Circumventing Google Play vetting policies: a stealthy cyberattack that uses incremental updates to breach privacy

Muhammad, Zia; Amjad, Faisal; Iqbal, Zafar; Javed, Abdul Rehman; Gadekallu, Thippa Reddy

doi:10.1007/s12652-023-04535-7

Cited by 6 publications

(4 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Information leakage can also occur when well-meaning individuals with privileged server access exchange information for legal causes [33,34]. As a result, increasing research emphasizes protecting personal information during the analytic process [35,36]. Federated learning (FL) potentially provides a solution for this privacy breach [37][38][39].…”

Section: Motivationmentioning

confidence: 99%

Wrist-Based Electrodermal Activity Monitoring for Stress Detection Using Federated Learning

Almadhor

Sampedro

Abisado

et al. 2023

Sensors

View full text Add to dashboard Cite

With the most recent developments in wearable technology, the possibility of continually monitoring stress using various physiological factors has attracted much attention. By reducing the detrimental effects of chronic stress, early diagnosis of stress can enhance healthcare. Machine Learning (ML) models are trained for healthcare systems to track health status using adequate user data. Insufficient data is accessible, however, due to privacy concerns, making it challenging to use Artificial Intelligence (AI) models in the medical industry. This research aims to preserve the privacy of patient data while classifying wearable-based electrodermal activities. We propose a Federated Learning (FL) based approach using a Deep Neural Network (DNN) model. For experimentation, we use the Wearable Stress and Affect Detection (WESAD) dataset, which includes five data states: transient, baseline, stress, amusement, and meditation. We transform this raw dataset into a suitable form for the proposed methodology using the Synthetic Minority Oversampling Technique (SMOTE) and min-max normalization pre-processing methods. In the FL-based technique, the DNN algorithm is trained on the dataset individually after receiving model updates from two clients. To decrease the over-fitting effect, every client analyses the results three times. Accuracies, Precision, Recall, F1-scores, and Area Under the Receiver Operating Curve (AUROC) values are evaluated for each client. The experimental result shows the effectiveness of the federated learning-based technique on a DNN, reaching 86.82% accuracy while also providing privacy to the patient’s data. Using the FL-based DNN model over a WESAD dataset improves the detection accuracy compared to the previous studies while also providing the privacy of patient data.

show abstract

Section: Motivationmentioning

confidence: 99%

Wrist-Based Electrodermal Activity Monitoring for Stress Detection Using Federated Learning

Almadhor

Sampedro

Abisado

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…This includes the static and dynamic analysis of the apps and checking for any known malicious behavior. However, despite these measures, attackers find their way into the store [18,51,107]. There are several means by which attackers can upload and propagate malware through the Google Play Store, the details of which are as follows.…”

Section: Threats Through Google Play Storementioning

confidence: 99%

“…In recent years, the security landscape for mobile devices has changed dramatically, with attackers increasingly targeting these devices through side-channel attacks [16,17] and malware spread through the Google Play Store [18]. Although previous research has explored vulnerabilities and attacks against mobile devices, these studies often fail to address contemporary threats such as APTs, side-channel attacks, and attacks launched through the Google Play Store.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses

et al. 2023

Self Cite

View full text Add to dashboard Cite

There is an exponential rise in the use of smartphones in government and private institutions due to business dependencies such as communication, virtual meetings, and access to global information. These smartphones are an attractive target for cybercriminals and are one of the leading causes of cyber espionage and sabotage. A large number of sophisticated malware attacks as well as advanced persistent threats (APTs) have been launched on smartphone users. These attacks are becoming significantly more complex, sophisticated, persistent, and undetected for extended periods. Traditionally, devices are targeted by exploiting a vulnerability in the operating system (OS) or device sensors. Nevertheless, there is a rise in APTs, side-channel attacks, sensor-based attacks, and attacks launched through the Google Play Store. Previous research contributions have lacked contemporary threats, and some have proven ineffective against the latest variants of the mobile operating system. In this paper, we conducted an extensive survey of papers over the last 15 years (2009–2023), covering vulnerabilities, contemporary threats, and corresponding defenses. The research highlights APTs, classifies malware variants, defines how sensors are exploited, visualizes multiple ways that side-channel attacks are launched, and provides a comprehensive list of malware families that spread through the Google Play Store. In addition, the research provides details on threat defense solutions, such as malware detection tools and techniques presented in the last decade. Finally, it highlights open issues and identifies the research gap that needs to be addressed to meet the challenges of next-generation smartphones.

show abstract

Guest Editorial: Advanced information hiding techniques for industrial applications

Singh

2023

J Ambient Intell Human Comput

View full text Add to dashboard Cite

Circumventing Google Play vetting policies: a stealthy cyberattack that uses incremental updates to breach privacy

Cited by 6 publications

References 30 publications

Wrist-Based Electrodermal Activity Monitoring for Stress Detection Using Federated Learning

Wrist-Based Electrodermal Activity Monitoring for Stress Detection Using Federated Learning

Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses

Guest Editorial: Advanced information hiding techniques for industrial applications

Contact Info

Product

Resources

About