers other updates version system over USB. also explain emerging challenges dealing issues when end-goal is deploy security-enhanced into military tactical scenarios.
springer.com
springerlink.com参考文章(33)
Damien Octeau, William Enck, Patrick McDaniel, Swarat Chaudhuri, A study of android application security usenix security symposium. pp. 21- 21 ,(2011)
Wenke Lee, Monirul I. Sharif, Andrea Lanzi, Jonathon T. Giffin, Impeding Malware Analysis Using Conditional Code Obfuscation network and distributed system security symposium. pp. 1- 13 ,(2008)
M. Bellare, Optimal Asymmetric Encryption-How to Encrypt with RSA theory and application of cryptographic techniques. ,(1995)
David Brumley, Cody Hartwig, Zhenkai Liang, James Newsome, Dawn Song, Heng Yin, Automatically Identifying Trigger-based Behavior in Malware Botnet Detection. pp. 65- 88 ,(2008) , 10.1007/978-0-387-68768-1_4
Mihir Bellare, Phillip Rogaway, Optimal asymmetric encryption theory and application of cryptographic techniques. pp. 92- 111 ,(1994) , 10.1007/BFB0053428
D. Boneh, TWENTY YEARS OF ATTACKS ON THE RSA CRYPTOSYSTEM Notices of the American Mathematical Society. ,vol. 46, pp. 203- 212 ,(1999)
Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel, Semantically rich application-centric security in Android Security and Communication Networks. ,vol. 5, pp. 658- 673 ,(2012) , 10.1002/SEC.360
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
Jeffrey Bickford, Ryan O'Hare, Arati Baliga, Vinod Ganapathy, Liviu Iftode, Rootkits on smart phones: attacks, implications and opportunities workshop on mobile computing systems and applications. pp. 49- 54 ,(2010) , 10.1145/1734583.1734596
Iker Burguera, Urko Zurutuza, Simin Nadjm-Tehrani, Crowdroid Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '11. pp. 15- 26 ,(2011) , 10.1145/2046614.2046619