A Security Sandbox Approach of Android Based on Hook Mechanism

Jiang, Xin; Liu, Mingzhe; Yang, Kun; Liu, Yanhua; Wang, Ruili

doi:10.1155/2018/9856537

Cited by 3 publications

(4 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Android is an open source Linux-based operating system (OS) that allows users to manage activities of daily living (ADL) [39]. Android OS is based on security-enhanced Linux (SE-Linux) that emphasizes security controls in the Android infrastructure by maintaining a sophisticated set of rules, Linux policies, and a kernel-level application sandboxing mechanism [40]. Additionally, SE-Linux assigns identification numbers (ID) to users and groups that identify and limit users, processes, and application access to kernel level and hardware attributes [32].…”

Section: Android Open Source Project (Aosp)mentioning

confidence: 99%

Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses

et al. 2023

View full text Add to dashboard Cite

There is an exponential rise in the use of smartphones in government and private institutions due to business dependencies such as communication, virtual meetings, and access to global information. These smartphones are an attractive target for cybercriminals and are one of the leading causes of cyber espionage and sabotage. A large number of sophisticated malware attacks as well as advanced persistent threats (APTs) have been launched on smartphone users. These attacks are becoming significantly more complex, sophisticated, persistent, and undetected for extended periods. Traditionally, devices are targeted by exploiting a vulnerability in the operating system (OS) or device sensors. Nevertheless, there is a rise in APTs, side-channel attacks, sensor-based attacks, and attacks launched through the Google Play Store. Previous research contributions have lacked contemporary threats, and some have proven ineffective against the latest variants of the mobile operating system. In this paper, we conducted an extensive survey of papers over the last 15 years (2009–2023), covering vulnerabilities, contemporary threats, and corresponding defenses. The research highlights APTs, classifies malware variants, defines how sensors are exploited, visualizes multiple ways that side-channel attacks are launched, and provides a comprehensive list of malware families that spread through the Google Play Store. In addition, the research provides details on threat defense solutions, such as malware detection tools and techniques presented in the last decade. Finally, it highlights open issues and identifies the research gap that needs to be addressed to meet the challenges of next-generation smartphones.

show abstract

Section: Android Open Source Project (Aosp)mentioning

confidence: 99%

Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses

et al. 2023

View full text Add to dashboard Cite

show abstract

“…Later, with the development of technology of dynamic test, followed much research that involved obtaining target data when the application is running on Android, like Mobile-sandbox [17]. It can obtain the target data by hooking the underlying function of the application.…”

Section: Encrypted Files Recoverymentioning

confidence: 99%

“…It can obtain the target data by hooking the underlying function of the application. Research recovered encrypted files on PC by means of using sandbox [17] to hook the underlying function of ransomwares and obtain encryption keys. Then encrypted files can be decrypted with encryption keys.…”

Section: Encrypted Files Recoverymentioning

confidence: 99%

KRRecover: An Auto-Recovery Tool for Hijacked Devices and Encrypted Files by Ransomwares on Android

Wang

Qin

et al. 2021

Symmetry

View full text Add to dashboard Cite

Ransomwares on Android have become a challenging threat, performing tasks such as hijacking screen resources, locking devices, and encrypting files. Even worse, with the evolution of ransomwares, many ransomwares can disable USB interfaces of mobile devices. It is difficult for users to recover their devices or decrypt files with the help of other equipment and gives monetary damages to victims. In this paper, we analyse the symmetry between the ransom behaviours and the source code of screen resource hijacked ransomwares, devices locked ransomwares and files encrypted ransomwares. We also propose strategies of recovering hijacked resources, recovering hijacked devices and decrypting encrypted files. To protect mobile devices and private files from ransomwares, we design and implement an automatic recovery application—KRRecover—which is used to recover the hijacked devices and decrypt encrypted files on Android.

show abstract

“…Furthermore, this paper implemented the proposed method on five nodes, and the experimental results confirmed that block chain-based authentication can decrease the authentication delay in multi-hop environment that makes the packet loss rate larger. Note that mining data from multiple data sources to extract useful information [Wang, Ji, Liu et al (2018)] for better understanding of security risk evaluation should be considered in the future study, and it is also important to analyze the behaviors of target application [Jiang, Liu, Yang et al (2018)] running on mesh nodes.…”

Section: Introductionmentioning

confidence: 99%

A Blockchain-Based Authentication Protocol for WLAN Mesh Security Access

Jiang¹,

Liu²,

Yang³

et al. 2019

Computers, Materials &Amp; Continua

Self Cite

View full text Add to dashboard Cite

In order to deploy a secure WLAN mesh network, authentication of both users and APs is needed, and a secure authentication mechanism should be employed. However, some additional configurations of trusted third party agencies are still needed on-site to deploy a secure authentication system. This paper proposes a new block chain-based authentication protocol for WLAN mesh security access, to reduce the deployment costs and resolve the issues of requiring key delivery and central server during IEEE 802.11X authentication. This method takes the user's authentication request as a transaction, considers all the authentication records in the mesh network as the public ledger and realizes the effective monitoring of the malicious attack. Finally, this paper analyzes the security of the protocol in detail, and proves that the new method can solve the dependence of the authentication node on PKI and CA.

show abstract

A Security Sandbox Approach of Android Based on Hook Mechanism

Cited by 3 publications

References 24 publications

Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses

Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses

KRRecover: An Auto-Recovery Tool for Hijacked Devices and Encrypted Files by Ransomwares on Android

A Blockchain-Based Authentication Protocol for WLAN Mesh Security Access

Contact Info

Product

Resources

About