学位论文详细信息
Security threats to Android apps
Mobile Security;Mobile Health;Information Leaks
He, Dongjing ; Gunter ; Carl A. ; Nahrstedt ; Klara
关键词: Mobile Security;    Mobile Health;    Information Leaks;   
Others  :  https://www.ideals.illinois.edu/bitstream/handle/2142/49659/Dongjing_He.pdf?sequence=1&isAllowed=y
美国|英语
来源: The Illinois Digital Environment for Access to Learning and Scholarship
PDF
【 摘 要 】

Smartphones have become ubiquitous and smartphone users are increasingly relying on the mobile applications (app for short) to store and handle private information. The fluidity of mobile apps and mobile app markets has complicated mobile app security. Many new threats emerged are either because of the deficiency of mobile app development or the design ambiguities of the Android operating system.In order to seek a better understanding of mobile app security, we present a systematic study on security threats to Android apps in two dimensions. First, we study Android apps from mobile health (mHealth for short) sector, in order to understand the prevalence of mobile app threats to that sector. In particular, we present a three-stage study of the mHealth apps to show that mHealth apps make widespread use of unsecured Internet communications and third party servers. Assuming that mobile apps are well protected by their developers, we ask a second question: are there any limitations in fundamental Android security design that can be used by malicious parties to disclose users' sensitive information? We study a newly discovered threat, side-channel information leaks on Android devices, in detail. Particularly, we discover an unexpected channel of information leaks from per-app data usage statistics and demonstrate that a malicious app can infer users' identity or investment information with zero-permission by monitoring the channel. To mitigate these threats, we propose defense strategies for both widespread threats on mHealth apps and the side-channel information leaks on Android devices.

【 预 览 】
附件列表
Files Size Format View
Security threats to Android apps 562KB PDF download
  文献评价指标  
  下载次数:23次 浏览次数:34次