A Crtitical Approach for Intruder Detection in Mobile Devices

International Journal of Computer Science and Engineering
© 2014 by SSRG - IJCSE Journal
Volume 1 Issue 4
Year of Publication : 2014
Authors : R.Surendiran, Dr.K.Alagarsamy

pdf
How to Cite?

R.Surendiran, Dr.K.Alagarsamy, "A Crtitical Approach for Intruder Detection in Mobile Devices," SSRG International Journal of Computer Science and Engineering , vol. 1,  no. 4, pp. 6-14, 2014. Crossref, https://doi.org/10.14445/23488387/IJCSE-V1I4P102

Abstract:

The paper studies and proposed an new effective methodology for the security threats involved in using modern smart phone for accessing Internet related services and various sources. Different types of materialised mobile malware are discussed in our previous works in order to classify them for further analysis. This paper discuss growing interest of malicious codes and money making apps in mobile phone users. Security Threats of mobile phones are explored in order to compare the involved security risks in mobile envioronment. Analysing various security problems of mobile environment are discussed for predicting the type of attacks that may cause a substantial rise of the risk level in near future. This paper is closed with a effective solution for mobile virus and intruder attacks from the third party application and resources.

Keywords:

Mobile Devices, Security threats , Detection Mechanism.

References:

[1] NIST Special Publication 800-19 – Mobile Agent Security Wayne Jansen, Tom Karygiannis National Institute of Standards and Technology Computer Security Division Gaithersburg, MD 20899.
[2] W. Zhou, Y. Zhou, X. Jiang, and P. Ning. DroidMOSS: Detecting Repackaged Smartphone Applications in Third-Party AndroidMarketplaces. In Proceedings of the 2nd ACMConference on Data and Application Security and Privacy, CODASPY’ 12, 2012.
[3] Amazon Appstore. http://www.amazon.com/mobile-apps/b?ie=UTF8&node=2350149011.
[4] Android.Bgserv Found on Fake Google Security Patch.http://www.symantec.com/connect/blogs/androidbgservfound-fake-google-security-patch.
[5] W. Enck, M. Ongtang, and P. McDaniel. On Lightweight Mobile Phone Application Certification. In Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS ’09, 2009.
[6] Android.Pjapps Technical Details. http://www.symantec.com/security response/writeup.jsp?docid=2011-022303-3344-99&tabid=2.
[7] Bo Li and Eul Gyu Im: Smartphone, promising battlefield for hackers, Journal of Security Engineering , vol: 8 no: 1, 2011, pages 89-110
[8] Exploid Root Exploit. http://c-skills.blogspot.com/2010/07/exploid-works-on-droid-x.html.
[9] Mmoovv. http://android.mmoovv.com/web/index.html.
[10] P. Hornyack, S. Han, J. Jung, S. Schechter, and D.Wetherall.These Aren’t the Droids You’re Looking For: Retrofitting Android to Protect Data from Imperious Applications. In Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS ’11, 2011.
[11] Rageagainstthecage Root Exploit. http://c-skills.blogspot.com/2010/08/droid2.html.
[12] A. Moshchuk, T. Bragin, S. D. Gribble, and H. M. Levy. A Crawler-based Study of Spyware on the Web. In Proceedings of the 13th Annual Symposium on Network and Distributed System Security, NDSS ’06, 2006.
[13] Security Alert: DroidDream Malware Found in Official Android Market. http://blog.mylookout.com/2011/03/securityalert-malware-found-in-official-android-marketdroiddream/.
[14] J. Andrus, C. Dall, A. Van’t Hof, O. Laadan, and J. Nieh.Cells: A Virtual Mobile Smartphone Architecture. In Proceedings of the 23rd ACM Symposium on Operating Systems Principles, SOSP ’11, 2011.
[15] Security Alert: HongTouTou, New Android Trojan, Found in China. http://blog.mylookout.com/2011/02/security-alert-hongtoutou-new-android-trojan-found-in-china/.
[16] Security Alert: Zsone Trojan found in Android Market. http://blog.mylookout.com/2011/05/security-alert-zsonetrojan-found-in-android-market/.
[17] Zimperlich sources. http://c-skills.blogspot.com/2011/02/zimperlich-sources.html.
[18] E. Chin, A. P. Felt, K. Greenwood, and D. Wagner. Analyzing Inter-Application Communication in Android. In
Proceedings of the 9th Annual Symposium on Network and Distributed System Security, MobiSys 2011, 2011.
[19] A. R. Beresford, A. Rice, N. Skehin, and R. Sohan. Mock-Droid: Trading Privacy for Application Functionality on Smartphones. In Proceedings of the 12th International Workshop on Mobile Computing System and Applications, HotMobile ’11, 2011.
[20] I. Burguera, U. Zurutuza, and S. Nadjm-Tehrani. Crowdroid:Behavior-Based Malware Detection System for Android. In Proceedings of the 1st Workshop on Securityand Privacy in Smartphones and Mobile Devices, CCSSPSM’11, 2011.
[21] B. Dixon, Y. Jiang, A. Jaiantilal, and S. Mishra. Location Based Power Analysis to Detect Malicious Code in
Smartphones. In Proceedings of the 1st Workshop on Security and Privacy in Smartphones and Mobile Devices, CCSSPSM’ 11, 2011.
[22] Alcatelclub. http://www.alcatelclub.com/.
[23] M. Egele, C. Kruegel, E. Kirda, and G. Vigna. PiOS: Detecting Privacy Leaks in iOS Applications. In Proceedings of the 18th Annual Symposium on Network and Distributed System Security, NDSS ’11, 2011.
[24] Security Alert: Malware Found Targeting Custom ROMs (jSMSHider). http://blog.mylookout.com/2011/06/securityalert-malware-found-targeting-custom-roms-jsmshider/.
[25] W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. Mc-Daniel, and A. N. Sheth. TaintDroid: An Information-Flow Tracking System for Realtime PrivacyMonitoring on Smartphones.In Proceedings of the 9th USENIX Symposium onOperating Systems Design and Implementation, USENIXOSDI ’10, 2010.
[26] A. Bose, X. Hu, K. G. Shin, and T. Park. Behavioral Detection of Malware on Mobile Handsets. In Proceeding of the 6th International Conference on Mobile Systems, Applications, and Services, MobiSys ’08, 2008.
[27] W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri. A Study of Android Application Security. In Proceedings of the 20th USENIX Security Symposium, USENIX Security’11, 2011.
[28] Security Alert: zHash, A Binary that can Root Android Phones, Found in Chinese App Markets and Android Market. http://blog.mylookout.com/2011/03/security-alertzhash- a-binary-that-can-root-android-phones-found-inchinese-app-markets-and-android-market/.
[29] A. Fuchs, A. Chaudhuri, and J. Foster. SCanDroid: Automated Security Certification of Android Applications.
http://www.cs.umd.edu/ avik/projects/scandroidascaa.
[30] A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner. Android Permissions Demystied. In Proceedings of the 18thACM Conference on Computer and Communications Security,CCS ’11, 2011.
[31] L. Liu, G. Yan, X. Zhang, and S. Chen. VirusMeter: Preventing Your Cellphone from Spies. In Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection, RAID’09, 2009.
[32] A. P. Felt, H. J.Wang, A. Moshchuk, S. Hanna, and E. Chin.Permission Re-Delegation: Attacks and Defenses. In Proceedingsof the 20th USENIX Security Symposium, USENIX Security ’11, 2011.
[33] M. Grace, Y. Zhou, Z. Wang, and X. Jiang. Systematic Detection of Capability Leaks in Stock Android Smartphones. In Proceedings of the 19th Annual Symposium on Network and Distributed System Security, NDSS ’12, 2012.
[34] M. Dietz, S. Shekhar, Y. Pisetsky, A. Shu, and D. S.Wallach. QUIRE: Lightweight Provenance for Smart Phone Operating Systems. In Proceedings of the 20th USENIX Security Symposium, USENIX Security ’11, 2011.
[35] H. Kim, J. Smith, and K. G. Shin. Detecting Energy-Greedy Anomalies and Mobile Malware Variants. In Proceeding of the 6th International Conference on Mobile Systems, Applications,and Services, MobiSys ’08, 2008.
[36] M. Ongtang, S.McLaughlin,W. Enck, and P.McDaniel. Semantically Rich Application-Centric Security in Android. In Proceedings of the 2009 Annual Computer Security Applications Conference, ACSAC ’09, 2009.
[37] Android.Basebridge Technical Details. http://www.symantec.com/security response/writeup.jsp?docid=2011-060915-4938-99&tabid=2.
[38] L. Xie, X. Zhang, J.-P. Seifert, and S. Zhu. pBMDS: A Behavior-based Malware Detection System for Cellphone Devices. In Proceedings of the 3rd ACM conference on Wireless Network Security, WiSec ’10, 2010.
[39] Security Alert: Geinimi, Sophisticated New Android Trojan Found in Wild. http://blog.mylookout.com/2010/12/geinimitrojan/.
[40] AdTOUCH. http://www.adtouchnetwork.com/adtouch/sdk/SDK.html.
[41] Y. Zhou, X. Zhang, X. Jiang, and V. W. Freeh. Taming Information-Stealing Smartphone Applications (on Android). In Proceeding of the 4th International Conference on Trust and Trustworthy Computing, TRUST ’11, 2011.
[42] Update: Security Alert: DroidDreamLight, New Malware from the Developers of DroidDream. http://blog.mylookout.com/2011/05/security-alert-droiddreamlight-new-malwarefrom-the-developers-of-droiddream/.
[43] S. Coorporation, “Symantec Internet Security Threat Report Volume XVI,” Whitepaper, vol. 16, Apr 2011.
[44] Kasperksy Lab, “Popular Porn Sites Distribute a New Trojan Targeting Android Smartphones,” 2010. [Online]. Available: http://www.kaspersky.com/news?id=207576175
[45] A. P. Felt, M. Finifter, E. Chin, S. Hanna, and D. Wagner, “Survey of Mobile Malware in the Wild,” 2011. [Online]. Available: http://www.eecs.berkeley.edu/∼afelt/malware.html
[46] McAfee Labs, “2011 Threats Predictions,” 2010. [Online]. Available: http://www.mcafee.com/ us/resources/reports/rp-threat-predictions-2011.pdf