发布求助
文献互助 智能选刊 最新文献

Security and Privacy in Smartphones and Mobile Devices最新文献

筛选
英文 中文
Short paper: can your phone trust your friend selection? 短文:你的手机能信任你选择的朋友吗?
Security and Privacy in Smartphones and Mobile Devices Pub Date : 2011-10-17 DOI: 10.1145/2046614.2046627
Sebastian Trapp, Matthias Wählisch, J. Schiller
{"title":"Short paper: can your phone trust your friend selection?","authors":"Sebastian Trapp, Matthias Wählisch, J. Schiller","doi":"10.1145/2046614.2046627","DOIUrl":"https://doi.org/10.1145/2046614.2046627","url":null,"abstract":"In ad hoc communication, data packets are relayed over several hops before reaching their destination. Spontaneous communication requires that nodes trust each other as communication can be intentionally disturbed or privacy compromised by the intermediate nodes. Establishing this trust relationship within a MANET without access to a central authority poses a challenge. In this work, we discuss the problem of ad hoc trust assignment and present an approach that helps to establish trust relationships between smartphones forming a MANET. Inspired by sociological insights we argue that data inherently available at mobiles can be used to define the social relationship of two individuals. Based on a preliminary measurement-based analysis we show that this data can give an initial estimation of trust between two users and their mobiles.","PeriodicalId":213305,"journal":{"name":"Security and Privacy in Smartphones and Mobile Devices","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134094777","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Security implications of Android: a closed system, open software mobile platform Android的安全含义:一个封闭的系统,开放的软件移动平台
Security and Privacy in Smartphones and Mobile Devices Pub Date : 2011-10-17 DOI: 10.1145/2046614.2046630
Hassen Saïdi
{"title":"Security implications of Android: a closed system, open software mobile platform","authors":"Hassen Saïdi","doi":"10.1145/2046614.2046630","DOIUrl":"https://doi.org/10.1145/2046614.2046630","url":null,"abstract":"Smartphones blur the boundaries between the traditional feature phone and a general purpose computer such as a laptop. The Android OS, from Google, was created to be an open alternative to fully closed platforms such as Apple's iOS or Microsoft's Windows Phone OS. However, upon closer inspection, there are closed elements in the Android OS platform. First, there are closed portions to Google's Android code (e.g., manufacturer drivers). Second, users are closed off from accessing and modifying core elements of the OS such as the kernel and system daemons through both software and policy controls. These controls are enacted by Google, cellular carriers, and smartphone manufactures.\u0000 We aim to open a broad and inclusive debate about the issues of openness in the mobile environment. The goal of this panel is to discuss if a mobile platform can both be fully open and secure for all stakeholders involved. The panel will only discuss Android as it the most widely researched smartphone OS, with leading market share, and highly targeted by malware. We plan to discuss the gains, losses, and conflicts surrounding the Android's open, in source, yet closed, in the system, platform.","PeriodicalId":213305,"journal":{"name":"Security and Privacy in Smartphones and Mobile Devices","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130932711","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Crowdroid: behavior-based malware detection system for Android Crowdroid:基于行为的Android恶意软件检测系统
Security and Privacy in Smartphones and Mobile Devices Pub Date : 2011-10-17 DOI: 10.1145/2046614.2046619
Iker Burguera, Urko Zurutuza, S. Nadjm-Tehrani
{"title":"Crowdroid: behavior-based malware detection system for Android","authors":"Iker Burguera, Urko Zurutuza, S. Nadjm-Tehrani","doi":"10.1145/2046614.2046619","DOIUrl":"https://doi.org/10.1145/2046614.2046619","url":null,"abstract":"The sharp increase in the number of smartphones on the market, with the Android platform posed to becoming a market leader makes the need for malware analysis on this platform an urgent issue.\u0000 In this paper we capitalize on earlier approaches for dynamic analysis of application behavior as a means for detecting malware in the Android platform. The detector is embedded in a overall framework for collection of traces from an unlimited number of real users based on crowdsourcing. Our framework has been demonstrated by analyzing the data collected in the central server using two types of data sets: those from artificial malware created for test purposes, and those from real malware found in the wild. The method is shown to be an effective means of isolating the malware and alerting the users of a downloaded malware. This shows the potential for avoiding the spreading of a detected malware to a larger community.","PeriodicalId":213305,"journal":{"name":"Security and Privacy in Smartphones and Mobile Devices","volume":"218 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115519315","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1136
Location based power analysis to detect malicious code in smartphones 基于位置的功率分析,以检测智能手机中的恶意代码
Security and Privacy in Smartphones and Mobile Devices Pub Date : 2011-10-17 DOI: 10.1145/2046614.2046620
Bryan Dixon, Yifei Jiang, A. Jaiantilal, Shivakant Mishra
{"title":"Location based power analysis to detect malicious code in smartphones","authors":"Bryan Dixon, Yifei Jiang, A. Jaiantilal, Shivakant Mishra","doi":"10.1145/2046614.2046620","DOIUrl":"https://doi.org/10.1145/2046614.2046620","url":null,"abstract":"This paper proposes to exploit correlation between a user's location and power consumption pattern of his/her smartphone to detect the presence of malicious code in the smartphone. Based on the observation that user location plays an important role in phone usage, the hypothesis is that there is a strong correlation between smartphone power consumption pattern and location. To verify this hypothesis, a detailed study was conducted in which power consumption data from twenty smartphone users was collected over a period of three months. The paper presents this data and a preliminary analysis shows that there is potential for detecting the presence of malicious code in smartphone by detecting abnormalities in location-based power consumption.","PeriodicalId":213305,"journal":{"name":"Security and Privacy in Smartphones and Mobile Devices","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115650197","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 46
Short paper: a look at smartphone permission models 简要介绍一下智能手机许可模型
Security and Privacy in Smartphones and Mobile Devices Pub Date : 2011-10-17 DOI: 10.1145/2046614.2046626
K. Au, Yi Fan Zhou, Zhen Huang, Phillipa Gill, D. Lie
{"title":"Short paper: a look at smartphone permission models","authors":"K. Au, Yi Fan Zhou, Zhen Huang, Phillipa Gill, D. Lie","doi":"10.1145/2046614.2046626","DOIUrl":"https://doi.org/10.1145/2046614.2046626","url":null,"abstract":"Many smartphone operating systems implement strong sandboxing for 3rd party application software. As part of this sandboxing, they feature a permission system, which conveys to users what sensitive resources an application will access and allows users to grant or deny permission to access those resources. In this paper we survey the permission systems of several popular smartphone operating systems and taxonomize them by the amount of control they give users, the amount of information they convey to users and the level of interactivity they require from users. We discuss the problem of permission overdeclaration and devise a set of goals that security researchers should aim for, as well as propose directions through which we hope the research community can attain those goals.","PeriodicalId":213305,"journal":{"name":"Security and Privacy in Smartphones and Mobile Devices","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125618257","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 78
A survey of mobile malware in the wild 野外移动恶意软件调查
Security and Privacy in Smartphones and Mobile Devices Pub Date : 2011-10-17 DOI: 10.1145/2046614.2046618
A. Felt, Matthew Finifter, Erika Chin, Steve Hanna, D. Wagner
{"title":"A survey of mobile malware in the wild","authors":"A. Felt, Matthew Finifter, Erika Chin, Steve Hanna, D. Wagner","doi":"10.1145/2046614.2046618","DOIUrl":"https://doi.org/10.1145/2046614.2046618","url":null,"abstract":"Mobile malware is rapidly becoming a serious threat. In this paper, we survey the current state of mobile malware in the wild. We analyze the incentives behind 46 pieces of iOS, Android, and Symbian malware that spread in the wild from 2009 to 2011. We also use this data set to evaluate the effectiveness of techniques for preventing and identifying mobile malware. After observing that 4 pieces of malware use root exploits to mount sophisticated attacks on Android phones, we also examine the incentives that cause non-malicious smartphone tinkerers to publish root exploits and survey the availability of root exploits.","PeriodicalId":213305,"journal":{"name":"Security and Privacy in Smartphones and Mobile Devices","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133064079","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 859
Practical and lightweight domain isolation on Android 在Android上实用且轻量级的域隔离
Security and Privacy in Smartphones and Mobile Devices Pub Date : 2011-10-17 DOI: 10.1145/2046614.2046624
Sven Bugiel, Lucas Davi, A. Dmitrienko, Stephan Heuser, A. Sadeghi, Bhargava Shastry
{"title":"Practical and lightweight domain isolation on Android","authors":"Sven Bugiel, Lucas Davi, A. Dmitrienko, Stephan Heuser, A. Sadeghi, Bhargava Shastry","doi":"10.1145/2046614.2046624","DOIUrl":"https://doi.org/10.1145/2046614.2046624","url":null,"abstract":"In this paper, we introduce a security framework for practical and lightweight domain isolation on Android to mitigate unauthorized data access and communication among applications of different trust levels (e.g., private and corporate). We present the design and implementation of our framework, TrustDroid, which in contrast to existing solutions enables isolation at different layers of the Android software stack: (1) at the middleware layer to prevent inter-domain application communication and data access, (2) at the kernel layer to enforce mandatory access control on the file system and on Inter-Process Communication (IPC) channels, and (3) at the network layer to mediate network traffic. For instance, (3) allows network data to be only read by a particular domain, or enables basic context-based policies such as preventing Internet access by untrusted applications while an employee is connected to the company's network.\u0000 Our approach accurately addresses the demands of the business world, namely to isolate data and applications of different trust levels in a practical and lightweight way. Moreover, our solution is the first leveraging mandatory access control with TOMOYO Linux on a real Android device (Nexus One). Our evaluation demonstrates that TrustDroid only adds a negligible overhead, and in contrast to contemporary full virtualization, only minimally affects the battery's life-time.","PeriodicalId":213305,"journal":{"name":"Security and Privacy in Smartphones and Mobile Devices","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121915300","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 191
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信