Table of Contents Author Guidelines Submit a Manuscript
Mobile Information Systems
Volume 2015, Article ID 746930, 13 pages
http://dx.doi.org/10.1155/2015/746930
Research Article

Messaging Attacks on Android: Vulnerabilities and Intrusion Detection

Department of Electrical and Computer Engineering, American University of Beirut, Beirut 1107 2020, Lebanon

Received 31 October 2013; Accepted 26 February 2014

Academic Editor: David Taniar

Copyright © 2015 Khodor Hamandi et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. C. Jones, “Apple and Android Trading Smartphone Market Shares in the Largest Markets,” July 2013, http://www.forbes.com/sites/chuckjones/2013/07/02/apple-and-android-trading-market-shares-in-the-largest-markets/.
  2. Android Developers, http://developer.android.com/index.html.
  3. A. Hoog, Android Forensics: Investigation, Analysis and Mobile Security for Google Android, Syngress, 2011.
  4. S. Lowe, Google Play celebrates 25 billion downloads with 25 cent apps, discounted books, music, and movies, 2012, http://www.theverge.com/2012/9/26/3409446/google-play-25-billion-downloads-sale.
  5. M. Panzarino, “Google announces 900 million Android activations, 48 billion apps downloaded,” 2013, http://thenextweb.com/google/2013/05/15/google-announces-900-million-activations-of-android-in-total-to-date/.
  6. J. Drew, “Malware growth maintains rapid pace as mobile threats surge,” September 2012, http://www.journalofaccountancy.com/News/20126400.htm.
  7. Z. Whittaker, “Android accounts for most mobile malware, says F-Secure,” 2013, http://www.zdnet.com/android-accounts-for-most-mobile-malware-says-f-secure-7000012261/.
  8. J. Russel, Stealth SMS Payment Malware Identified in Chinese Android App Stores, 500,000 Devices Infected, 2012, http://thenextweb.com/asia/2012/08/19/stealth-sms-payment-malware-identified-chinese-app-stores-500000-android-devices-infected/.
  9. C. Osborne, “SMS malware firm ordered to compensate victims,” 2012, http://www.zdnet.com/sms-malware-firm-ordered-to-compensate-victims-7000003639/.
  10. S. Yin, “Will Your Android Device Catch Malware? Depends on Where You Live,” September 2012, http://securitywatch.pcmag.com/none/302362-will-your-android-device-catch-malware-depends-on-where-you-live.
  11. F. Palmieri and U. Fiore, “Network anomaly detection through nonlinear analysis,” Computers & Security, vol. 29, no. 7, pp. 737–755, 2010. View at Publisher · View at Google Scholar · View at Scopus
  12. U. Fiore, F. Palmieri, A. Castiglione, and A. de Santis, “Network anomaly detection with the restricted Boltzmann machine,” Neurocomputing, vol. 122, pp. 13–23, 2013. View at Publisher · View at Google Scholar · View at Scopus
  13. N. Golde, SMS vulnerability on feature phones [M.S. thesis], Berlin Institute of Technology, Berlin, Germany, 2011.
  14. P. Traynor, W. Enck, P. McDaniel, and T. la Porta, “Exploiting open functionality in SMS-capable cellular networks,” Journal of Computer Security, vol. 16, no. 6, pp. 713–742, 2008. View at Publisher · View at Google Scholar · View at Scopus
  15. C. Mulliner and C. Miller, “Injecting SMS messages into smart phones for security analysis,” in Proceedings of the 3rd USENIX Workshop on Offensive Technologies (WOOT '09), p. 5, 2009.
  16. A. Castiglione, R. D. Prisco, and A. D. Santis, “Do you trust your phone?” in E-Commerce and Web Technologies: 10th International Conference, EC-Web 2009, Linz, Austria, September 1–4, 2009. Proceedings, vol. 5692 of Lecture Notes in Computer Science, pp. 50–61, Springer, Berlin, Germany, 2009. View at Publisher · View at Google Scholar
  17. L. Davi, A. Dmitrienko, A.-R. Sadeghi, and M. Winandy, “Privilege escalation attacks on Android,” in Information Security, vol. 6531 of Lecture Notes in Computer Science, pp. 346–360, Springer, Berlin, Germany, 2011. View at Publisher · View at Google Scholar
  18. A. P. Felt, E. Ha, S. Egelman, A. Haney, E. Chin, and D. Wagner, “Android permissions: user attention, comprehension, and behavior,” in Proceedings of the 8th Symposium on Usable Privacy and Security (SOUPS '12), Washington, DC, USA, July 2012. View at Publisher · View at Google Scholar · View at Scopus
  19. A. Armando, A. Merlo, M. Migliardi, and L. Verderame, “Would you mind forking this process? A denial of service attack on Android,” in IFIP SEC 27th International Information Security and Privacy Conference, D. Gritzalis, S. Furnell, and M. Theoharidou, Eds., vol. 376 of IFIP Advances in Information and Communication Technology (AICT), pp. 13–24, Springer, Heraklion, Greece, June 2012.
  20. A. Armando, A. Merlo, M. Migliardi, and L. Verderame, “Breaking and fixing the android launching flow,” Computers and Security, vol. 39, pp. 104–115, 2013. View at Publisher · View at Google Scholar · View at Scopus
  21. T. Vidas, D. Votipka, and N. Christin, “All your droid are belong to us: a survey of current android attacks,” in Proceedings of the 5th USENIX Workshop on Offensive Technologies, p. 10, Berkeley, Calif, USA, November 2011.
  22. A. P. Felt, M. Finifter, E. Chin, S. Hanna, and D. Wagner, “A survey of mobile malware in the wild,” in Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM'11), Chicago, Ill, USA, October 2011. View at Publisher · View at Google Scholar · View at Scopus
  23. Y. Zhou and X. Jiang, “Dissecting Android malware: characterization and evolution,” in Proceedings of the IEEE Symposium on Security and Privacy (SP '12), pp. 95–109, San Francisco, Calif, USA, May 2012. View at Publisher · View at Google Scholar
  24. A. Shabtai, U. Kanonov, and Y. Elovici, “Intrusion detection for mobile devices using the knowledge-based, temporal abstraction method,” Journal of Systems and Software, vol. 83, no. 8, pp. 1524–1537, 2010. View at Publisher · View at Google Scholar · View at Scopus
  25. A. Shabtai and Y. Elovici, “Applying behavioral detection on android-based devices,” in Mobile Wireless Middleware, Operating Systems, and Applications, vol. 48 of Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, pp. 235–249, Springer, Berlin, Germany, 2010. View at Publisher · View at Google Scholar
  26. W. Enck, P. Gilbert, B. G. Chun et al., “TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones,” in Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation (OSDI '10), Vancouver, Canada, 2010.
  27. T. Markmann, D. Gessner, and D. Westhoff, “QuantDroid: quantitative approach towards mitigating privilege escalation on Android,” in IEEE International Conference on Communications (ICC '13), pp. 2144–2149, Budapest, Hungary, 2013. View at Publisher · View at Google Scholar
  28. Virus Total, “VirusTotal—Free Online Virus, Malware and URL Scanner,” https://www.virustotal.com/.