2.2 Android application security threats
In the study of [5] – A study of Android Application Security, by William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri have used four approaches to evaluate the source codes of several Android applications in order to identify the security failures in the application [5]:
• Control flow analysis – consider the constraints on the sequence of actions in a program, where some of them are considered as errors. Ex: sending unprotected data through intents without specifying the target component, which results the information leakage.
• Data flow analysis – declarative specification of problematic data flows in the program. Ex: The Android user’s phone identifiers, such as phone number, IMEI number
…show more content…
It allows access to the low-level OS functionality and the OS protection. Also, some users may like to install the modified operating systems on their devices, which only possible with privileged access and it can introduce the high risk of malware infection.[2][6]
2.2 Android application security threats
In the study of [5] – A study of Android Application Security, by William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri have used four approaches to evaluate the source codes of several Android applications in order to identify the security failures in the application [5]:
Control flow analysis – consider the constraints on the sequence of actions in a program, where some of them are considered as errors. Ex: sending unprotected data through intents without specifying the target component, which results the information leakage.
Data flow analysis – declarative specification of problematic data flows in the program. Ex: The Android user’s phone identifiers, such as phone number, IMEI number (device id), IMSI (subscriber id), ICC-ID (SIM card serial number) should never leave the
The program will monitor the user input and will notify immediately of a wrong action (like a key stroke the is not valid for the particular input), will create an error file that contains the data set that contains the error to be analyzed and investigated, or the entire batch of data will be rejected, if the errors cannot be attributed to an specific record, for the user to locate issues and resubmit a corrected set.
2) A Survey of Mobile Malware in the Wild by Adrienne Porter Felt, Matthew Finifter, Erika Chin, Steven Hanna, and David Wagner, University of California, Berkeley
Jackson, F., and Pettit, P., 1990, 'Program Explanation: a general perspective', Analysis, vol. 50, pp. 107-117.
Unauthorised acts with intent to impair, or with recklessness as to impairing, operation of computer, etc.
Early fixing of errors not only helps save cost but also helps in mitigating the various risks associated with software development and it also helps in improving and monitoring quality of the system etc. It has been proven that the cost to identify and mitigate the errors in the early stages of development of a software will be hundred times less than the cost of removing an error in the software system that has been distributed among hundreds of
In this case study, I aim to present the recent issue about Cyber security, protecting client’s private data and information through the controversial Apple and
Sandboxing the app allows for removing certain privileges to be temporarily revoked. Thus sandboxing can provide effective malware protection in some cases. A hardware sandbox is further helpful in protection key hardware re...
Schultza, Eugene E, Proctorb, Robert W., Lienb, Mei-Ching, & Salvendy, Gavriel. (October, 2001). Computers & Security. Retrieved December 8, 2001 from http://www.sciencedirect.com/science%3f_ob=JournalURL&_cdi=5870&_version=1&_urlVersion=0&_userid=0&md5=7ad5f679d398b70e02e99cc968692dda
Due to the sensitive and confidential information that would exist on such devices, it is imperative that security solutions and processes are implemented in order to protect and secure such content from the proliferation of threats and vulnerabilities which can affect mobile devices (Juniper Networks, n.d.).
Our handheld devices become a mirror that we see our selves on it. We cannot stay two hours without using it. So, what do you have stored on your PDA or cell phone? Maybe some personal phone numbers and addresses? Business leads? Perhaps even a few PIN numbers and passwords? There's probably some pretty important information stored on them. Here's the next question: How would you feel if your phone was stolen or if your Pocket PC ended up in someone else's hands? Or what if a virus drained your cell's battery and suddenly you couldn't be reached? For this reason, handheld security has become a big concern to these devices are important in our everyday lives. [3].
Gralla, Preston. "Smartphone Apps: Is Your Privacy Protected?" Computerworld. N.p., 7 July 2011. Web. 22 Apr. 2014.
Conklin, W.A., White, G., & Williams, D. (2012). Principles of Computer Security: CompTIA Security+™ and Beyond (Exam SY0-301) (3rd ed.). Retrieved from The University of Phoenix eBook Collection database.
Android is an operating system which is used in smart phones. It is an open source software. That is the code is available under the apache license freely for moderation and distribution by device manufacturer. As we know android is the open source software so manufacture modifies it according to their needs and requirements of the user perspective. In 2007 first time android was intended and first time it was...
However, programmatic approach does not come without drawbacks. One of the assumptions of programmatic approach is
The most important part for smartphone is operation system and which gives the smartphone a “life”. The better operation system can make better features for smartphones. For example,