A Risk-Driven Model to Minimize the Effects of Human Factors on Smart Devices
作者: Sandeep Gupta , Attaullah Buriro , Bruno Crispo
DOI: 10.1007/978-3-030-39749-4_10
关键词:
摘要: Human errors exploitation could entail unfavorable consequences to smart device users. Typically, devices provide multiple configurable features, e.g., user authentication settings, network selection, application installation, communication interfaces, etc., which users can configure according their need and convenience. However, untrustworthy features configuration mount severe risks towards the protection integrity of data assets residing on or perform security-sensitive activities devices. Conventional security mechanisms mainly focus preventing monitoring malware, but they do not runtime vulnerabilities assessment while use In this paper, we propose a risk-driven model that determines reliability at by users’ usage patterns. The resource access permissions (e.g., ACCESS_INTERNET ACCESS_NETWORK_STATE) given an requiring higher are revoked in case less reliable open WIFI HOTSPOT) Thus, our dynamically fulfills criteria applications revokes resources permission them, until is set secure level. Consequently, secured against any may surface due human factors.
springer.com
sci-hub.st 参考文章(35)
Yajin Zhou, Xinwen Zhang, Xuxian Jiang, Vincent W. Freeh, Taming information-stealing smartphone applications (on Android) trust and trustworthy computing. pp. 93- 107 ,(2011) , 10.1007/978-3-642-21599-5_7
Yang Wang, Jun Zheng, Chen Sun, Srinivas Mukkamala, Quantitative Security Risk Assessment of Android Permissions and Applications Lecture Notes in Computer Science. pp. 226- 241 ,(2013) , 10.1007/978-3-642-39256-6_15
Stilianos Vidalis, Andrew Jones, Analyzing Threat Agents and Their Attributes. european conference on information warfare and security. pp. 369- 380 ,(2005)
Mohammad Modarres, Mark P. Kaminskiy, Vasiliy Krivtsov, Reliability engineering and risk analysis : a practical guide CRC Press. ,(2016) , 10.1201/9781315382425
Tingyang Gu, Luyi Li, Minyan Lu, Jiao Li, Research on the calculation method of information security risk assessment considering human reliability 2014 10th International Conference on Reliability, Maintainability and Safety (ICRMS). pp. 457- 462 ,(2014) , 10.1109/ICRMS.2014.7107238
Robert W. Proctor, Trisha Van Zandt, Human factors in simple and complex systems ,(1993)
Martina Lindorfer, Matthias Neugschwandtner, Christian Platzer, None, MARVIN: Efficient and Comprehensive Mobile App Classification through Static and Dynamic Analysis computer software and applications conference. ,vol. 2, pp. 422- 433 ,(2015) , 10.1109/COMPSAC.2015.103
Daojing He, Sammy Chan, Mohsen Guizani, Mobile application security: malware threats and defenses IEEE Wireless Communications. ,vol. 22, pp. 138- 144 ,(2015) , 10.1109/MWC.2015.7054729
Soteris Demetriou, Xiaoyong Zhou, Muhammad Naveed, Yeonjoon Lee, Kan Yuan, XiaoFeng Wang, Carl A Gunter, What's in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources network and distributed system security symposium. ,(2015) , 10.14722/NDSS.2015.23098
John Spaulding, Alyssa Krauss, Avinash Srinivasan, Exploring an open WiFi detection vulnerability as a malware attack vector on iOS devices international conference on malicious and unwanted software. pp. 87- 93 ,(2012) , 10.1109/MALWARE.2012.6461013