Advertisement

Enhancing Security of Android-Based Smart Devices: Preventive Approach

  • Nisha Shah
  • Nilesh ModiEmail author
Conference paper
Part of the Smart Innovation, Systems and Technologies book series (SIST, volume 106)

Abstract

In the current era of smart devices, mobile phones are rapidly emerged and increasingly being used as primary computing, communication device with sensing capabilities and running more performance-intensive task. Secure and healthy working environment of this smarty is required to be maintained. Though sufficient peripheral protection mechanisms are described, authentication and access control are not alone sufficient to provide integral protection against intrusions. This raises the need for smart analysis techniques, particularly in application code, to materialize. There are many security detective and preventive solutions available in market, but still, this research field is immature. Majority of solutions provided in the area of smartphone handles specific issue for particular device and environment. As prevention is better than detection and cure, intended to work in the said direction, we define a framework aimed to help, identify and warn users for the resources going to acquire by the applications downloaded to install on smart devices and the risk behind resource acquisition/access. That way, it will try to intimate the users for the resources going to acquire in future, at runtime by application processes directly or indirectly, can uncover the malicious intention of resource access hidden in the application. Having this in mind, our solution will establish a strong footstep in device security in the form of preventive notification of alarm. For the same, we focused on Android-based smart devices looking to the popularity, availability, and download statistics of Android app, also due to the open Android’s philosophy, benign, or malignant applications can be published easily with limited controls; Android is having very high risk against security.

Keywords

Access permission Intrusion Malware Device security Dynamic analysis Security risk 

References

  1. 1.
  2. 2.
  3. 3.
  4. 4.
    Houmansadr, A., Zonouz, S.A., Berthier, R.: A cloud-based intrusion detection and response system for mobile phones. In: 2011 IEEE/IFIP 41st International Conference on IEEE Dependable Systems and Networks Workshops (DSN-W) (2011)Google Scholar
  5. 5.
    Zonouz, S, et al.: Secloud: a cloud-based comprehensive and lightweight security solution for smartphones. Comput. Secur. 37, 215–227 (2013)Google Scholar
  6. 6.
    Xie, L., et al.: pBMDS: a behavior-based malware detection system for cell phone devices. In: Proceedings of the Third ACM Conference on Wireless Network Security. ACM (2010)Google Scholar
  7. 7.
    Dini, G., et al.: MADAM: a multi-level anomaly detector for android malware. In: MMM-ACNS, vol. 12 (2012)Google Scholar
  8. 8.
    Shabtai, A., et al.: Andromaly: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38(1), 161–190 (2012)Google Scholar
  9. 9.
    Wang, Y., Streff, K., Raman, S.: Smartphone security challenges. Computer 45(12), 0052–0058 (2012)CrossRefGoogle Scholar
  10. 10.
    La Polla, M., Martinelli, F., Sgandurra, D.: A survey on security for mobile devices. Commun. Surv. Tutor. IEEE 15(1), 446–471 (2013)Google Scholar
  11. 11.
    Suarez-Tangil, G., et al.: Evolution, detection and analysis of malware for smart devices. IEEE Commun. Surv. Tutor. 16(2), 961–987 (2014)Google Scholar
  12. 12.
    Faruki, P., et al.: Android security: a survey of issues, malware penetration, and defenses. IEEE Commun. Surv. Tutor. 17(2), 998–1022 (2015)Google Scholar
  13. 13.
    Schlegel, R., et al.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. In: NDSS, vol. 11 (2011)Google Scholar
  14. 14.
    Suarez-Tangil, G., et al.: Thwarting obfuscated malware via differential fault analysis. IEEE Comput. 47(6), 24–31 (2014)Google Scholar
  15. 15.
    Jain, A.: Android security: permission based attacks. In: 2016 3rd International Conference on IEEE Computing for Sustainable Global Development (INDIACom) (2016)Google Scholar
  16. 16.
    Rastogi, V., Chen, Y., Enck, W.: AppsPlayground: automatic security analysis of smartphone applications. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy. ACM (2013)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.A.P. SVIT-VASADGujarat Technological UniversityAhmedabadIndia
  2. 2.Dr. Baba Saheb Ambedkar Open UniversityAhmedabadIndia

Personalised recommendations