CFP last date
20 January 2025
Reseach Article

A Novel Strategy to Enhance the Android Security Framework

by Muneer Ahmad Dar, Javed Parvez
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 91 - Number 8
Year of Publication: 2014
Authors: Muneer Ahmad Dar, Javed Parvez
10.5120/15904-5142

Muneer Ahmad Dar, Javed Parvez . A Novel Strategy to Enhance the Android Security Framework. International Journal of Computer Applications. 91, 8 ( April 2014), 37-41. DOI=10.5120/15904-5142

@article{ 10.5120/15904-5142,
author = { Muneer Ahmad Dar, Javed Parvez },
title = { A Novel Strategy to Enhance the Android Security Framework },
journal = { International Journal of Computer Applications },
issue_date = { April 2014 },
volume = { 91 },
number = { 8 },
month = { April },
year = { 2014 },
issn = { 0975-8887 },
pages = { 37-41 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume91/number8/15904-5142/ },
doi = { 10.5120/15904-5142 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:12:15.590943+05:30
%A Muneer Ahmad Dar
%A Javed Parvez
%T A Novel Strategy to Enhance the Android Security Framework
%J International Journal of Computer Applications
%@ 0975-8887
%V 91
%N 8
%P 37-41
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

With the widespread use of the Smartphone, the security of data stored in a Smartphone has reached to an utmost importance to all of us. Installation of every Android app asks for some critical permission to access our critical files and we have to accept the permissions in order to install that application. We propose a novel approach of enhanced security framework which can be integrated with the existing Android Security Framework to make Android more secure and to keep track of the files accessed by any of the vulnerable apps downloaded from different sources on the web. The proposed enhanced security framework enhances the security of Android File System by restricting the apps whose behavior matches with the malware. A novel approach to secure the data on Smartphone's using cryptographic Algorithms is also discussed in this paper.

References
  1. Rafael Fedler, Marcel Kulicke and Julian Sch¨utte 2013 IEEE 8th International Conference on Malicious and Unwanted Software: "The Americas" (MALWARE)
  2. Android OS Security:Risks and Limitations A Practical Evaluation Rafael Fedler, Christian Banse, Christoph KrauSS, and Volker Fusenig 5/2012
  3. National Security Agency, "SELinux," January 2009. http://www. nsa. gov/research/selinux/.
  4. Ruben Jonathan Garcia Vargas "Security Controls for Android"2012 IEEE Fourth International Conference on Computational Aspects of Social Networks (CASoN) 215
  5. H. Jonsson, "Text Mining of Personal Communication," IEEE 2010.
  6. Shabtai A. , Fledel Y. , Glezer C. , "Google Android: A comprehensive Security Assessment," IEEE Security and Privacy, 2010.
  7. E. Konstantinou and S. Wolthusen. Metamorphic virus: Analysis and detection. Technical report, Information Security Group at Royal Holloway, University of London, 2009.
  8. V. Svajcer, "Aftermath of the droid dream Android market malware attack," http:// nakedsecurity. sophos. com/2011/ 03/ 03/ droiddream-android-market-malware-attack- aftermath/
  9. L. Dignan, "Malware sneaks by google's android market gatekeepers again,"http://www. zdnet. com/blog/ security/malware-sneaks-bygoogles-android-market-gatekeepers -again/ 8696 .
  10. "New droiddream variant found on android phones," http:// www. fsecure. com/ weblog/ archives/ 00002170. html.
  11. W. Enck, M. Ontang and P. McDanial, "Understanding Android Security," IEEE Security & Privacy Magazine, 7(1), 10-17, 2009.
  12. Wook Shin, Sanghoon Kwak, Shinsaku Kiyomoto,Kazuhide Fukushima, and Toshiaki Tanaka,"A Small but Non-negligible Flaw in the Android Permission Scheme", 2010 IEEE International Symposium on Policies for Distributed Systems and Networks.
  13. A. Shabtai, et al. "Google Android: A Comprehensive Security Assessment," IEEE Security and Privacy Magazine.
  14. A. Shabtai, Y. Fledel, Y. Elovici, "Securing Android-Powered Mobile Devices Using SELinux", IEEE Security and Privacy, http://doi. ieeecomputersociety. org/10. 1109/MSP. 2009. 144.
  15. http://mobithinking. com/mobile-marketing- tools/latest-mobile-stats/e.
  16. Harunobu Agematsu, Junya Kani, Kohei Nasaka, Hideaki Kawabata "A proposal to realize the provision of secure Android applications" IEEE 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.
  17. App Store Review Guidelines - App Store Resource Center: http://developer. apple. com/jp/appstore/guidelines. html
  18. Hideaki Kawabata, Takamasa Isohara, Keisuke Takemori, Ayumu Kubota:"Threat of Script abuse Android Permissions and Static Analysis", IPSJ SIG technical reports, 2011-CSEC-53-3, pp. 1-6, 2011. 5 (in Japanese).
  19. W. Shin, S. Kwak, S. Kiyomoto, K. Fukushima, and T. Tanaka, "A small but non-negligible flaw in the android permission scheme," Policies for Distributed Systems and Networks, IEEE International Workshop, pp. 107-110, 2010.
  20. W. Shin, S. Kiyomoto, K. Fukushima, and T. Tanaka, "A formal model to analyze the permission authorization and enforcement in the android framework," Social Computing / IEEE International Conference on Privacy, Security, Risk and Trust, pp. 944– 951, 2010.
  21. W. Shin, S. Kiyomoto, K. Fukushima, and T. Tanaka, "Towards formal analysis of the permission-based security model for android," In Proceedings of the 2009 Fifth International Conference on Wireless and Mobile Communications, ICWMC '09, Washington, D. C. , U. S. A. , pp. 87–92, 2009.
  22. Android Open Source Project. Android Security Overview, October 2012. http://source. android. com/tech/security/.
  23. AV-Test. Test Report: Anti-Malware solutions for Android. Technical report, March 2012. http://www. avtest. org/fileadmin/pdf/avtest 2012-02 android antimalware report english. pdf.
  24. D. Bilar. Opcodes as predictor for malware. International Journal of Electronic Security and Digital Forensics, 1:156–168, 2007. Available at: http://inderscience. metapress. com/content/N760240L16832162.
  25. T. Bl¨asing, L. Batyuk, A. -D. Schmidt, S. Camtepe, and S. Albayrak. An android application sandbox system for suspicious software detection. In 5th International Conference on Malicious and Unwanted Software (MALWARE), pages 55–62, Oct. 2010.
  26. J. Burns. Exploratory Android surgery (talk slides). In Black Hat Technical Security Conference USA, May 2009. Available at: https://www. blackhat. com/html/bh-usa-09/bhusa-09-archives. html.
  27. M. Christodorescu and S. Jha. Static analysis of executables to detect malicious patterns. In Proceedings of the 12th USENIX Security Symposium, SSYM'03, Berkeley, CA, USA, 2003. USENIX Association.
  28. W. Enck, M. Ongtang, and P. McDaniel. Understanding android security. IEEE Security & Privacy, 7(1):50–57, Jan. – Feb. 2009.
  29. R. Fedler, C. Banse, C. Krauß, and V. Fusenig. Android OS security: Risks and limitations. Technical report, Fraunhofer AISEC, May 2012.
  30. R. Fedler, J. Sch¨utte, and M. Kulicke. On the effectiveness of malware protection on Android. Technical report, Fraunhofer AISEC, April 2013.
  31. Fraunhofer AISEC. App-Ray. http://app-ray. de/.
Index Terms

Computer Science
Information Sciences

Keywords

Smartphone Android app Security Framework File System Malware Cryptographic Algorithms