Abstract
Applications and services based on the Internet of Things (IoT) are increasingly vulnerable to disruption from attack or information theft. Developers and researchers attempt to prevent the growth of such disruption models, mitigate and limit their impact. Meeting these challenges requires understanding the characteristics of things and the technologies that empower the IoT since traditional protection mechanisms are not enough. Moreover, as the growth in mobile device market is pushing the deployment of the IoT, tools and mechanisms to evaluate, analyze and detect security threats in these devices are strongly required. In this context, this paper presents a web tool, named GARMDROID, aimed to help IoT software developers and integrators to evaluate IoT security threats based on the visualization of Android application hardware requests. This procedure is based on the static analysis of permissions requested by Android applications.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Roman, R., Najera, P., Lopez, J.: Securing the Internet of Things. IEEE Computer 44(9), 51–58 (2011)
Childs, D., Gilliland, A., Gorenc, B., Goudey, H., Gunn, A., Hoole, A., Lancaster, J., Muthurajan, S., Wook, Oh, J., Tsipenyuk O’Neil, Y., Park, J., Petrovsky, O., Sechman, J., Shah, N., Sotack, T., Svajcer, V.: The HPE Cyber Risk Report 2015. HP (2015)
Gartner: Gartner Says Worldwide Smartphone Sales Recorded Slowest Growth Rate Since 2013, 6 January 2016. http://www.gartner.com/newsroom/id/3115517
Wikipedia: Garmr. 15 November 2015. https://en.wikipedia.org/wiki/Garmr
Milette, G., Stroud, A.: Professional Android Sensor Programming. Wiley, Indianapolis (2012)
Android developers: uses-features, 10 December 2015. http://developer.android.com/intl/es/guide/topics/manifest/uses-feature-element.html
Embarcadero: Internet of Things Solutions, 2 January 2016. https://www.embarcadero.com/solutions/internet-of-things
Phifer, L.: Top 10 Android Security Risks, 14 May 2015. http://www.esecurityplanet.com/views/article.php/3928646/Top-10-Android-Security-Risks.htm
Kendall, K.: Practical Malware Analysis, 07 May 2015. https://www.blackhat.com/presentations/bh-dc-07/Kendall_McMillan/Paper/bh-dc-07-Kendall_McMillan-WP.pdf
Childs, D., Gilliland, A., Gorenc, B., Goudey, H., Gunn, A., Hoole, A., Lancaster, J.: Cyber Risk Report 2015 Hewlett-Packard. Technical report, HP Security Research (2015)
Afonso, V., de Amorim, M., Grgio, A.R.A., Junquera, G., de Geus, P.: Identifying Android malware using dynamically obtained features. J. Comput. Virology Hacking Tech. 11, 9–17 (2015)
Moser, A., Kruegel, C., Kirda, E.: Limits of static analysis for malware detection. In: Computer Security Applications Conference 2007, ACSAC 2007, pp. 421–430 (2007)
VirusTotal, 05 December 2015. https://www.virustotal.com/es-mx/
Acknowledgments
This material is based on work supported by the Mexican National Council of Science and Technology (CONACYT) under grant 216747. Also the authors acknowledge support from IPN under grant SIP-20161697.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Rodríguez-Mota, A., Escamilla-Ambrosio, P.J., Happa, J., Aguirre-Anaya, E. (2017). GARMDROID: IoT Potential Security Threats Analysis Through the Inference of Android Applications Hardware Features Requirements. In: Sucar, E., Mayora, O., Munoz de Cote, E. (eds) Applications for Future Internet. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 179. Springer, Cham. https://doi.org/10.1007/978-3-319-49622-1_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-49622-1_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49621-4
Online ISBN: 978-3-319-49622-1
eBook Packages: Computer ScienceComputer Science (R0)