scholarly journals The Dangers of Rooting: Data Leakage Detection in Android Applications

2018 ◽  
Vol 2018 ◽  
pp. 1-9 ◽  
Author(s):  
Luca Casati ◽  
Andrea Visconti
Keyword(s):  
Mobile Devices ◽  
Sensitive Information ◽  
Leakage Detection ◽  
Improve Performance ◽  
Security Issues ◽  
Man In The Middle ◽  
The World ◽  
Unrestricted Access ◽  
User Access ◽  
Android Applications

Mobile devices are widely spread all over the world, and Android is the most popular operative system in use. According to Kaspersky Lab’s threat statistic (June 2017), many users are tempted to root their mobile devices to get an unrestricted access to the file system, to install different versions of the operating system, to improve performance, and so on. The result is that unintended data leakage flaws may exist. In this paper, we (i) analyze the security issues of several applications considered relevant in terms of handling user sensitive information, for example, financial, social, and communication applications, showing that 51.6% of the tested applications suffer at least of an issue and (ii) show how an attacker might retrieve a user access token stored inside the device thus exposing users to a possible identity violation. Notice that such a token, and a number of other sensitive information, can be stolen by malicious users through a man-in-the-middle (MITM) attack.

scholarly journals Survey on Reverse-Engineering Tools for Android Mobile Devices

2022 ◽  
Vol 2022 ◽  
pp. 1-7
Author(s):  
Ashwag Albakri ◽  
Huda Fatima ◽  
Maram Mohammed ◽  
Aisha Ahmed ◽  
Aisha Ali ◽  
...  
Keyword(s):  
Reverse Engineering ◽  
Mobile Devices ◽  
Mobile Applications ◽  
Information Leakage ◽  
Sensitive Information ◽  
Security Threats ◽  
Application Security ◽  
Security Issues ◽  
Frequent Use ◽  
User Data

With the presence of the Internet and the frequent use of mobile devices to send several transactions that involve personal and sensitive information, it becomes of great importance to consider the security aspects of mobile devices. And with the increasing use of mobile applications that are utilized for several purposes such as healthcare or banking, those applications have become an easy and attractive target for attackers who want to get access to mobile devices and obtain users’ sensitive information. Developing a secure application is very important; otherwise, attackers can easily exploit vulnerabilities in mobile applications which lead to serious security issues such as information leakage or injecting applications with malicious programs to access user data. In this paper, we survey the literature on application security on mobile devices, specifically mobile devices running on the Android platform, and exhibit security threats in the Android system. In addition, we study many reverse-engineering tools that are utilized to exploit vulnerabilities in applications. We demonstrate several reverse-engineering tools in terms of methodology, security holes that can be exploited, and how to use these tools to help in developing more secure applications.

Security issues in Mobile Computing

2018 ◽  
Vol 8 (4) ◽  
pp. 13
Author(s):  
Kartik Khurana ◽  
Harpreet Kaur ◽  
Ritu Chauhan ◽  
Shalu Chauhan ◽  
Shaveta Bhatia ◽  
...  
Keyword(s):  
Mobile Computing ◽  
Mobile Devices ◽  
Mobile Communication ◽  
Internet Access ◽  
Mobile Security ◽  
Security Issue ◽  
Security Issues

Now a day’s mobile communication has become a serious business tool for the users. Mobile devices are mainly used for the applications like banking, e-commerce, internet access, entertainment, etc. for communication. This has become common for the user to exchange and transfer the data. However people are still facing problems to use mobile devices because of its security issue. This paper deals with various security issues in mobile computing. It also covers all the basic points which are useful in mobile security issues such as categorisation of security issues, methods or tactics for success in security issues in mobile computing, security frameworks.

Aplikasi Kuartu Berbasis Android Sebagai Media Pertukaran Informasi Kartu Nama

2017 ◽  
Vol 9 (1) ◽  
pp. 25-32
Author(s):  
Nandi Syukri ◽  
Eko Budi Setiawan
Keyword(s):  
Mobile Devices ◽  
Information Exchange ◽  
Smart Phone ◽  
Black Box ◽  
Qr Code ◽  
Business Card ◽  
Large Numbers ◽  
The World ◽  
The Face ◽  
Index Terms

Business Card is the most efficient, effective and appropriate tool for every business men no matter they are owners, employees, more over marketers to provide information about their businesses. Unfortunately, it is very difficult to bring and manage business card in large numbers also to remember the face of the business card owner. A Business Card application need to be built to solve all those issues mentioned above. The Application or software must be run in media which can be accessed anywhere and anytime such as smart phone. Kuartu is as business card application run in mobile devices. Kuartu is developed using object base modeling for mobile sub system. The platform of the mobile sub system is android, as it is the most widely used platform in the world. The Kuartu application utilizing NFC and QR Code technology to support the business card information exchange and the Chatting feature for communication. Based on the experiment and test using black box methodology, it can be concluded that Kuartu application makes business card owner to communicate each other easily, business card always carried, easy to manage the cards and information of the business card owner can be easily obtained. Index Terms— Business Card, Android, Kuartu, NFC, QrCode, Chatting.

THE ISSUES OF NATIONAL SECURITY AND NUCLEAR DISARMAMENT IN THE WORK OF THE WORLD RUSSIAN PEOPLE'S COUNCIL IN THE 1990-S.

2020 ◽  
Vol 9 (3) ◽  
pp. 111-119
Author(s):  
Yu.Yu. IERUSALIMSKY ◽  
◽  
A.B. RUDAKOV ◽  
Keyword(s):  
National Security ◽  
Armed Forces ◽  
Nuclear Disarmament ◽  
Russian Orthodox Church ◽  
Security Issues ◽  
New Concepts ◽  
The Social ◽  
The World ◽  
Nuclear Component ◽  
The One

The article is devoted to the study of such an important aspect of the activities of the World Russian People's Council (until 1995 it was called the World Russian Council) in the 90-s of the 20-th century as a discussion of national security issues and nuclear disarmament. At that time, a number of political and public figures actively called for the nuclear disarmament of Russia. Founded in 1993, the World Russian Council called for the Russian Federation to maintain a reasonable balance between reducing the arms race and fighting for the resumption of detente in international relations, on the one hand, and maintaining a powerful nuclear component of the armed forces of the country, on the other. The resolutions of the World Russian Council and the World Russian People's Council on the problems of the new concepts formation of foreign policy and national security of Russia in the context of NATO's eastward movement are analyzed in the article. It also shows the relationship between the provisions of the WRNS on security and nuclear weapons issues with Chapter VIII of the «Fundamentals of the Social Concept of the Russian Orthodox Church».

Historical Foundations, Strategic Visions, and World Order

2018 ◽  
Author(s):  
Paul J. Bolt ◽  
Sharyl N. Cross
Keyword(s):  
World Order ◽  
International Order ◽  
Power Relationships ◽  
State Behavior ◽  
Political Situation ◽  
Security Issues ◽  
The World ◽  
History Of ◽  
The Relationship

Chapter 1 explores perspectives on world order, including power relationships and the rules that shape state behavior and perceptions of legitimacy. After outlining a brief history of the relationship between Russia and China that ranged from cooperation to military clashes, the chapter details Chinese and Russian perspectives on the contemporary international order as shaped by their histories and current political situation. Chinese and Russian views largely coincide on security issues, the desirability of a more multipolar order, and institutions that would enhance their standing in the world. While the Chinese–Russian partnership has accelerated considerably, particularly since the crisis in Ukraine in 2014, there are still some areas of competition that limit the extent of the relationship.

scholarly journals Building Standardized and Secure Mobile Health Services Based on Social Media

Electronics ◽  
2020 ◽  
Vol 9 (12) ◽  
pp. 2208
Author(s):  
Jesús D. Trigo ◽  
Óscar J. Rubio ◽  
Miguel Martínez-Espronceda ◽  
Álvaro Alesanco ◽  
José García ◽  
...  
Keyword(s):  
Social Media ◽  
Mobile Devices ◽  
Mobile Health ◽  
Healthcare Services ◽  
Small Scale ◽  
Proof Of Concept ◽  
Privacy And Security ◽  
Health Level 7 ◽  
Information Embedding ◽  
Android Applications

Mobile devices and social media have been used to create empowering healthcare services. However, privacy and security concerns remain. Furthermore, the integration of interoperability biomedical standards is a strategic feature. Thus, the objective of this paper is to build enhanced healthcare services by merging all these components. Methodologically, the current mobile health telemonitoring architectures and their limitations are described, leading to the identification of new potentialities for a novel architecture. As a result, a standardized, secure/private, social-media-based mobile health architecture has been proposed and discussed. Additionally, a technical proof-of-concept (two Android applications) has been developed by selecting a social media (Twitter), a security envelope (open Pretty Good Privacy (openPGP)), a standard (Health Level 7 (HL7)) and an information-embedding algorithm (modifying the transparency channel, with two versions). The tests performed included a small-scale and a boundary scenario. For the former, two sizes of images were tested; for the latter, the two versions of the embedding algorithm were tested. The results show that the system is fast enough (less than 1 s) for most mHealth telemonitoring services. The architecture provides users with friendly (images shared via social media), straightforward (fast and inexpensive), secure/private and interoperable mHealth services.

scholarly journals Detecting Colluding Inter-App Communication in Mobile Environment

2020 ◽  
Vol 10 (23) ◽  
pp. 8351
Author(s):  
Rosangela Casolare ◽  
Fabio Martinelli ◽  
Francesco Mercaldo ◽  
Antonella Santone
Keyword(s):  
Model Checking ◽  
Mobile Devices ◽  
Private Information ◽  
End Users ◽  
Home Automation ◽  
Mobile Environment ◽  
Data Support ◽  
Bank Transfer ◽  
Android Applications

The increase in computing capabilities of mobile devices has, in the last few years, made possible a plethora of complex operations performed from smartphones and tablets end users, for instance, from a bank transfer to the full management of home automation. Clearly, in this context, the detection of malicious applications is a critical and challenging task, especially considering that the user is often totally unaware of the behavior of the applications installed on their device. In this paper, we propose a method to detect inter-app communication i.e., a colluding communication between different applications with data support to silently exfiltrate sensitive and private information. We based the proposed method on model checking, by representing Android applications in terms of automata and by proposing a set of logic properties to reduce the number of comparisons and a set of logic properties automatically generated for detecting colluding applications. We evaluated the proposed method on a set of 1092 Android applications, including different colluding attacks, by obtaining an accuracy of 1, showing the effectiveness of the proposed method.

Text Writing Using Air Gestures for People With Limited Hand Motor Skills

2020 ◽  
Author(s):  
Michele Ermidoro ◽  
Andrea Vitali ◽  
Fabio Previdi ◽  
Caterina Rizzi
Keyword(s):  
Mobile Devices ◽  
Motor Skills ◽  
Specific Interaction ◽  
Research Work ◽  
Interaction Style ◽  
The World ◽  
Software Modules ◽  
Ict Tools ◽  
Brain Stroke ◽  
Text Writing

Abstract Mobile devices and laptops are the main ICT tools to exchange information among people in the world. All the applications are designed by following a specific interaction style based either touchscreen or mouse and keyboard, which can be performed only with detailed movements of hands and fingers. Traditional interaction becomes difficult for elderly who have diseases limiting the hand motor skills, such as arthritis and brain stroke. The use of simple air gestures can be adopted as alternative interaction style to interact with smartphones, tablets and laptops. The aim of this research work is the development of an application that allows text writing using air gestures for people with limited hand motor skills. The application embeds several computer vision algorithms and convolutional neural networks software modules to detect and drawn alphanumeric characters and recognizing them using both mobile devices and laptops. The preliminary results obtained show that the approach is robust, and it can easily detect the alphanumeric characters written with the movement of the wrist.

scholarly journals A Secure Ciphertext Retrieval Scheme against Insider KGAs for Mobile Devices in Cloud Storage

2018 ◽  
Vol 2018 ◽  
pp. 1-7 ◽  
Author(s):  
Run Xie ◽  
Chanlian He ◽  
Dongqing Xie ◽  
Chongzhi Gao ◽  
Xiaojun Zhang
Keyword(s):  
Cloud Computing ◽  
Mobile Devices ◽  
Data Privacy ◽  
Security Analysis ◽  
Data Retrieval ◽  
Sensitive Data ◽  
Encrypted Data ◽  
Security Issues ◽  
Efficiency Comparison ◽  
Cloud Servers

With the advent of cloud computing, data privacy has become one of critical security issues and attracted much attention as more and more mobile devices are relying on the services in cloud. To protect data privacy, users usually encrypt their sensitive data before uploading to cloud servers, which renders the data utilization to be difficult. The ciphertext retrieval is able to realize utilization over encrypted data and searchable public key encryption is an effective way in the construction of encrypted data retrieval. However, the previous related works have not paid much attention to the design of ciphertext retrieval schemes that are secure against inside keyword-guessing attacks (KGAs). In this paper, we first construct a new architecture to resist inside KGAs. Moreover we present an efficient ciphertext retrieval instance with a designated tester (dCRKS) based on the architecture. This instance is secure under the inside KGAs. Finally, security analysis and efficiency comparison show that the proposal is effective for the retrieval of encrypted data in cloud computing.

scholarly journals POSITIONS OF STATES OF THE ASIA-PACIFIC REGION REGARDING THE ADOPTION OF RESOLUTIONS ON INTERNATIONAL INFORMATION SECURITY ISSUES WITHIN THE FRAMES OF THE UN

2019 ◽  
pp. 13-26
Author(s):  
Mykola Ryzhkov ◽  
Anastasiia Siabro
Keyword(s):  
Information Security ◽  
International Development ◽  
Information Technologies ◽  
Large Scale ◽  
New Technologies ◽  
Technological Development ◽  
Security System ◽  
Asia Pacific ◽  
Security Issues ◽  
The World

Achievements in the sphere of automatization and telecommunication are an essential component of transformation of the international peace and security system. This article presents, that consequences of changes are of a dual character. On the one hand, new technologies are becoming an important component of society modernization strategies in developing countries, on the other hand, they can be used for armament modernization or creation of new means of confrontation in modern international relations. APR countries face the most relevant issue of information technologies usage. The article deals with the process of discussion of new challenges and threats to international security, emerging as a result of development and large-scale implementation of information-communication technologies. Positions of states regarding the adoption of resolution in the sphere of international information security were studied through examples of Japan, India, and China. It is proved in the article, that information technologies have become an important component of the security system in the world. Technologies usage may lead to steady international development as well as to information arms race. That is why working out a common position on international information security issues is of crucial importance. It is within the framework of the UN, that different states of the world are given an opportunity to express their visions of the problem of international information security and work out common approaches to its solution. The article shows, that states’ positions have similar as well as different features. For instance, all states express concern regarding possible limitation of technology transfer for the establishment of a more controlled international political environment. But states’ positions have major differences as to mechanisms of information security provision. Thus, Japan and India strive to achieve a balanced system of international information security, which should at the same time have preventive mechanisms against the emergence of threats in the information and science and technology spheres and guarantee continuation of scientific-technological development, which is a crucial component of development and modernization strategies in many countries of the world. China came forward with position of strong regulation of international information security issues and suggested framing of corresponding regulations of the states’ conduct in the cyberspace.

Sign in / Sign up

Export Citation Format

Share Document