File(s) under permanent embargo
Zero permission android applications - attacks and defenses
conference contribution
posted on 2012-01-01, 00:00 authored by Veelasha Moonsamy, Lynn BattenLynn BattenGoogle advertises the Android permission framework as one of the core security features present on its innovative and flexible mobile platform. The permissions are a means to control access to restricted AP/s and system resources. However, there are Android applications which do not request permissions at all.In this paper, we analyze the repercussions of installing an Android application that does not include any permission and the types of sensitive information that can be accessed by such an application. We found that even app/icaaons with no permissions are able to access sensitive information (such the device ID) and transmit it to third-parties.
History
Event
Applications and Technologies in Information Security. Workshop (3rd : 2012 : Melbourne, Vic.)Pagination
5 - 9Publisher
School of Information Systems, Deakin UniversityLocation
Melbourne, Vic.Place of publication
Melbourne, Vic.Start date
2012-11-07ISBN-13
9780987229823Language
engPublication classification
E1 Full written paper - refereedCopyright notice
2012, Deakin University, School of Information SystemsEditor/Contributor(s)
M WarrenTitle of proceedings
ATIS 2012 : Proceedings of the 3rd Applications and Technologies in Information Security WorkshopUsage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC