The document discusses malware improvements on Android OS. It provides an introduction to the growth of smartphones and Android's dominance of the market. It then covers the organization of the paper and defines malware. It reviews the Android OS architecture and literature on Android security. The objectives are to increase awareness of the Android security model and analyze malware development. The findings show Android security relies on user awareness and the open source nature makes it vulnerable. Future scopes include modifying the permission model and alpha testing apps for the Play Store.
A Comprehensive Study on Security issues in Android Mobile Phone — Scope and ...AM Publications
Due to tremendous development and growth in mobile phone software and hardware technologies now Security issues is a very big challenge to all concerned persons such as scientists, manufacturers, designers, industrialists and so on. Usually, such technology takes time to be absorbed into the market and this gives time to the security teams to develop effective security controls. The rapid growth of the smart-phone market and the use of these devices for email, online banking, and accessing other forms of sensitive content has led to the emergence of a new and ever-changing threat landscape [1]. Along with this, the fact that anyone can be a user has led to the smart-phone appearing in the hands of almost every person before the proper security controls can be developed. Currently, android has the biggest share in the market among all the smart-phone operating systems. As the powers and features of such phones increase, their vulnerability also increases and makes them prone towards security threats. In the present paper, the authors have made a systematic study on why android security is important, what some of the potential vulnerabilities are and what security measures have been adopted currently to ensure security.
Adaptive Mobile Malware Detection Model Based on CBRijtsrd
Today, the mobile phones can maintain lots of sensitive information. With the increasing capabilities of such phones, more and more malicious software malware targeting these devices have emerged. However there are many mobile malware detection techniques, they used specified classifiers on selected features to get their best accuracy. Thus, an adaptive malware detection approach is required to effectively detect the concept drift of mobile malware and maintain the accuracy. An adaptive malware detection approach is proposed based on case based reasoning technique in this paper to handle the concept drift issue in mobile malware detection. To demonstrate the design decision of our approach, several experiments are conducted. Large features set with 1,065 features from 10 different categories are used in evaluation. The evaluation includes both accuracy and efficiency of the model. The experimental results prove that our approach achieves acceptable performance and accuracy for the malware detection. Kyaw Soe Moe | Mya Mya Thwe "Adaptive Mobile Malware Detection Model Based on CBR" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-6 , October 2019, URL: https://www.ijtsrd.com/papers/ijtsrd28088.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/28088/adaptive-mobile-malware-detection-model-based-on-cbr/kyaw-soe-moe
Malware detection techniques for mobile devicesijmnct
Mobile devices have become very popular nowadays, due to is portability and high performance, a mobile device became a must device for persons using information and communication technologies. In addition to hardware rapid evolution, mobile applications are also increasing in their complexity and performance to cover most the needs of their users. Both software and hardware design focused on increasing performance and the working hours of a mobile device. Different mobile operating systems are being used today with different platforms and different market shares. Like all information systems, mobile systems are prone to malware attacks. Due to
the personality feature of mobile devices, malware detection is very important and is a must tool in each device to protect private data and mitigate attacks. In
this paper, we will study and analyze different malware detection techniques used for mobile operating systems. We will focus on the to two competing mobile operating systems – Android and iOS. We will asset each technique summarizing its advantages and disadvantages. The aim of the work is to establish a basis for developing a mobile malware detection tool based on user profiling.
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICESijmnct
Mobile devices have become very popular nowadays, due to is portability and high performance, a mobile
device became a must device for persons using information and communication technologies. In addition to
hardware rapid evolution, mobile applications are also increasing in their complexity and performance to
cover most the needs of their users. Both software and hardware design focused on increasing performance
and the working hours of a mobile device. Different mobile operating systems are being used today with
different platforms and different market shares. Like all information systems, mobile systems are prone to
malware attacks. Due to the personality feature of mobile devices, malware detection is very important and
is a must tool in each device to protect private data and mitigate attacks. In this paper, we will study and
analyze different malware detection techniques used for mobile operating systems. We will focus on the to
two competing mobile operating systems – Android and iOS. We will asset each technique summarizing its
advantages and disadvantages. The aim of the work is to establish a basis for developing a mobile malware
detection tool based on user profiling.
ANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSISijitcs
Android smart phone is one of the fast growing mobile phones and because of these it the one of the most preferred target of malware developer. Malware apps can penetrate the device and gain privileges in which it can perform malicious activities such reading user contact, misusing of private information such as sending SMS and can harm user by exploiting the users private data which is stored in the device. The study is about implementation of detecting untrusted on android applications, which would be the basis of all future development regarding malware detection.
The smartphone users worldwide are not aware of the permissions as the basis of all malicious activities that could possibly operate in an android system and may steal personal and private information. Android operating system is an open system in which users are allowed to install application from any unsafe sites. However permission mechanism of and android system is not enough to guarantee the invulnerability of the application that can harm the user. In this paper, the permission scoring-based analysis that will scrutinized the installed permission and allows user to increase the efficiency of Android permission to inform user about the risk of the installed Android application, in this paper, the framework that would classify the level of sensitivity of the permission access by the application. The framework uses a formula that will calculate the sensitivity level of the permission and determine if the installed application is untrusted or not. Our result show that, in a collection of 26 untrusted application, the framework is able to correct and determine the application's behavior consistently and efficiently.
A Comprehensive Study on Security issues in Android Mobile Phone — Scope and ...AM Publications
Due to tremendous development and growth in mobile phone software and hardware technologies now Security issues is a very big challenge to all concerned persons such as scientists, manufacturers, designers, industrialists and so on. Usually, such technology takes time to be absorbed into the market and this gives time to the security teams to develop effective security controls. The rapid growth of the smart-phone market and the use of these devices for email, online banking, and accessing other forms of sensitive content has led to the emergence of a new and ever-changing threat landscape [1]. Along with this, the fact that anyone can be a user has led to the smart-phone appearing in the hands of almost every person before the proper security controls can be developed. Currently, android has the biggest share in the market among all the smart-phone operating systems. As the powers and features of such phones increase, their vulnerability also increases and makes them prone towards security threats. In the present paper, the authors have made a systematic study on why android security is important, what some of the potential vulnerabilities are and what security measures have been adopted currently to ensure security.
Adaptive Mobile Malware Detection Model Based on CBRijtsrd
Today, the mobile phones can maintain lots of sensitive information. With the increasing capabilities of such phones, more and more malicious software malware targeting these devices have emerged. However there are many mobile malware detection techniques, they used specified classifiers on selected features to get their best accuracy. Thus, an adaptive malware detection approach is required to effectively detect the concept drift of mobile malware and maintain the accuracy. An adaptive malware detection approach is proposed based on case based reasoning technique in this paper to handle the concept drift issue in mobile malware detection. To demonstrate the design decision of our approach, several experiments are conducted. Large features set with 1,065 features from 10 different categories are used in evaluation. The evaluation includes both accuracy and efficiency of the model. The experimental results prove that our approach achieves acceptable performance and accuracy for the malware detection. Kyaw Soe Moe | Mya Mya Thwe "Adaptive Mobile Malware Detection Model Based on CBR" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-6 , October 2019, URL: https://www.ijtsrd.com/papers/ijtsrd28088.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/28088/adaptive-mobile-malware-detection-model-based-on-cbr/kyaw-soe-moe
Malware detection techniques for mobile devicesijmnct
Mobile devices have become very popular nowadays, due to is portability and high performance, a mobile device became a must device for persons using information and communication technologies. In addition to hardware rapid evolution, mobile applications are also increasing in their complexity and performance to cover most the needs of their users. Both software and hardware design focused on increasing performance and the working hours of a mobile device. Different mobile operating systems are being used today with different platforms and different market shares. Like all information systems, mobile systems are prone to malware attacks. Due to
the personality feature of mobile devices, malware detection is very important and is a must tool in each device to protect private data and mitigate attacks. In
this paper, we will study and analyze different malware detection techniques used for mobile operating systems. We will focus on the to two competing mobile operating systems – Android and iOS. We will asset each technique summarizing its advantages and disadvantages. The aim of the work is to establish a basis for developing a mobile malware detection tool based on user profiling.
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICESijmnct
Mobile devices have become very popular nowadays, due to is portability and high performance, a mobile
device became a must device for persons using information and communication technologies. In addition to
hardware rapid evolution, mobile applications are also increasing in their complexity and performance to
cover most the needs of their users. Both software and hardware design focused on increasing performance
and the working hours of a mobile device. Different mobile operating systems are being used today with
different platforms and different market shares. Like all information systems, mobile systems are prone to
malware attacks. Due to the personality feature of mobile devices, malware detection is very important and
is a must tool in each device to protect private data and mitigate attacks. In this paper, we will study and
analyze different malware detection techniques used for mobile operating systems. We will focus on the to
two competing mobile operating systems – Android and iOS. We will asset each technique summarizing its
advantages and disadvantages. The aim of the work is to establish a basis for developing a mobile malware
detection tool based on user profiling.
ANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSISijitcs
Android smart phone is one of the fast growing mobile phones and because of these it the one of the most preferred target of malware developer. Malware apps can penetrate the device and gain privileges in which it can perform malicious activities such reading user contact, misusing of private information such as sending SMS and can harm user by exploiting the users private data which is stored in the device. The study is about implementation of detecting untrusted on android applications, which would be the basis of all future development regarding malware detection.
The smartphone users worldwide are not aware of the permissions as the basis of all malicious activities that could possibly operate in an android system and may steal personal and private information. Android operating system is an open system in which users are allowed to install application from any unsafe sites. However permission mechanism of and android system is not enough to guarantee the invulnerability of the application that can harm the user. In this paper, the permission scoring-based analysis that will scrutinized the installed permission and allows user to increase the efficiency of Android permission to inform user about the risk of the installed Android application, in this paper, the framework that would classify the level of sensitivity of the permission access by the application. The framework uses a formula that will calculate the sensitivity level of the permission and determine if the installed application is untrusted or not. Our result show that, in a collection of 26 untrusted application, the framework is able to correct and determine the application's behavior consistently and efficiently.
A security feature can be effective only if the user can use it effectively and the configuration settings are unambiguous. A complicated UI leads to most of the configuration errors. Most of the computer security failures find its genesis in the configuration errors.
The advent of Internet and ease of communication has thrown up the many such challenges; one of them being the security concerns about the data stored and transmitted. With the advent of hand phones, the security concerns have moved one notch up because mobile phones and especially smart phones are not merely devices for communication, but virtual identity databases. Though there has been a steady progress on the technological front, the user-interfaces are yet to become up to the mark for the end-user. Most of the UIs are complicated and confusing which leads the user to commit errors and hence becomes a security nightmare. Our view is that the security and usability share an inverse relation. If the usability of the system is low, the security features are mostly ignored by the users as that seems the most convenient thing to do. However, in case of UI with high usability factor, the designers have to compromise over a lot of security features to make it usable.
According to us, the missing link seems to be the absence or adaptation of a common standard for UI across the platforms. This study compares three most popular OS platforms for smart devices Android by Google, iOS by Apple and Windows by Microsoft on the basis of their usability factors in context of security features provided by them. This summary should help develop a model for future UI developers.
The dependence of users on smartphones to accomplish their daily works is growing increasingly. Every day many mobile applications are downloaded and installed by the users to perform different desirable tasks for them. Before it can be installed in the smartphone, the mobile application requests from the user granting some sort of permissions, which may include the access right to users’ sensitive resources. In absence of a security mechanism that can enforce fine-grained permission control, the application may abuse the granted permissions and thus violates the security of sensitive resources. This paper proposes an attribute-based permission model ABP for Android smartphones to control how the mobile application can exercise the granted permissions. The finer granularity of the permission language used by ABP model ensures that the mobile application cannot violate the user’s security. By using ABP model, the users can enjoy the useful tasks the mobile applications provide while protecting sensitive resources from unauthorized use.
Android mobile platform security and malware surveyeSAT Journals
Abstract As mobile devices become ubiquitous, more people and companies are readily adopting the technology to conduct day-to-day business, and are increasing the amount of personal data transmitted and stored on these devices. These devices are now part of a global infrastructure powering communication and how we do business around the world. In turn, the inherent vulnerabilities are becoming an ever more critical topic of interest and challenge as we continue to see a rapid rate of malware development. This paper is a comprehensive survey on a broad view of the growing Android community, its rapidly growing malware attacks, and security concerns. Serving to aid in the continuous challenge of identifying current and future vulnerabilities as well as incorporating security strategies against them, this survey will focus primarily on mobile devices (also known as smart phones) running the Android mobile operating system between the years of 2007 and 2013. Index Terms: mobile, Android, malware, security
A security feature can be effective only if the user can use it effectively and the configuration settings are unambiguous. A complicated UI leads to most of the configuration errors. Most of the computer security failures find its genesis in the configuration errors.
The advent of Internet and ease of communication has thrown up the many such challenges; one of them being the security concerns about the data stored and transmitted. With the advent of hand phones, the security concerns have moved one notch up because mobile phones and especially smart phones are not merely devices for communication, but virtual identity databases. Though there has been a steady progress on the technological front, the user-interfaces are yet to become up to the mark for the end-user. Most of the UIs are complicated and confusing which leads the user to commit errors and hence becomes a security nightmare. Our view is that the security and usability share an inverse relation. If the usability of the system is low, the security features are mostly ignored by the users as that seems the most convenient thing to do. However, in case of UI with high usability factor, the designers have to compromise over a lot of security features to make it usable.
According to us, the missing link seems to be the absence or adaptation of a common standard for UI across the platforms. This study compares three most popular OS platforms for smart devices Android by Google, iOS by Apple and Windows by Microsoft on the basis of their usability factors in context of security features provided by them. This summary should help develop a model for future UI developers.
The dependence of users on smartphones to accomplish their daily works is growing increasingly. Every day many mobile applications are downloaded and installed by the users to perform different desirable tasks for them. Before it can be installed in the smartphone, the mobile application requests from the user granting some sort of permissions, which may include the access right to users’ sensitive resources. In absence of a security mechanism that can enforce fine-grained permission control, the application may abuse the granted permissions and thus violates the security of sensitive resources. This paper proposes an attribute-based permission model ABP for Android smartphones to control how the mobile application can exercise the granted permissions. The finer granularity of the permission language used by ABP model ensures that the mobile application cannot violate the user’s security. By using ABP model, the users can enjoy the useful tasks the mobile applications provide while protecting sensitive resources from unauthorized use.
Android mobile platform security and malware surveyeSAT Journals
Abstract As mobile devices become ubiquitous, more people and companies are readily adopting the technology to conduct day-to-day business, and are increasing the amount of personal data transmitted and stored on these devices. These devices are now part of a global infrastructure powering communication and how we do business around the world. In turn, the inherent vulnerabilities are becoming an ever more critical topic of interest and challenge as we continue to see a rapid rate of malware development. This paper is a comprehensive survey on a broad view of the growing Android community, its rapidly growing malware attacks, and security concerns. Serving to aid in the continuous challenge of identifying current and future vulnerabilities as well as incorporating security strategies against them, this survey will focus primarily on mobile devices (also known as smart phones) running the Android mobile operating system between the years of 2007 and 2013. Index Terms: mobile, Android, malware, security
Marketing Analytics: Data Quality, Data Matching & Marketing MetricsSenturus
Connect your sales and marketing systems to accurately profile and track your customers. View the webinar video recording and download this deck: http://www.senturus.com/resources/holy-grail-marketing-analytics/.
If you’re like many companies, you struggle to connect your sales and marketing systems and are frustrated by the inability to accurately profile and track your customers. Closing the loop to connect the two silo'd systems is easier to achieve than you may realize. Learn to use the right tools and maximize your expertise to easily surface critical marketing metrics to: 1) Measure return on marketing investment, 2) Know your customer lifetime value and 3) Optimize your marketing and sales funnels based on profit per marketing dollar.
Senturus, a business analytics consulting firm, has a resource library with hundreds of free recorded webinars, trainings, demos and unbiased product reviews. Take a look and share them with your colleagues and friends: http://www.senturus.com/resources/.
Analytical CRM ensues the reason to contact is mapped to willingness to pay and elasticity of the relationship making the process of engagement enjoyable
"Marketing Analytics and Applications": Course IntroductionMasao Kakihara
Initial course introduction slides for "Marketing Analytics and Applications" course at SMU MITB program (AY2016 Term 1).
http://sis.smu.edu.sg/master-it-business
Digital Marketing Enablement starts with Web Analytics. This is a presentation used to capture different facets of web analytics & how it helps in enablement of Digital Marketing
Leverage all the customer data you have collected over the years and use these simple data analytic techniques to align your marketing expense better and identify your best customers.
Intro to Data Science for Enterprise Big DataPaco Nathan
If you need a different format (PDF, PPT) instead of Keynote, please email me: pnathan AT concurrentinc DOT com
An overview of Data Science for Enterprise Big Data. In other words, how to combine structured and unstructured data, leveraging the tools of automation and mathematics, for highly scalable businesses. We discuss management strategy for building Data Science teams, basic requirements of the "science" in Data Science, and typical data access patterns for working with Big Data. We review some great algorithms, tools, and truisms for building a Data Science practice, and provide plus some great references to read for further study.
Presented initially at the Enterprise Big Data meetup at Tata Consultancy Services, Santa Clara, 2012-08-20 http://www.meetup.com/Enterprise-Big-Data/events/77635202/
Myths and Mathemagical Superpowers of Data ScientistsDavid Pittman
Some people think data scientists are mythical beings, like unicorns, or they are some sort of nouveau fad that will quickly fade. Not true, says IBM big data evangelist James Kobielus. In this engaging presentation, with artwork created by Angela Tuminello, Kobielus debunks 10 myths about data scientists and their role in analytics and big data. You might also want to read the full blog by Kobielus that spawned this presentation: "Data Scientists: Myths and Mathemagical Superpowers" - http://ibm.co/PqF7Jn
For more information, visit http://www.ibmbigdatahub.com
A Systematic Review of Android Malware Detection TechniquesCSCJournals
Malware detection is a significant key to Android application security. Malwares threat to Android users is increasing day by day. End users need security because they use mobile device to communicate information. Therefore, developing malware detection and control technology should be a priority. This research has extensively explored various state of the art techniques and mechanisms to detect malwares in Android applications by systematic literature review. It categorized the current researches into static, dynamic and hybrid approaches. This research work identifies the limitation and strength current research work. According to the restrictions of current malware detection technologies, it can conclude that detection technologies that use statistical analysis consume more time, energy and resources as compare to machine learning techniques. The results obtained from this research work reinforce the assertion that detection approaches designed for Android malware do not produce 100% efficient detection accuracy.
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comIdexcel Technologies
Application development has come a long way in last two decades, but it is puzzling to see that despite major security breaches, security testing takes a back seat as compared to other forms of quality testing measures such as usability or functional testing.
Hi :) Aeturnist#2 Issued. My article on “Mobile Security” is published in this issue :) This article covered brief history of mobile security, Vulnerability Analysis, Why Malware Attacks? Why on Android? How to Protect Your Device and Importance of Mobile Data Security. Hope you guys enjoy reading… :)
Review on mobile threats and detection techniquesijdpsjournal
Since last-decade, smart-phones have gained widespread usage. Mobile devices store personal details
such as contacts and text messages. Due to this extensive growth, smart-phones are attracted towards
cyber-criminals. In this research work, we have done a systematic review of the terms related to malware
detection algorithms and have also summarized behavioral description of some known mobile malwares
in tabular form. After careful solicitation of all the possible methods and algorithms for detection of
mobile-based malwares, we give some recommendations for designing future malware detection algorithm
by considering computational complexity and detection ration of mobile malwares.
Behavior-Based Security for Mobile Devices Using Machine Learning Techniquesgerogepatton
The goal of this research project is to design and implement a mobile application and machine learning techniques to solve problems related to the security of mobile devices. We introduce in this paper a
behavior-based approach that can be applied in a mobile environment to capture and learn the behavior of
mobile users. The proposed system was tested using Android OS and the initial experimental results show
that the proposed technique is promising, and it can be used effectively to solve the problem of anomaly
detection in mobile devices.
Android-manifest extraction and labeling method for malware compilation and d...IJECEIAES
Malware is a nuisance for smartphone users. The impact is detrimental to smartphone users if the smartphone is infected by malware. Malware identification is not an easy process for ordinary users due to its deeply concealed dangers in application package kit (APK) files available in the Android Play Store. In this paper, the challenges of creating malware datasets are discussed. Long before a malware classification process and model can be built, the need for datasets with representative features for most types of malwares has to be addressed systematically. Only after a quality data set is available can a quality classification model be obtained using machine learning (ML) or deep learning (DL) algorithms. The entire malware classification process is a full pipeline process and sub processes. The authors purposefully focus on the process of building quality malware datasets, not on ML itself, because implementing ML requires another effort after the reliable dataset is fully built. The overall step in creating the malware dataset starts with the extraction of the Android Manifest from the APK file set and ends with the labeling method for all the extracted APK files. The key contribution of this paper is on how to generate datasets systematically from any APK file.
Our Third Annual Mobile Threats Report takes a look at current trends in malware and shares ways to protect your mobile network. Read the report here: http://juni.pr/11FUxk3
ABSTRACT
Shoreline monitoring is important to overcome the problems in the measurement of the shoreline. Recently,
many researchers have directed attention to methods of predicting shoreline changes by the use of
multispectral images. However, the images being captured tend to have several problems due to the weather.
Therefore, identification of multi class features which includes vegetation and shoreline using multispectral
satellite image is one of the challenges encountered in the detection of shoreline. An efficient framework
using the near infrared–histogram equalisation and improved filtering method is proposed to enhance the
detection of the shoreline in Tanjung Piai, Malaysia, by using SPOT-5 images. Sub-pixel edge detection and
the Wallis filter are used to compute the edge location with the subpixel accuracy and reduce the noise. Then,
the image undergoes image classification process by using Support Vector Machine. The proposed method
performed more effectively and reliable in preserving the missing line of the shoreline edge in the SPOT-5
images.
ABSTRACT
Smartphones are used by billions of people that means the applications of the smartphone is increasing, it is out of control for applications marketplaces to completely validate if an application is malicious or legitimate. Therefore, it is up to users to choose for themselves whether an application is safe to use or not. It is important to say that there are differences between mobile devices and PC machines in resource management mechanism, the security solutions for computer malware are not compatible with mobile devices. Consequently, the anti-malware organizations and academic researchers have produced and proposed many security methods and mechanisms in order to recognize and classify the security threat of the Android operating system. By means of the proposed methods are different from one to another, they can be arranged into various classifications. In this review paper, the present Android security threats is discussed and present security proposed solutions and attempt to classify the proposed solutions and evaluate them.
1. Malware Improvements
A Closer Look
1. Pranav Saini
Department of Information Technology
BVCOE, New Delhi, India
2. Yogesh Madaan
Department of Information Technology
BVCOE, New Delhi, India
2. ORGANIZATION OF PRESENTATION
1. Introduction
2. Android OS
3. Literature Review
4. Objectives of the Study
5. Research Findings & Conclusions
6. Future Scope & Challenges
7. References
3. INTRODUCTION
• The mobile phone market today performs very well. In many
countries, especially in Western Europe and North America, the
number of cell phone subscriptions exceeds the population count.
• According to the Gartner market research firm, smartphones
accounted for 66 percent of the total mobile phone market in 2014.
• Also, according to data collected by IDC, Android dominates the
smartphone OS market with a 76.6% share in 2014 and an average
market share of approx. 70% since 2012.
4. INTRODUCTION
•Every day, more users are using mobile devices to access services,
view data, and pursue personal/business interests. Moreover, many of
these devices are not controlled by the administrator, meaning that
sensitive data is not subject to the security and Data Loss Prevention
policies.
•To complicate matters, today’s mobile devices are not islands— they
are connected to an entire ecosystem of supporting cloud and PC-
based services. Many users directly synchronize their mobile device
with their home computer to back up key device settings and data. In
such scenarios, key assets may be stored in any number of insecure
locations.
5. INTRODUCTION
•In view of the above, we tried to review and suggest changes to the
security models of the Android OS, in order to understand the
impact it will have as its adoption grows within the world.
•The paper is mainly focussed on the Android platform,
development of various malwares for the platform, different attacks
possible and their effects and finally trying to provide a solution to
the increasing problems.
6. ANDROID OS
•The remarkable history of Android started in 2005, when Google
acquired the 2003-founded start-up Android Inc. Until then, only little
was known about the young organization's work, whose main business
was developing software for mobile handsets.
•The Open Handset Alliance (a Google Initiative, 2007) announced the
development of Android, which featured a complete software platform for
mobile handsets including an operating system, middleware and key
mobile applications.
Android was the first mass-produced consumer-market open source
mobile platform that allowed developers to easily create applications and
users to readily install them.
8. MALWARE CONCEPT
Malicious software ("malware") is designed specifically to target a mobile
device system, such as a tablet or smartphone to damage or disrupt the
device. Most mobile malware is designed to disable a mobile device, allow a
malicious user to remotely control the device or to steal personal information
stored on the device.
Among the mobile phones malware attacks, the Android smart phones are
largely targeted by the malware users and hackers. This is mainly due to the
reason that, Android applications market provides an open platform to all the
application. As Google is looking mainly for developing and selling Apps, they
are quite relaxed on the security aspects.
9. MALWARE CONCEPT – SOME EXAMPLES
A malware enters your phone when you download any malicious app into your
android phone. Most of the Android applications are vulnerable for any third
party intervention. Though the unauthorised third party access has been reported
earlier, you can still find increased malware attacks on the android phones.
Most dangerous Android malware attacks:
Fake Banking Apps: This lured the customers into entering their online account
login details.
DroidDream: It infected devices, breached the android security sandbox and stole
data.
AndroidOS fake player: It seems to be a media player and silently sends SMS to
premium SMS numbers.
10. MALWARE CONCEPT
In 2013 Android grew to a very large number: 87%. This was its share of the
global smartphone market then. It also grew to an even larger one: 97%. This
was Android’s share of global mobile malware.
Source: Forbes, 2014
11. LITERATURE REVIEW
The literature analysis carried here for almost a decade (from 2005 to 2014)
from acclaimed researchers of international repute, is intended to serve the
global Mobile Computing Community – Developers and Users alike - who
need to take more informed decisions regarding Mobile Security and Risks
associated with it.
1. Reinfelder, Lena, Zinaida Benenson, and Freya Gassmann compared
Android and iPhone users according to their security and privacy
awareness when handling apps. Based on an online survey conducted
with over 700 German respondents (mostly university students) they
found out that Android users seem to be more aware of the risks
associated with the app usage than iPhone users.
2. Daniel Tse attempted to give feasible solutions to improve Android’s
security model from the user’s awareness level as well as technical level.
12. LITERATURE REVIEW
3. According to Ryan Farmer (Senior Resourcer and Consultant,
Acumin Consulting), there is no one-stop effective security measure that
can be implemented on an Android device. He suggested that providing a
suite of tools which can be installed on to a device, or offering an
encrypted preloaded SD card, will ensure that exponential growth in
mobile malware does not affect the organisation.
4. Research done by Yajin Zhou and Xuxian Jiang presented a systematic
characterization of existing Android Malware. The results of this
characterization of malware samples showed that (1) 86.0% of them
repackage legitimate apps to include malicious payloads; (2) 36.7 contain
platform-level exploits to escalate privelege; (3) 93.0% exhibit bot-like
capability. Furthermore, evaluation with four existing mobile anti-virus
software showed that the best case detects 79.6% of them the worst case
detects only 20.2%.
13. OBJECTIVES OF THE STUDY
•To fill the research gaps and to sort out the emerging issues, the following
objectives are defined:
1. To increase awareness and basic knowledge about the standard Android
OS architecture and operation.
2. To identify the bottlenecks and loopholes in the Android Security
Model.
3. To analyse the development of botnets and malwares against the
current operating system and design its counterparts to defend system
from same types, in the coming future.
14. RESEARCH FINDINGS & CONCLUSIONS
1. On the basis of our study, we can easily conclude that Android security
majorly depends on the user awareness. If the users are aware of how
their smartphones can be attacked/broken into, they would perhaps have
a more guarded and preventive approach.
2. Although, due to the open source nature of this platform, persistence of
a malware for a longer time is much easier than that in other platforms.
Lack in implementation of security checks for an application even being
published on the Android Play Store makes it quite vulnerable.
15. 3. We have analysed latest research to identify novel malware techniques
that can be expected to come into action in the foreseeable future.
4. We have also identified major system level enhancements for the
Android platform as well as novel countermeasures that can be used for
countering these advanced attacks.
RESEARCH FINDINGS & CONCLUSIONS
16. FUTURE SCOPES & CHALLENGES
This study will provide both developers and users alike, a deep insight into
the workings and shortcomings of the Android OS along with the following
points:
1. Restructuring/Modifying the Android Permissions Model : The
permissions model is based on permissions, which are constructs that
various APIs require calling apps to have before they will provide
certain services, can be seen as a preventive factor.
2. Alpha-testing of suspicious applications on the Android Play Store is
also an important issue to look into.
3. We hope to build a malware detection application in the coming future
based on these malware attacks.
17. REFERENCES
[1] YAJIN, Z., AND XUXIAN, J. Dissecting android malware:
Characterization and evolution. In Proceedings of the 33rd IEEE
Symposium on Security and Privacy (may 2012)..
[2] http://www.theinquirer.net/inquirer/news/2325812/androids-growth-to-
slow-following-record-capture-of-80-percent-market-share-in-2013
[3] Tse, Daniel, et al. "STRATEGIES IN IMPROVING ANDROID
SECURITY." (2014).
[4] http://androidprogramz.blogspot.in/2012/06/architecture-of-android-in-
order-to.html
[5]http://www.techotopia.com/index.php/An_Overview_of_the_Android_
Architecture
18. REFERENCES
[6]http://www.acumin.co.uk/download_files/WhitePaper/android_white_pape
r_2.pdf
[7] Reinfelder, Lena, Zinaida Benenson, and Freya Gassmann. "Differences
between Android and iPhone Users in Their Security and Privacy Awareness.
"Trust, Privacy, and Security in Digital Business. Springer International
Publishing, 2014. 156-167.
[8] http://developer.android.com/tools/building/index.html
[9] http://www.symantec.com/connect/blogs/future-mobile-malware
[10] Gordon Kelly. “Report: 97% Of Mobile Malware Is On Android. This Is
The Easy Way You Stay Safe”. Forbes, 2013.
[11] Press Release, “Gartner Says Sales of Smartphones Grew 20 Percent in
Third Quarter of 2014.” Gartner, 2014.