An Investigation on android background services for controlling the unauthorized accesses using android LOG system

 
 
 
  • Abstract
  • Keywords
  • References
  • PDF
  • Abstract


    In the current world of technology, people are updating to smart devices day by day. Users often keep personal information on their smartphones, but it increases the threat to the privacy of their data. There are many applications which require the user data to provide specific services such as WhatsApp, Instagram, Paytm, PhonePe, etc., There are special permissions which can be misused by some applications, like READ_EXTERNAL_STORAGE, READ_SMS, SEND_SMS, WRITE_EXTERNAL_STORAGE, READ_CONTACTS, etc., Many applications take users data to their servers without the knowledge of user by running in the background. In this paper, it is shown that how an application runs in the background by running various services, and performs the background activities like notifications, displaying ads, etc., A proposed algorithm is described that how every activity of the background services can be monitored using Android Log and user can be alerted by showing which data is being accessed by the particular application.

     


  • Keywords


    Android Security, User Data Privacy, Background Activity, User Interface Attacks.

  • References


      [1] T. Luo, H. Hao, W. Du, Y. Wang, and H. Yin, "Attacks on WebView in the Android system," in 27th Annual Computer Security Applications Conference, ACSAC 2011, December 5, 2011 - December 9, 2011, Orlando, FL, United states, 2011, pp. 343-352.

      [2] JaapVermeij, “Alerting Users on Android: The Effect of an Alert During a GUI Confusion Attack”, University of Twente, P.O. Box 217, 7500AE Enschede, The Netherlands.

      [3] Bhavani A B, “Cross - site Scripting Attacks on Android WebView”, IJCSN International Journal of Computer Science and Network, Vol 2, Issue 2, April 2013, ISSN (Online) : 2277-5420.

      [4] Marco Pistoia, Omer Tripp, PaolinaCentonze, and Joseph W. Ligman, “Labyrinth: Visually Configurable Data-leakage Detection in Mobile Applications”, 2015 16th IEEE International Conference on Mobile Data Management.

      [5] WenruiDiao, Xiangyu Liu, Zhou Li, and Kehuan Zhang, “No Pardon for the Interruption: New Inference Attacks on Android Through Interrupt Timing Analysis”, Department of Information Engineering, The Chinese University of Hong Kong, 2016 IEEE Symposium on Security and Privacy.

      [6] Arun Sharma, and Harmeet Malhotra, “Vulnerable Android: A Study on UI Inference Attacks and Malware Attacks”, International Journal of All Research Education and Scientific Methods (IJARESM), ISSN: 2455-6211, Volume 3, Issue 4, April 2015

      [7] Marcus Niemietz, JörgSchwenk, “UI Redressing Attacks on Android Devices”, Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany.

      [8] EarlenceFernandes, Qi Alfred Chen, Justin Paupore, Georg Essl, J. Alex Halderman, Z. Morley Mao, and Atul Prakash, “Android UI Deception Revisited: Attacks and Defenses”, University of Michigan, Ann Arbor.

      [9] Robert Lipovský, Lukᚊtefanko, and Gabriel Braniša, “The Rise of Android Ransomware”, Report on Ransomware ESET Antivirus 2016.

      [10] William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri, “A Study of Android Application Security”, Systems and Internet Infrastructure Security Laboratory, Department of Computer Science and Engineering, The Pennsylvania State University.

      [11] Saranya .T, Shalini .A.P., and Kanchana .A, “Detection and Prevention for Malicious Attacks for Anonymous Apps”, International Journal of Innovative Research in Computer and Communication Engineering, Vol. 2, Issue 3, March 2014.

      [12] Poornima Mahesh, Ashwini Jayawant, and Geetanjali Kale, “International Journal of Advanced Research in Computer Science and Software Engineering”, ISSN: 2277 128X, Volume 5, Issue 3, March 2015.

      [13] Bahman Rashidi, and Carol Fung, “A Survey of Android Security Threats and Defenses”, Virginia Commonwealth University, Richmond, Virginia, USA, 2015.

      [14] Sanggeun Song, Bongjoon Kim, and Sangjun Lee, “The Effective Ransomware Prevention Technique Using Process Monitoring on Android Platform”, School of Computing, Soongsil University, Sangdo-ro, Dongjak-gu, Seoul 06978, Republic of Korea, Accepted 10 March 2016.

      [15] Qi Alfred Chen, Zhiyun Qian, and Z. Morley Mao, “Peeking into Your App without Actually Seeing it: UI State Inference and Novel Android Attacks”, 23rd USENIX Security Symposium 2014, ISBN 978-1-931971-15-7.


 

View

Download

Article ID: 11268
 
DOI: 10.14419/ijet.v7i2.6.11268




Copyright © 2012-2015 Science Publishing Corporation Inc. All rights reserved.