移动应用程序串通及其网络安全影响

2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud) Pub Date : 2016-06-25 DOI:10.1109/CSCloud.2016.9

A. Arabo

{"title":"移动应用程序串通及其网络安全影响","authors":"A. Arabo","doi":"10.1109/CSCloud.2016.9","DOIUrl":null,"url":null,"abstract":"The key focus in securing mobile software systems is substantiality intended in detecting and mitigating vulnerabilities in a single app or apps developed by the same individual. It fails to identify vulnerabilities that arise as a result of interaction or the colluding of multiple apps either from the same or different vendors. The current state-of-the-art also fails to contextualize this in reference to its impact on security and cyber security issues. This paper proposes a solution that makes use of both static and dynamic analysis, to detect and notify device users of such a vulnerability and equips the user with knowledge on inter-app interaction, the misuse of Personal Identifiable Information (PII) and the sharing of other sensitive information without their consent.","PeriodicalId":410477,"journal":{"name":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Mobile App Collusions and Its Cyber Security Implications\",\"authors\":\"A. Arabo\",\"doi\":\"10.1109/CSCloud.2016.9\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The key focus in securing mobile software systems is substantiality intended in detecting and mitigating vulnerabilities in a single app or apps developed by the same individual. It fails to identify vulnerabilities that arise as a result of interaction or the colluding of multiple apps either from the same or different vendors. The current state-of-the-art also fails to contextualize this in reference to its impact on security and cyber security issues. This paper proposes a solution that makes use of both static and dynamic analysis, to detect and notify device users of such a vulnerability and equips the user with knowledge on inter-app interaction, the misuse of Personal Identifiable Information (PII) and the sharing of other sensitive information without their consent.\",\"PeriodicalId\":410477,\"journal\":{\"name\":\"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-06-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSCloud.2016.9\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSCloud.2016.9","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

确保移动软件系统安全的关键在于检测和减轻单个应用程序或同一个人开发的应用程序中的漏洞。它无法识别由于来自相同或不同供应商的多个应用程序的交互或串通而产生的漏洞。目前的先进技术也没有考虑到它对安全和网络安全问题的影响。本文提出了一种利用静态和动态分析相结合的解决方案，检测并通知设备用户此类漏洞，并让用户了解应用间交互、滥用个人身份信息(PII)以及未经用户同意共享其他敏感信息的情况。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Mobile App Collusions and Its Cyber Security Implications

The key focus in securing mobile software systems is substantiality intended in detecting and mitigating vulnerabilities in a single app or apps developed by the same individual. It fails to identify vulnerabilities that arise as a result of interaction or the colluding of multiple apps either from the same or different vendors. The current state-of-the-art also fails to contextualize this in reference to its impact on security and cyber security issues. This paper proposes a solution that makes use of both static and dynamic analysis, to detect and notify device users of such a vulnerability and equips the user with knowledge on inter-app interaction, the misuse of Personal Identifiable Information (PII) and the sharing of other sensitive information without their consent.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)

自引率

0.00%

发文量