论文信息 - Android privacy

Android privacy

Due to technological progress, today's mobile phones have evolved into technically and functionally sophisticated smartphones which have more in common with computers than with the conventional phones. As a result of their popularity and functionality, smartphones are a burgeoning target for malicious activities In Android privacy; we undertake two aspects such as user and developer. For users, a known fact in Android mobile, any app can be downloaded from Android Market without accessing a significant quantity of personal data which is different in App Store. For app developers, the App Store's method acquires developed app need to be signed using a private encryption key. Furthermore, several privacy related data such as personal information, IMEI, and location which are leaks already existing in Android Smartphone for a while. In this paper, we explain what kind of data is at risk and how to acquire them programmatically without the user's permission. We will focus on how to obtain the data illicitly which are of Android privacy concerns and the categorization of these Android privacy issues. For example, mobile number, email accounts, keyboard cache entries, browser searches and the most recent location are sensitive data attractive to the attackers. This paper also shows how we use the Android API to perform our Spyware to obtain the sensitive information. Some attack scenarios and recommendations are also presented.

Albert B. Jeng | Hahn-Ming Lee | Te-En Wei | Chin-Wei Tien | Chih-How Chen

[1] Byung-Gon Chun,et al. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[2] Fissha Seyoum Teshome. Spying Software Development in Google Android , 2011 .

[3] Seungyeop Han,et al. Privacy Revelations for Web and Mobile Apps , 2011, HotOS.

[4] Stian Pedersen,et al. Privacy services for mobile devices , 2011 .

[5] Steve Hanna,et al. A survey of mobile malware in the wild , 2011, SPSM '11.

[6] Charlie Miller,et al. Mobile Attacks and Defense , 2011, IEEE Security & Privacy.

[7] Patrick D. McDaniel,et al. Understanding Android Security , 2009, IEEE Security & Privacy Magazine.

[8] Aubrey-Derrick Schmidt,et al. Detection of Smartphone Malware , 2011 .

[9] Swarat Chaudhuri,et al. A Study of Android Application Security , 2011, USENIX Security Symposium.