Android Information Leak Potential in Benign, Malware, and Commercial Spyware Applications

  IJCTT-book-cover
 
International Journal of Computer Trends and Technology (IJCTT)          
 
© 2019 by IJCTT Journal
Volume-67 Issue-5
Year of Publication : 2019
Authors : Nerijus Šatkauskas
  10.14445/22312803/IJCTT-V67I5P105

MLA

MLA Style:Nerijus Šatkauskas"Android Information Leak Potential in Benign, Malware, and Commercial Spyware Applications" International Journal of Computer Trends and Technology 67.5 (2019): 27-33.

APA Style: Nerijus Šatkauskas (2019). Android Information Leak Potential in Benign, Malware, and Commercial Spyware Applications International Journal of Computer Trends and Technology, 67(5), 27-33.

Abstract
There are well over 2 billion smartphones currently in the world. Their number is only increasing.A big part of OS is Android. It is not only an OS with huge resources. Android is notorious for an increased information leak potential. Information availability is based on granted permissions, but a user may underestimate it due to a lack of interest or skills. Application developers are often blamed for asking too many permissions. Meanwhile malware and commercial spyware means that the information leak in question is uncontrollable. Permission Management System, the prototype, has been offered which gives a simplified review of any potential information leak due to permissions. A comparative study has been completed on benign, malware and commercial spyware applications.

Reference
[1] (2019) Deuthche Welle, “Smartphones: Live longer, be greener”. [Online]. Available at:https://www.dw.com/en/smartphones-live-longer-be-greener/a-46423527.
[2] Q. Chen, J. Wang and Y. Wang, "An Online Approach for Detecting Repackaged Android Applications Based on Multi-user Collaboration," 2015 IEEE 12th Intl Conf on Ubiquitous Intelligence and Computing and 2015 IEEE 12th Intl Conf on Autonomic and Trusted Computing and 2015 IEEE 15th Intl Conf on Scalable Computing and Communications and Its Associated Workshops (UIC-ATC-ScalCom), Beijing, 2015, pp. 312-315.Available at: https://ieeexplore.ieee.org/abstract/document/7518244
[3] Kaspersky Lab DAILY, “Google Trades Privacy and Security for Hangouts”. Available at https://www.kaspersky.com/blog/google-privacy-hangouts/1993/
[4] Spyzie, “All-Inclusive Phone Spy”. Available at https://www.spyzie.com/ad/phone-spy-amp.html?gclid=EAIaIQobChMI9u3YsvO-4QIVV-d3Ch08ggReEAAYASAAEgKg3_D_BwE
[5] R. Chatterjee et al., "The Spyware Used in Intimate Partner Violence," 2018 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, 2018, pp. 441-458. Available at: https://ieeexplore.ieee.org/document/8418618
[6] GitHub, Inc., “Ashishb Collection of Android Malware Samples”.Available at: https://github.com/ashishb/android-malware
[7] Permissions Overview, 2019. Available at: https://developer.android.com/guide/topics/permissions/overview#normal-dangerous
[8] O. S. J. Nisha and S. M. S. Bhanu, "Detection of repackaged Android applications based on Apps Permissions," 2018 4th International Conference on Recent Advances in Information Technology (RAIT), Dhanbad, 2018, pp. 1-8. Available at: https://ieeexplore.ieee.org/document/8388984
[9] Rowland Yu & William Lee, “VB2015 paper: Will Android Trojans, Worms or Rootkits Survive in SEAndroid and Containerization?”, Sophos, Australia. Available at: https://www.virusbulletin.com/virusbulletin/2016/02/vb2015-paper-will-android-trojans-worms-or-rootkits-survive-seandroid-and-containerization/
[10] R. Chatterjee et al., "The Spyware Used in Intimate Partner Violence," 2018 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, 2018, pp. 441-458. Available at: https://ieeexplore.ieee.org/document/8418618
[11] X. Liu and J. Liu, "A Two-Layered Permission-Based Android Malware Detection Scheme," 2014 2nd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering, Oxford, 2014, pp. 142-148. Available at: https://ieeexplore.ieee.org/document/6834956
[12] G. Canbek, N. Baykal and S. Sagiroglu, "Clustering and visualization of mobile application permissions for end users and malware analysts," 2017 5th International Symposium on Digital Forensic and Security (ISDFS), Tirgu Mures, 2017, pp. 1-10. Available at: https://ieeexplore.ieee.org/document/7916512
[13] A. Sahal, S. Alam and I. Soğukpinar, "Mining and Detection of Android Malware Based on Permissions," 2018 3rd International Conference on Computer Science and Engineering (UBMK), Sarajevo, 2018, pp. 264-268. Available at: https://ieeexplore.ieee.org/document/8566510
[14] M. H. Saad, A. Serageldin and G. I. Salama, "Android spyware disease and medication," 2015 Second International Conference on Information Security and Cyber Forensics (InfoSec), Cape Town, 2015, pp. 118-125. Available at: https://ieeexplore.ieee.org/document/7435516
[15] Google Play Help, “Control your app permissions on Android 6.0 and up”, [Online]. Available: https://support.google.com/googleplay/answer/6270602?hl=en-GB
[16] X. Shi, D. Li, H. Zhu and W. Zhang, "Research on Supply Chain Information Classification Based on Information Value and Information Sensitivity," 2007 International Conference on Service Systems and Service Management, Chengdu, 2007, pp. 1-7. Available at: http://ieeexplore.ieee.org/document/4280248/
[17] “Protection levels”. Available at: https://developer.android.com/guide/topics/permissions/overview#normal-dangerous
[18] P. Xiong, X. Wang, W. Niu, T. Zhu and G. Li, "Android malware detection with contrasting permission patterns," in China Communications, vol. 11, no. 8, pp. 1-14, Aug. 2014. Available at: https://ieeexplore.ieee.org/document/6911083

Keywords
Android, permission,dangerous permission, information leak, smartphones,permission monitoring, permission management, benign, malware, commercial spyware