https://scholars.lib.ntu.edu.tw/handle/123456789/489640
標題: | Real-time and intelligent private data protection for the Android platform | 作者: | Hung, S.-H. Hsiao, S.-W. Teng, Y.-C. Chien, R. SHIH-HAO HUNG |
關鍵字: | Android security; Information leakage; Mobile malware; PasDroid; Privacy | 公開日期: | 2015 | 卷: | 24 | 起(迄)頁: | 231-242 | 來源出版物: | Pervasive and Mobile Computing | 摘要: | As the number of smart mobile devices and applications continue to grow dramatically, private data stored and handled by such mobile devices have become the primary targets of hackers and malicious software. Today, many malicious mobile applications steal user information, make premium calls, and send advertisement messages without the user's permission. Unfortunately, the Android system, currently the most popular smart mobile platform, only provides the users with a simple permission granting mechanism during the installation of applications, which are often ignored since most of the users do not pay attention to the potential hidden risks. Even though some vendors have integrated mechanisms to let the users grant or revoke the permissions associated with any applications at any time, such mechanisms are rarely used because the users do not know when, how and what sensitive information have been leaked. In this paper, we proposed mechanisms to track the use of sensitive information by Android applications. We extended TaintDroid to build a real-time security framework, called PasDroid, with mechanisms to trace dubious data flow, map user-application interactions and alert the users about potential privacy leakage on the fly. The information provided by PasDroid enables the users to determine if a transmission should be allowed or blocked with intelligent security policies. Our experimental results show that PasDroid can be deployed with an affordable runtime overhead to help protect users against malicious applications. The design of security policies is key to eliminate false alarms and improve the user experience. © 2015 Elsevier B.V. All rights reserved. |
URI: | https://scholars.lib.ntu.edu.tw/handle/123456789/489640 | DOI: | 10.1016/j.pmcj.2015.08.006 | SDG/關鍵字: | Android (operating system); Application programs; Computer crime; Data privacy; Malware; Personal computing; Security of data; Security systems; Mobile devices; Android applications; Android securities; Information leakage; Intelligent security; Mobile malware; PasDroid; Sensitive informations; Smart mobile devices; Mobile applications; Mobile security |
顯示於: | 資訊工程學系 |
在 IR 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。