International Journal of Computer Science & Network Security

국제컴퓨터통신보호논문지학회 (International Journal of Computer Science & Network Security)
권호 표지
DOI QR코드

DOI QR Code

Palliates the Attack by Hacker of Android Application through UID and Antimalware Cloud Computing

  • Zamani, Abu Sarwar (Department of Computer and Self Development, Preparatory Year Deanship, Prince Sattam bin Abdulaziz University) ;
  • Ahmad, Sultan (Department of Computer Science, College of Computer Engineering and Sciences, Prince Sattam Bin Abdulaziz University) ;
  • Uddin, Mohammed Yousuf (Department of Information Systems, College of Computer Engineering and Sciences, Prince Sattam Bin Abdulaziz University) ;
  • Ansari, Asrar Ahmad (E-Learning Consultant Medical Education Department, College of Medicine, King Saud University) ;
  • Akhtar, Shagufta (Dept. of Computer Science, Institute of Science & Information Technology)
  • 투고 : 2021.08.05
  • 발행 : 2021.08.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

The market for smart phones has been booming in the past few years. There are now over 400,000 applications on the Android market. Over 10 billion Android applications have been downloaded from the Android market. Due to the Android popularity, there are now a large number of malicious vendors targeting the platform. Many honest end users are being successfully hacked on a regular basis. In this work, a cloud based reputation security model has been proposed as a solution which greatly mitigates the malicious attacks targeting the Android market. Our security solution takes advantage of the fact that each application in the android platform is assigned a unique user id (UID). Our solution stores the reputation of Android applications in an anti-malware providers' cloud (AM Cloud). The experimental results witness that the proposed model could well identify the reputation index of a given application and hence its potential of being risky or not.

키워드

과제정보

The authors would like to thank the Deanship of Scientific Research at Prince Sattam Bin Abdulaziz University, Alkharj, Saudi Arabia for the assistance.

참고문헌

  1. A. Shabtai, Y. Fledel, U. Kanonov, Y. Elovici, S. Dolev, and C. Glezer. Google Android: A Comprehensive Security Assessment. In IEEE Security & Privacy, Volume 8, Issue 2, pp. 35-44, March-April 2010. https://doi.org/10.1109/MSP.2010.2
  2. T. Blasing, L. Batyuk, A.-D. Schmidt, S.A. Camtepe and S. Albayrak. An Android Application Sandbox system for suspicious software detection. In Proceedings of 5th International Conference on Malicious and Unwanted Software (MALWARE 2010), Nancy, France, Oct. 19-20, 2010.
  3. M. Ongtang, S. McLaughlin, W. Enck, and P. McDaniel. Semantically Rich Application-Centric Security in Android. In Proceedings of the Annual Computer Security Applications Conference (ACSAC '09), Austin, TX, USA, December 6-10, 2009.
  4. W. Shin, S. Kiyomoto, K. Fukushima, and T. Tanaka. Towards Formal Analysis of the Permission-Based Security Model for Android. In Proceedings of Fifth International Conference on Wireless and Mobile Communications (ICWMC '09), Cannes/La Boca, France, August 23-29, 2009.
  5. P. Teufl, C. Orthacker, S. Kraxberger, G. Lackner, M. Gissing, A. Marsalek, J. Leibetseder and O. Prevenhueber. Android Market Analysis with Activation Patterns, In Proceedings of 3rd International ICST Conference on Security and Privacy in Mobile Information and Communication Systems (MOBISEC 2011), Aalborg, Denmark, May 17-19, 2011.
  6. C. Orthacker, P. Teufl, S. Kraxberger, G. Lackner, M. Gissing, A. Marsalek, J. Leibetseder, and O. Prevenhueber. Android Security Permissions - Can we trust them? In Proceedings of 3rd International ICST Conference on Security and Privacy in Mobile Information and Communication Systems (MOBISEC 2011), Aalborg, Denmark, May 17-19, 2011.
  7. J. Burns. Developing Secure Mobile Applications for Android-An Introduction to Making Secure Android Applications, http://www.isecpartners.com/files/iSEC_Securing_Android_Apps.pdf, Accessed on May 8, 2012.
  8. E. Chin, A. Porter Feltm, K. Greenwood, and D. Wagner. Analysing the Inter-application Communication in Android, University of California, Berkeley, Berkeley, CA, USA.
  9. T. Vidas, D. Votipka, and N. Christin. All Your Droid Are Belong To Us: A Survey of Current Android Attacks, INI/CyLab, Carnegie Mellon University.
  10. Android Market, http://www.android.com/market, Accessed on May 13, 2012.
  11. Android permissions, http://android.git.kernel.org/?p=platform/frameworks/base.git;a=blob;f=core/res/AndroidManifest.xml. Accessed on May 13, 2012.
  12. A. Shabtai, Y. Fledel, and Y. Elovici. Securing Android-powered mobile devices using SE Linux. In IEEE Security & Privacy, Volume 8, Issue 3, pp. 36-44, May-June 2010.
  13. I. Burguera, U. Zurutuza, and S. Nadjm-Tehrani Crow droid. Behaviour-Based Malware Detection System for Android. In Proceedings of the Workshop on Security and Privacy in Smartphone's and Mobile Devices (SPSM'11), Chicago, IL, USA, October 17, 2011.
  14. L. Yihe. An Information Security Model Based on Reputation and Integrality of P2P Network. In Proceedings of 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing, Wuhan, Hubei, China, April 25-26, 2009.
  15. L. Qi. Network Security Analysis Based on Reputation Evaluation. In Proceedings of 2011 International Conference on Information Technology, Computer Engineering and Management Sciences (ICM 2011), Nanjing, China, September 24-25, 2011.
  16. http://developer.android.com/reference/android/content/Context.html
  17. http://developer.android.com/reference/android/content/Context.html
  18. Lucas Jordan, Pieter Greyling, "Practical Android Projects" Apress, 2011.
  19. H. Bing. Analysis and Research of Systems Security Based on Android, In Proceedings of 2012 Fifth International Conference on Intelligent Computation Technology and Automation (ICICTA), Zhangjiajie, Hunan, and January 12-14, 2012.
  20. B. Berger, M. Bunke, and K. Sohr, An Android Security Case Study with Bauhaus, in the proceedings of 2011 18th Working Conference on Reverse Engineering (WCRE), Limerick, October 17-20.