A Novel Hotfix Scheme for System Vulnerability Based on the Android Application Layer

Zhang, Wen; Su, Ning; Niu, Shaozhang; Li, Hui; Huang, Ruqiang

doi:10.1049/cje.2019.01.002

Cited by 3 publications

(1 citation statement)

References 6 publications

(6 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These inputs are difficult to characterize with intercepts, soft checks, and predictive behavior [184]. This layer is also the most uncovered and the most open because the application should be accessible on port 80 (HTTP) or port 443 (HTTPS) [185]. Due to these open ports, the device becomes vulnerable to cyberattacks such as security misconfiguration, SQL injection, and cross-site scripting [186].…”

Section: Android Application Layer Attackmentioning

confidence: 99%

Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses

et al. 2023

View full text Add to dashboard Cite

There is an exponential rise in the use of smartphones in government and private institutions due to business dependencies such as communication, virtual meetings, and access to global information. These smartphones are an attractive target for cybercriminals and are one of the leading causes of cyber espionage and sabotage. A large number of sophisticated malware attacks as well as advanced persistent threats (APTs) have been launched on smartphone users. These attacks are becoming significantly more complex, sophisticated, persistent, and undetected for extended periods. Traditionally, devices are targeted by exploiting a vulnerability in the operating system (OS) or device sensors. Nevertheless, there is a rise in APTs, side-channel attacks, sensor-based attacks, and attacks launched through the Google Play Store. Previous research contributions have lacked contemporary threats, and some have proven ineffective against the latest variants of the mobile operating system. In this paper, we conducted an extensive survey of papers over the last 15 years (2009–2023), covering vulnerabilities, contemporary threats, and corresponding defenses. The research highlights APTs, classifies malware variants, defines how sensors are exploited, visualizes multiple ways that side-channel attacks are launched, and provides a comprehensive list of malware families that spread through the Google Play Store. In addition, the research provides details on threat defense solutions, such as malware detection tools and techniques presented in the last decade. Finally, it highlights open issues and identifies the research gap that needs to be addressed to meet the challenges of next-generation smartphones.

show abstract

Section: Android Application Layer Attackmentioning

confidence: 99%