Counter Measuring Conceivable Security Threats on Smart Healthcare Devices

Smart devices, the carriers of a huge amount of private, sensitive and confidential data are pervasive in today’s world with innovative and enhanced functionalities. Smartphones have brought tremendous change in people’s lives with the launch of a new platform of communication and an ease of access to a wide range of applications. Due to the swift increase in the users of Android smartphones and the increasing demands based on advanced ease and features, developers are working hard to achieve the needful. Easy access to certain features and applications gave rise to the powerfulness and an efficacy of various threats, risks and vulnerabilities that can victimize users’ private data residing in smartphone paradigm. With the developments and enhancements in malware, for Android-based smartphones, attacks continue to occur. In this paper, we investigate one of the possibly most destructive attacks for Android, that is, screenshot attack. We have developed “ScreenStealer” application and explored the vulnerabilities which make Android more inclined to risks and threats. Furthermore, we evaluated capture ratio of screenshots, resources consumption and execution time to determine effectiveness, efficiency and stealthiness of such a malicious application.

[1]  Dong Xuan,et al.  DiffUser: Differentiated user access control on smartphones , 2009, 2009 IEEE 6th International Conference on Mobile Adhoc and Sensor Systems.

[2]  Dongho Won,et al.  A Practical Analysis of Smartphone Security , 2011, HCI.

[3]  Yajin Zhou,et al.  Taming Information-Stealing Smartphone Applications (on Android) , 2011, TRUST.

[4]  Ahmad-Reza Sadeghi,et al.  Practical and lightweight domain isolation on Android , 2011, SPSM '11.

[5]  Steve Hanna,et al.  A survey of mobile malware in the wild , 2011, SPSM '11.

[6]  David A. Wagner,et al.  Android permissions: user attention, comprehension, and behavior , 2012, SOUPS.

[7]  Gianluca Dini,et al.  A Multi-criteria-Based Evaluation of Android Applications , 2012, INTRUST.

[8]  Lorrie Faith Cranor,et al.  A Conundrum of Permissions: Installing Applications on an Android Smartphone , 2012, Financial Cryptography Workshops.

[9]  Shubhankar Mukherjee,et al.  Android Application Development & Its Security , 2012 .

[10]  Vyas Sekar,et al.  Measuring user confidence in smartphone security and privacy , 2012, SOUPS.

[11]  Daniele Sgandurra,et al.  A Survey on Security for Mobile Devices , 2013, IEEE Communications Surveys & Tutorials.

[12]  Dimitris Gritzalis,et al.  A Qualitative Metrics Vector for the Awareness of Smartphone Security Users , 2013, TrustBus.

[13]  Josep Jorba,et al.  Remote Control of Mobile Devices in Android Platform , 2013, ArXiv.

[14]  Stephen Smalley,et al.  Security Enhanced (SE) Android: Bringing Flexible MAC to Android , 2013, NDSS.

[15]  Ge Yu,et al.  Coordinated attack research between Android applications and solutions , 2014, 2014 IEEE 5th International Conference on Software Engineering and Service Science.

[16]  Fan Wu,et al.  An Overview of Mobile Malware and Solutions , 2014 .

[17]  Hongyang Li,et al.  Screenmilker: How to Milk Your Android Screen for Secrets , 2014, NDSS.

[18]  Carol J. Fung,et al.  A Survey of Android Security Threats and Defenses , 2015, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[19]  Munam Ali Shah,et al.  ScreenStealer: Addressing Screenshot attacks on Android devices , 2016, 2016 22nd International Conference on Automation and Computing (ICAC).