Security testing in Android networks : a practical case study

Android is a new generation of an open operating system directed at mobile devices that are carried every day. The openness of this architecture is leading to new applications and opportunities including a host of multimedia services, new interfaces and browsers, multitasking including support for wireless local, personal and wide area networking services. Security with mobility and wireless connectivity thus becomes even more important with all these exciting developments. Vital security issues such as leakage of private information, file stealing and spambots abound in networks in practice and Android networks continue to be subject to these same families of vulnerabilities. This paper provides a demonstration of such vulnerabilities in spite of the best efforts of designers and implementers. In particular it describes examples of data leakage and file stealing (address books, contact lists, SMS messages, pictures) as well as demonstrating how Android devices can create spambots. © 2013 IEEE.

Zero permission android applications - attacks and defenses

Google advertises the Android permission framework as one of the core security features present on its innovative and flexible mobile platform. The permissions are a means to control access to restricted AP/s and system resources. However, there are Android applications which do not request permissions at all.In this paper, we analyze the repercussions of installing an Android application that does not include any permission and the types of sensitive information that can be accessed by such an application. We found that even app/icaaons with no permissions are able to access sensitive information (such the device ID) and transmit it to third-parties.

Mobile phone app aimed at improving iron intake and bioavailability in premenopausal women: a qualitative evaluation

BACKGROUND: Low iron intake can lead to iron deficiency, which can result in impaired health and iron-deficiency anemia. A mobile phone app, combining successful dietary strategies to increase bioavailable iron with strategies for behavior change, such as goal setting, monitoring, feedback, and resources for knowledge acquisition, was developed with the aim to increase bioavailable iron intake in premenopausal women.

OBJECTIVE: To evaluate the content, usability, and acceptability of a mobile phone app designed to improve intake of bioavailable dietary iron.

METHODS: Women aged 18-50 years with an Android mobile phone were invited to participate. Over a 2-week period women were asked to interact with the app. Following this period, semistructured focus groups with participants were conducted. Focus groups were audio recorded and analyzed via an inductive open-coding method using the qualitative analysis software NVivo 10. Themes were identified and frequency of code occurrence was calculated.

RESULTS: Four focus groups (n=26) were conducted (age range 19-36 years, mean 24.7, SD 5.2). Two themes about the app's functionality were identified (frequency of occurrence in brackets): interface and design (134) and usability (86). Four themes about the app's components were identified: goal tracker (121), facts (78), photo diary (40), and games (46). A number of suggestions to improve the interface and design of the app were provided and will inform the ongoing development of the app.

CONCLUSIONS: This research indicates that participants are interested in iron and their health and are willing to use an app utilizing behavior change strategies to increase intake of bioavailable iron. The inclusion of information about the link between diet and health, monitoring and tracking of the achievement of dietary goals, and weekly reviews of goals were also seen as valuable components of the app and should be considered in mobile health apps aimed at adult women.

Taming transitive permission attack via bytecode rewriting on Android application

Google Android is popular for mobile devices in recent years. The openness and popularity of Android make it a primary target for malware. Even though Android's security mechanisms could defend most malware, its permission model is vulnerable to transitive permission attack, a type of privilege escalation attacks. Many approaches have been proposed to detect this attack by modifying the Android OS. However, the Android's fragmentation problem and requiring rooting Android device hinder those approaches large-scale adoption. In this paper, we present an instrumentation framework, called SEAPP, for Android applications (or “apps”) to detect the transitive permission attack on unmodified Android. SEAPP automatically rewrites an app without requiring its source codes and produces a security-harden app. At runtime, call-chains are built among these apps and detection process is executed before a privileged API is invoked. Our experimental results show that SEAPP could work on a large number of benign apps from the official Android market and malicious apps, with a repackaged success rate of over 99.8%. We also show that our framework effectively tracks call-chains among apps and detects known transitive permission attack with low overhead. Copyright © 2016 John Wiley & Sons, Ltd.

Analysis of malicious and benign Android applications

Since its establishment, the Android applications market has been infected by a proliferation of malicious applications. Recent studies show that rogue developers are injecting malware into legitimate market applications which are then installed on open source sites for consumer uptake. Often, applications are infected several times. In this paper, we investigate the behavior of malicious Android applications, we present a simple and effective way to safely execute and analyze them. As part of this analysis, we use the Android application sandbox Droidbox to generate behavioral graphs for each sample and these provide the basis of the development of patterns to aid in identifying it. As a result, we are able to determine if family names have been correctly assigned by current anti-virus vendors. Our results indicate that the traditional anti-virus mechanisms are not able to correctly identify malicious Android applications.

Detecting SMS-based control commands in a Botnet from infected android devices

An increasing number of Android devices are being infected and at risk of becoming part of a botnet. Among all types of botnets, control and cornmand based botnets are very popular. In this paper we introduce an effective and efficient method to ddect SMS-based control commands ftvm infected Android devices. Specifically, we rely on the important radio activities recorded in Android log files. These radio activities are currently overlooked by researchers. We show the effectiveness of our rnethod by using the examples frorn published literature. Our method requires much less user knowledge but is more generic than traditional approaches.