Detection of mobile applications leaking sensitive data

Canbay, Yavuz; Ulker, Mehtap; Sağıroğlu, Şeref

doi:10.1109/isdfs.2017.7916515

Cited by 8 publications

(6 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Current data exfiltration detection methods for Android mostly focus on mobile applications leaking sensitive data. For example, in [3], a J48 classification algorithm was used to detect leakage of sensitive data by mobile applications and they also used the K-Means clustering algorithm to detect ma-licious mobile applications by comparing them to applications downloaded from Google Play Store. The proposed system can detect malign and benign applications.…”

Section: Related Workmentioning

confidence: 99%

Untitled

2021

IJDS

View full text Add to dashboard Cite

A user's consent is required for sensitive information to be shared with third parties. Data exfiltration is one of the main end goals of cyber-attacks and with the dominance of Android in the smartphone market, many Android users are susceptible to this data theft. Most of these Android users are unaware of the theft of their personal data to an unauthorised entity. The entities responsible for this leakage can vary from malicious hackers and mobile network operators to the phone company themselves. Our paper aims to detect such data breach of privacy using two methods. First by installing a packet analyser computer program (tcpdump) directly on the phone and second by using a USB Adapter on nearby phones. Results show that data is being exfiltrated from the phones we tested on and phones from one country, in particular, are more susceptible to data exfiltration.

show abstract

Section: Related Workmentioning

confidence: 99%

Untitled

2021

IJDS

View full text Add to dashboard Cite

show abstract

“…However, the requirement to possess information related to genuine user routine leaves the arrangement vulnerable to attacks plus the scheme should consider fusion with other modalities to achieve better performance. In [46], sensitive data leakage prevention mechanism for Android mobile devices has been proposed. Malicious applications are detected which are responsible for the leakage of critical data utilising J8-classification algorithm.…”

Section: Non-biometric-based Systemsmentioning

confidence: 99%

“…b) Prominent processing power and execution time subsist [21], [22], resulting in subsequent incompatibility to operate on generic mobile devices. c) Databases used to train the biometric recognition schemes are far from the data that exists in the real world [33], [39], [40], [46], thus, offering reduced accuracy when such solutions are exposed to realistic data. d) Behavioural biometrics ease a user in terms of user adoptability [11], [33], [36]; however, the accuracy of such systems drops abruptly when user behaves inversely.…”

Section: Open Issuesmentioning

confidence: 99%

“…e) Inability to protect against various threats [11], [22], [37], [42], [44], which smart mobile devices are susceptible to, like touch-logger/key-logger, liveness detection, mimic attacks, etc. f) Choosing a suitable set of biometric characteristics is a critical challenge in case of biometric authentication particularly when considering multi-modal biometric security schemes [13], [22], [33], [39], [46]. Designing reliable authentication systems capable of selecting or deciding on an appropriate biometric set exists.…”

Section: Open Issuesmentioning

confidence: 99%

“…(Durmus et al, 2014) [43] Presented a novel Wi-Fi authentication mechanism implementing social networks as the criteria for providing a more userfriendly and secure authentication mechanism. [46] Presented a sensitive data leakage prevention mechanism.…”

mentioning

confidence: 99%

See 2 more Smart Citations

A critical insight into the identity authentication systems on smartphones

Mehraj¹,

Sheheryar²,

Lone³

et al. 2019

IJEECS

View full text Add to dashboard Cite

<span>The advancement of computing power on mobile devices and their popularity among people in performing sensitive data exchange is uncovering an urgent need for a highly secure solution than the existing ones. The need for such a security solution persists that should be able to thwart not only the contemporary threats but also offer continued support without bowing down to progression in technology. Though some security solutions have been contemplated, a lack of standardised or absolute security solution which can provide a feasible and secure solution to mobile phones exists. In this paper, a survey based on various biometric and non-biometric access management schemes has been performed. The copious solutions put forward by researchers so far were discovered to fail in traits like user adaptability and efficiency. Each of the works put forward by various researchers has been single-handedly contemplated followed by analysis. Ultimately, open problems and challenges were inferences from the survey conducted.</span>

show abstract