Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses
Abstract
:1. Introduction
1.1. Contributions
- The survey provides an overview of the current state of smartphone security, identifies trends and patterns in the types of attacks being launched, and illustrates the tactics and techniques employed by attackers.
- This research will provide the descriptive knowledge required to identify vulnerabilities, APTs, side-channel attacks, and malware families propagated through the Google Play Store. This knowledge will assist mobile manufacturers, anti-malware companies, and Google Play developers in taking preventive measures to ensure the security and privacy of Android users.
- This research will serve as a valuable resource for the research community to obtain a thorough understanding of the current state of smartphone security and identify areas for future research, open issues, and deficiencies in the Android ecosystem.
1.2. Organization of This Paper
2. Literature Review
3. Background
3.1. Android Open Source Project (AOSP)
3.2. Dissecting Android Architecture
- Application framework: An application framework is a high-level API for developers to create Android applications. It includes services required for application development, such as an activity manager, content provider, and other libraries. The framework creates and manages the application lifecycle, data storage, information retrieval, and user interface management [56,57].
- Interprocess communication (IPC): IPC allows different applications and services to communicate with each other. It also enables the components of an application to share data, access device functionality, and integrate with third-party services.
- System services: These services handle common functionalities such as power management, location, and connectivity.
- Hardware abstraction layer (HAL): It is an abstraction layer between the Android software and the hardware of the device that allows the Android software to be hardware-agnostic, which means that the same software can run on different devices with different hardware configurations.
- Linux kernel: kernel is responsible for several low-level services such as memory management, process management, and device drivers.
3.3. Google Play Store
3.4. Google Play Protect
3.5. Android Permission Model
- Normal permissions: Normal permissions are considered safe and do not pose a significant risk to the user’s security or privacy. Examples include permissions to access the Internet, vibrate the device, or write to external storage. These permissions are automatically granted at the installation time and cannot be revoked by the user. App developers do not need to explicitly ask for normal permissions and are granted as soon as the app is installed.
- Signature permissions: Signature permissions are granted at runtime based on the certificate that defines the permission and the application. These permissions are intended for use by applications that are signed with the same certificate and are meant to be used for sharing the functionality between applications. For example, an application signed by the same certificate as the system can use the permission to read the state of the phone, while an application signed by a different certificate cannot.
- Dangerous permissions: Dangerous permissions pose a greater risk to user security or privacy. Examples include permissions to access the camera, microphone, or location data [64,65]. When an app requests dangerous permission, the user is presented with a dialog box explaining why the app needs permission, and the user must explicitly grant or deny the permission. Dangerous permissions must be asked for during runtime, and data can only be accessed if the user agrees to allow permission.
- Special permissions: These permissions do not behave like dangerous and normal permissions and are particularly sensitive. To access these permissions, a user must authorize, and the permissions must be declared in the manifest file. Examples include permissions to access the device’s camera or microphone while the device is in use by another app or to access the device’s SMS or call log.
3.6. Android Application Package (APK)
- The app code: This includes the Java or Kotlin source code that makes up the app’s functionality. This code controls the app’s behavior and handles user interactions.
- Resources: These are the files the application uses, such as images, layouts, and strings. These resources define the app’s appearance and provide text for different languages.
- The Android manifest: This is a special XML file that contains important information about the app, such as the app’s name, version, and permissions it requires. The manifest also defines the app’s components, such as activities, services, and broadcast receivers.
- External libraries: If the app uses external libraries, those are also packaged inside the APK file. These libraries provide additional functionality and are typically open source projects integrated into the application.
- Assets: These are the files that the application uses but does not compile, such as fonts, audio, and video files. They are stored in the APK in their original format, and the app reads them at runtime.
- Android runtime (ART): This component runs the app on Android devices; it converts the app’s bytecode into machine code so the device’s processor can execute it.
3.7. Android Application Bundle (AAB)
3.8. Hardware/Software Platform and Processor Architectures
4. Methods: Survey Methodology
5. Android Vulnerabilities
- Denial of service (DoS): This type of vulnerability occurs when an attacker floods a system with traffic or requests to overwhelm its resources and make it unavailable to legitimate users.
- Bypass something: This vulnerability allows an attacker to bypass a security control, such as authentication or authorization, gain access to protected resources, or perform unauthorized actions.
- Execute code: This vulnerability allows an attacker to execute an arbitrary code on a target system or device, which could lead to data theft, unauthorized access, or other malicious activities.
- Memory corruption: This vulnerability involves exploiting bugs or flaws in a program’s memory management system, such as buffer overflows or use-after-free errors, to gain unauthorized access to data or execute malicious code.
- Cross-site scripting (XSS): This vulnerability allows an attacker to inject malicious code, such as JavaScript, into a web page or application, potentially leading to data theft or other malicious activities.
- Information disclosure: This vulnerability allows attackers to access sensitive information without authorization, such as passwords, personal data, or system configuration information.
- Privilege escalation: This vulnerability allows an attacker to gain higher access or privileges than authorized, potentially allowing them to perform malicious actions or access sensitive data.
- Buffer overflow: This vulnerability occurs when an attacker inputs more data into a program’s memory buffer than it can handle, potentially leading to the execution of arbitrary code or a system crash.
- SQL injection: This vulnerability allows an attacker to inject malicious SQL code into a web application or database, potentially leading to unauthorized access or data modification.
- Directory traversal: This vulnerability involves exploiting a web application’s file path validation flaw to gain unauthorized access to files or directories outside the application’s intended scope.
6. Cyber Threats
6.1. Contemporary Threats
6.1.1. Adware
6.1.2. Backdoor
6.1.3. File Infector
6.1.4. Mobile Unwanted Software (MUwS)
6.1.5. Ransomware
6.1.6. Riskware
6.1.7. Scareware
6.1.8. Spyware
6.1.9. Trojan
6.2. Advanced Persistent Threats (APTs)
6.2.1. Pegasus
6.2.2. Gooligan
6.2.3. Dark Caracal
6.2.4. Hornbill
6.2.5. SunBird
6.2.6. Skygofree
6.2.7. Triout
6.2.8. Mosaic Regressor
7. Threats through Google Play Store
- Dynamic code loading: Attackers can use dynamic code loading techniques, such as Java reflection or Android DexClassLoader, to load and execute code at runtime [108]. This can be used to download and execute additional code or malicious payloads after the app has been installed, which can be hidden in the app’s legitimate code or downloaded from a remote server. This can allow attackers to evade detection by security scanners, as the malicious code may not be present in the initial app release.
- Incremental malicious updates attack (IMUTA): Attackers can use incremental updates to gradually add malicious code to an application over time [18]. This can be performed using a dropper app that initially appears legitimate but later downloads and installs additional components or payloads. Attackers can also use code obfuscation and dynamic code loading techniques to add malicious code in a way that is difficult to detect, such as updates. This can allow attackers to evade detection by security scanners and prolong the lifespan of the malware.
- Code obfuscation: Obfuscation consists of modifying an app’s source code to make it more difficult to understand or analyze [109]. Attackers can use obfuscation techniques, such as renaming variables and classes, adding junk code, or using encryption to hide the functionality and purpose of the malicious code. This can make it more difficult for security researchers to detect and analyze malware [110].
- Repackaging: Attackers can use repackaging techniques to take a legitimate app and add malicious code. This can be performed by decompiling the application, adding malicious code, and then recompiling and resigning the application [51]. The repackaged app can then be uploaded to the Google Play Store, and users may be manipulated into downloading it, as it may appear legitimate and have good reviews.
- Social engineering: Social engineering manipulates people into performing certain actions or divulge sensitive information. Some cybercriminals use social engineering to trick users into downloading and installing applications that appear to be legitimate but are malware. These applications can look like popular apps or games but contain malware that can steal personal information or perform other malicious actions [51,59].
- Permission name: This column highlights the permission name used in mobile devices. It lists the different permissions that malware may request when installed on an Android device, such as Internet access, camera access, calendar access, call logs, contacts, messages, and location.
- Percentage of use: This column highlights the percentage of the use of a specific permission by various malware attacks. It shows the frequency with which particular permissions are requested by malware, which can be used to identify potentially malicious apps.
- Permission group: This column groups the permissions into categories. This can help identify patterns in the permissions requested by malware and provide insight into the malware’s functionality.
- Classification: This column classifies the permissions based on the Android permission model. This can help one understand the level of access that malware has to the device and the potential severity of the malware.
8. Sensor-Based Attacks
8.1. Global Positioning System (GPS) Attacks
8.2. Near-Field Communication (NFC) Attacks
8.3. Battery-Draining Attacks
8.4. Wi-Fi Attacks
- Jamming signals: An attacker can use a device to transmit radio waves at the same frequency as the wireless network, causing interference and preventing legitimate devices from connecting. This type of attack is known as a jamming attack, and it can be executed using a variety of devices, including portable jammers, software-defined radios, and even smartphones.
- Evil twin: This is an attack in which a malicious wireless network is set up to mimic a legitimate network to trick users into connecting. Once connected, the attacker can access sensitive information or infect the device with malware. This type of attack is also known as an “evil twin” or “rogue access point” attack.
- Man-in-the-middle (MitM) attack: This attack is where the attacker intercepts communications between the device and the wireless network, allowing them to access sensitive information or launch further attacks. MitM attacks can be executed using various techniques, including ARP spoofing, DNS spoofing, and SSL stripping.
- Rogue access points: This type of attack is similar to an “evil twin” attack, where the attacker sets up a rogue wireless access point and tricks users into connecting to it. Once connected, the attacker can access sensitive information or launch further attacks.
- Honeypot attack: An attacker can set up a free Wi-Fi connection in a public place or open areas, such as a street, park, or coffee shop, to interfere with the traffic of the connected device. This type of attack is known as a “honeypot” attack, designed to lure unsuspecting victims into a trap.
8.5. Gyroscope Attacks
8.6. Biometrics Attacks
- Deepfake attack: A deepfake attack is a biometric attack that uses AI-generated images, videos, or audio to impersonate a real person and fool the biometric sensor into thinking it is the legitimate user. These attacks can bypass facial, voice, or even iris recognition systems.
- Presentation attacks: Presentation attacks involve a real biometric characteristic, but the individual is not the legitimate user. For example, using someone else’s fingerprint or face to access the device. It involves recording a legitimate user’s biometric characteristics and then using them to gain access to the device.
- Fingerprint hijacking attack: A fingerprint hijacking attack is a type of biometric attack that involves the use of physical replicas of fingerprints, such as 3D-printed fingerprints or lifted fingerprints, to fool the fingerprint sensor into thinking it is the legitimate user. This can be performed by tricking the user with specially designed sticky paper, glass, or third-party hardware coatings [137]. Afterward, this unique finger impression can deceive the device finger scanner into performing an unauthorized login [138].
- Voice-based attacks: Voice-based attacks are a type of biometric attack that involve using AI-generated speech or voice recordings to impersonate a real person and fool the voice recognition system into thinking it is the legitimate user. Nowadays, individual assistants such as Alexa, Siri, Cortana, and Google Home are broadly used. Scientists have performed an attack demonstration to prove that smartphones can be attacked using hidden voice commands. These voice commands are not understandable by humans [61,139]. This stealthy attack can be launched on a mobile device without user awareness. Furthermore, this attack can be launched to make unauthorized calls, share information on social media, send targeted messages, and many more [140].
- Facial recognition attacks: Facial recognition attacks are a type of biometric attack that involves the use of physical replicas of faces, such as 3D-printed faces or photographs, to fool the facial recognition system into thinking it is the legitimate user. Most cutting-edge facial biometric frameworks are ineffective against basic attacks and lack attack detection measures [141]. The facial recognition module is misleading by showing the camera a photograph, video, or 3D cover of the individual [142].
- Iris authentication attacks: Iris recognition attacks are a type of biometric attack that involves the use of replicas of iris patterns, such as 3D-printed irises or photographs of irises, to fool the iris recognition system into thinking that it is the legitimate user. Iris recognition sensors are surprisingly powerless against cyberattacks. They can be bypassed using bogus blueprints and similar matching. One of the least demanding ways to trick an iris scanner is by showing a printed picture of a member’s iris, using an electronic screen such as a cell phone, or, in any event, using a contact lens to trick the framework [143,144].
9. Side-Channel Attacks
9.1. Smudge Attacks on Touch Screens
9.2. Motion-Based Keystrokes Attacks
9.3. Password Inference Using Accelerometer
9.4. Juice Jacking Attacks
9.5. Android Fault Attacks
- Voltage fault injection: This involves manipulating the power supply of the device to cause glitches in the CPU or memory. For example, VoltJockey3 [159] is an attack that uses voltage scaling to inject faults in the ARM TrustZone and compromise the secure world execution.
- Electromagnetic fault injection: This involves applying electromagnetic pulses to the device to induce transient faults in the circuits. For example, EM-Fuzz [160] is an attack that uses electromagnetic fault injection to fuzz Android kernel drivers and find vulnerabilities.
9.6. Power Analysis Attacks
9.7. Fault Attacks on Cryptographic Algorithms
10. Intrinsic Cyberattacks
10.1. Application Collusion Attack
10.2. Inter-App Communication Attack
10.3. StrandHogg Attack
10.4. Keystore Forgery Attack
10.5. Application-Level Sandboxing Attack
10.6. Android Application Layer Attack
10.7. Binder Transaction Redirection Attack
- The configuration vulnerability exploits authorization checks and access assets without application privileges.
- Information serialization for the Binder.
- Exploiting system service input validation to trigger memory corruption.
10.8. Active Warden Attack (AWA)
10.9. Android 3G Attacks
10.10. Android 4G Attacks
10.11. Android 5G Attacks
10.12. Android 6G Attacks
10.13. Quantum Threats to Android Smartphone
11. Threat Detection and Mitigation
11.1. Static Malware Analysis
- Signature-based detection: This technique involves identifying malware by searching for known patterns or “signatures” in the code of an application. This can be used to detect known malware families or variants.
- Permission-based detection: This technique involves identifying malware by analyzing the permissions requested by an application. Malicious applications may request permissions that are not required for their intended function or are unusual for the application category.
- Code analysis: This technique involves analyzing the code of an application to identify malicious behavior. This can be performed by manually examining the code or using automated tools to generate control flow graphs, data flow diagrams, and other code representations.
- String analysis: This technique involves identifying malware by searching for hardcoded strings, such as URLs, IP addresses, or file paths, in the code of an application. This can detect command-and-control servers, domains, or other infrastructure used by malware.
- Opcode analysis: This technique involves the identification of malware by analyzing the opcode sequences in the code of an application. This can detect malware that uses specific code sequences or instructions, such as those used by known malware families.
- Bytecode analysis: This technique involves identifying malware by analyzing the Dalvik bytecode of an application. This can detect malware that uses specific bytecode sequences or instructions, such as those used by known malware families.
- Resource analysis: This technique involves identifying malware by analyzing an APK’s resources. This can be used to detect malware that uses specific resources, such as images or audio files, that are not required for the intended function of the application.
- Manifest analysis: This technique involves identifying malware by analyzing the AndroidManifest.xml file of an APK. This can detect malware that uses specific manifest attributes, such as permissions, broadcast receivers, and threads, such as those used by known malware families.
11.2. Dynamic Malware Analysis
- System call monitoring: This allows for the capture of system calls made by the application, which can provide insights into the system resources that the application is accessing and can be used to detect malicious behavior or vulnerabilities.
- Runtime behavior: This includes monitoring the application’s behavior while it is running. This can detect malicious behavior, such as attempts to exfiltrate data or to gain unauthorized access to system resources.
- Device traces: This includes capturing information about the device, such as location data, call logs, and contacts. These data can be used to detect attempts to steal personal information or track a device’s location.
- API calls: This involves monitoring the application’s application programming interfaces (APIs) to detect attempts to access restricted resources or perform malicious actions.
- Registry changes: This involves monitoring the changes made to the system registry by the application, which can be used to detect attempts to install malicious software or to make unauthorized changes to the system.
- Memory writes: This involves monitoring the writes to the memory by the application, which can be used to detect attempts to inject malware or to execute code in a privileged context.
- Network traffic monitoring: This involves monitoring the network traffic generated by the application, which can detect attempts to exfiltrate data or communicate with command-and-control servers.
- Code instrumentation: This technique involves modifying the original code of an application to insert hooks or probes at specific points of interest. This allows for the collection of detailed information about the application’s behavior.
11.3. Fault Detection and PQC Implementations
11.3.1. Curve448 and Ed448 on Cortex-M4
11.3.2. SIKE on Cortex-M4
11.3.3. SIKE Round 3 on ARM Cortex-M4
11.3.4. Kyber on 64-Bit ARM Cortex-A
11.3.5. Cryptographic Accelerators on Ed25519
11.4. Lightweight Ciphers Fault Detection
11.4.1. Fault Detection of Architectures of Pomaranch Cipher
11.4.2. Reliable Architectures of Grostl Hash
11.4.3. Fault Diagnosis of Low-Energy Midori Cipher
11.4.4. Fault Diagnosis of RECTANGLE Cipher
12. Open Issues and Challenges
12.1. Version Fragmentation
12.2. Privacy Risks of Third-Party Applications and Libraries
12.3. Dynamic Code Loading
12.4. Limited Traceability and Data-Theft Protection
12.5. NIST Lightweight Cryptography Standardization
13. Conclusions and Future Work
Future Work
- Android version fragmentation and dynamic code loading threats: Future work should address the challenges of Android version fragmentation, which affects app compatibility and update delivery. Similarly, dynamic code loading is a leading threat exploited for malicious purposes which can be significantly reduced using Project Treble architecture and enforcing the Play system updates only.
- Post-quantum cryptography for Android: Future work should address building PQC resilient cryptographic algorithms, protocols, and authentication mechanisms for Android devices.
- Fault attacks and power analysis attacks for Android: Future work should focus on developing and implementing fault detection and power analysis-resistant software and hardware to prevent these side-channel attacks.
- Mitigation of malware propagation on application stores: Future work should focus on developing and implementing mitigation techniques for malware and APT propagation of Google Play Store and other third-party application stores.
- Finally, comprehensive research and development can be conducted to mitigate or minimize the effect of all the discussed attacks and open issues such as active warden attacks, standHogg attacks, keystore forgery attacks, and application collision attacks.
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Acknowledgments
Conflicts of Interest
References
- Herrero, J.; Rodríguez, F.J.; Urueña, A. Use of smartphone apps for mobile communication and social digital pressure: A longitudinal panel study. Technol. Forecast. Soc. Chang. 2023, 188, 122292. [Google Scholar] [CrossRef]
- Khan, L.U.; Saad, W.; Han, Z.; Hossain, E.; Hong, C.S. Federated learning for internet of things: Recent advances, taxonomy, and open challenges. IEEE Commun. Surv. Tutor. 2021, 23, 1759–1799. [Google Scholar] [CrossRef]
- Kaur, P.; Arora, K. Internet of Things-Based Economical Smart Home Automation System. In Industrial Internet of Things; CRC Press: Boca Raton, FL, USA, 2022; pp. 129–142. [Google Scholar]
- Toppo, P.; Dhote, T. Preference of Mobile Platforms: A Study of Ios vs. Android. Int. J. Mod. Agric. 2021, 10, 1757–1764. [Google Scholar]
- Analytica, O. Huawei’s Harmony may challenge Android-Apple duopoly. Emerald Expert Briefings 2021. [CrossRef]
- Garg, S.; Baliyan, N. Comparative analysis of Android and iOS from security viewpoint. Comput. Sci. Rev. 2021, 40, 100372. [Google Scholar] [CrossRef]
- Statista, J. Smartphone OS Market Share Forecast 2014–2023, 2022.
- Chawla, A. Pegasus Spyware—‘A Privacy Killer’. SSRN 2021. [Google Scholar] [CrossRef]
- Thomas, T.; Surendran, R.; John, T.S.; Alazab, M. Intelligent Mobile Malware Detection; CRC Press Routledge Publisher: Boca Raton, FL, USA, 2022. [Google Scholar]
- Jabar, T.; Mahinderjit Singh, M. Exploration of Mobile Device Behavior for Mitigating Advanced Persistent Threats (APT): A Systematic Literature Review and Conceptual Framework. Sensors 2022, 22, 4662. [Google Scholar] [CrossRef]
- Acharya, S.; Rawat, U.; Bhatnagar, R. A Comprehensive Review of Android Security: Threats, Vulnerabilities, Malware Detection, and Analysis. Secur. Commun. Netw. 2022, 2022, 7775917. [Google Scholar] [CrossRef]
- Kady, C.; Chedid, A.M.; Kortbawi, I.; Yaacoub, C.; Akl, A.; Daclin, N.; Trousset, F.; Pfister, F.; Zacharewicz, G. Iot-driven workflows for risk management and control of beehives. Diversity 2021, 13, 296. [Google Scholar] [CrossRef]
- Chandrashekar, A.; Kumar, P.V.; Chandavarkar, B. Comparative Analysis of Modern Mobile Operating Systems. In Proceedings of the 2021 12th International Conference on Computing Communication and Networking Technologies (ICCCNT), Kharagpur, India, 6–8 July 2021; pp. 1–7. [Google Scholar]
- Mahor, V.; Pachlasiya, K.; Garg, B.; Chouhan, M.; Telang, S.; Rawat, R. Mobile Operating System (Android) Vulnerability Analysis Using Machine Learning. In Proceedings of the International Conference on Network Security and Blockchain Technology, Huaihua City, China, 15–17 July 2022; Springer: Berlin/Heidelberg, Germany, 2022; pp. 159–169. [Google Scholar]
- Senanayake, J.; Kalutarage, H.; Al-Kadri, M.O.; Petrovski, A.; Piras, L. Android source code vulnerability detection: A systematic literature review. ACM Comput. Surv. 2023, 55, 1–37. [Google Scholar] [CrossRef]
- Javed, A.R.; Beg, M.O.; Asim, M.; Baker, T.; Al-Bayatti, A.H. Alphalogger: Detecting motion-based side-channel attack using smartphone keystrokes. J. Ambient. Intell. Humaniz. Comput. 2023, 14, 4869–4882. [Google Scholar] [CrossRef] [Green Version]
- Javed, A.R.; Rehman, S.U.; Khan, M.U.; Alazab, M.; Khan, H.U. Betalogger: Smartphone sensor-based side-channel attack detection and text inference using language modeling and dense multilayer neural network. Trans. Asian Low-Resour. Lang. Inf. Process. 2021, 20, 1–17. [Google Scholar] [CrossRef]
- Muhammad, Z.; Amjad, F.; Iqbal, Z.; Javed, A.R.; Gadekallu, T.R. Circumventing Google Play vetting policies: A stealthy cyberattack that uses incremental updates to breach privacy. J. Ambient. Intell. Humaniz. Comput. 2023, 14, 4785–4794. [Google Scholar] [CrossRef]
- Deeban Chakravarthy, V.; Prakash, K.L.; Ramana, K.; Gadekallu, T.R. A Novel DDOS Attack Detection and Prevention Using DSA-DPI Method. In Proceedings of the International Conference on Innovative Computing and Communications: Proceedings of ICICC 2022, Delhi, India, 18–19 November 2022; Springer: Berlin/Heidelberg, Germany, 2022; Volume 3, pp. 733–743. [Google Scholar]
- Wang, D.; Chen, T.; Zhang, Z.; Zhang, N. A Survey of Android Malware Detection Based on Deep Learning. In Proceedings of the International Conference on Machine Learning for Cyber Security, Nadi, Fiji, 2–4 December 2023; Springer: Berlin/Heidelberg, Germany, 2023; pp. 228–242. [Google Scholar]
- Meijin, L.; Zhiyang, F.; Junfeng, W.; Luyu, C.; Qi, Z.; Tao, Y.; Yinwei, W.; Jiaxuan, G. A Systematic Overview of Android Malware Detection. Appl. Artif. Intell. 2022, 36, 2007327. [Google Scholar] [CrossRef]
- Saab, S.S.; Shen, D.; Orabi, M.; Kors, D.; Jaafar, R.H. Iterative learning control: Practical implementation and automation. IEEE Trans. Ind. Electron. 2021, 69, 1858–1866. [Google Scholar] [CrossRef]
- Cao, M. Understanding the characteristics of invasive malware from the Google Play Store. Ph.D. Thesis, University of British Columbia, Vancouver, BC, Canada, 2022. [Google Scholar]
- Wang, X. Security Threats and Protection Based on Android Platform. In Proceedings of the 2021 International Conference on Big Data Analytics for Cyber-Physical System in Smart City, Bangkok, Thailand, 16–17 December 2022; Springer: Berlin/Heidelberg, Germany, 2022; pp. 179–186. [Google Scholar]
- Muhammad, Z.; Amjad, M.F.; Abbas, H.; Iqbal, Z.; Azhar, A.; Yasin, A.; Iesar, H. A Systematic Evaluation of Android Anti-Malware Tools for Detection of Contemporary Malware. In Proceedings of the 2021 IEEE 19th International Conference on Embedded and Ubiquitous Computing (EUC), Shenyang, China, 20–22 October 2021; pp. 117–124. [Google Scholar]
- Cheng, B.; Kikuta, T.; Toshimitsu, Y.; Saito, T. Investigation of Power Consumption Attack on Android Devices. In Proceedings of the International Conference on Advanced Information Networking and Applications, Toronto, ON, Canada, 12–14 May 2021; Springer: Berlin/Heidelberg, Germany, 2021; pp. 567–579. [Google Scholar]
- Wu, H.; Zhang, H.; Wang, Y.; Rountev, A. Sentinel: Generating GUI tests for sensor leaks in Android and Android wear apps. Softw. Qual. J. 2020, 28, 335–367. [Google Scholar] [CrossRef]
- Sikder, A.K.; Aksu, H.; Uluagac, A.S. A context-aware framework for detecting sensor-based threats on smart devices. IEEE Trans. Mob. Comput. 2019, 19, 245–261. [Google Scholar] [CrossRef] [Green Version]
- Dini, G.; Martinelli, F.; Matteucci, I.; Petrocchi, M.; Saracino, A.; Sgandurra, D. Risk analysis of Android applications: A user-centric solution. Future Gener. Comput. Syst. 2018, 80, 505–518. [Google Scholar] [CrossRef] [Green Version]
- Hur, J.B.; Shamsi, J.A. A survey on security issues, vulnerabilities and attacks in Android based smartphone. In Proceedings of the 2017 International Conference on Information and Communication Technologies (ICICT), Karachi, Pakistan, 30–31 December 2017; pp. 40–46. [Google Scholar]
- Xu, M.; Song, C.; Ji, Y.; Shih, M.W.; Lu, K.; Zheng, C.; Duan, R.; Jang, Y.; Lee, B.; Qian, C.; et al. Toward engineering a secure android ecosystem: A survey of existing techniques. ACM Comput. Surv. 2016, 49, 1–47. [Google Scholar] [CrossRef]
- Tan, D.J.; Chua, T.W.; Thing, V.L. Securing android: A survey, taxonomy, and challenges. ACM Comput. Surv. 2015, 47, 1–45. [Google Scholar]
- Faruki, P.; Bharmal, A.; Laxmi, V.; Ganmoor, V.; Gaur, M.S.; Conti, M.; Rajarajan, M. Android security: A survey of issues, malware penetration, and defenses. IEEE Commun. Surv. Tutor. 2014, 17, 998–1022. [Google Scholar] [CrossRef] [Green Version]
- Wang, Y.; Zheng, J.; Sun, C.; Mukkamala, S. Quantitative security risk assessment of android permissions and applications. In Proceedings of the Data and Applications Security and Privacy XXVII: 27th Annual IFIP WG 11.3 Conference, DBSec 2013, Newark, NJ, USA, 15–17 July 2013; Proceedings 27. Springer: Berlin/Heidelberg, Germany, 2013; pp. 226–241. [Google Scholar]
- La Polla, M.; Martinelli, F.; Sgandurra, D. A survey on security for mobile devices. IEEE Commun. Surv. Tutor. 2012, 15, 446–471. [Google Scholar] [CrossRef] [Green Version]
- Becher, M.; Freiling, F.C.; Hoffmann, J.; Holz, T.; Uellenbeck, S.; Wolf, C. Mobile security catching up? revealing the nuts and bolts of the security of mobile devices. In Proceedings of the 2011 IEEE Symposium on Security and Privacy, Oakland, CA, USA, 22–25 May 2011; pp. 96–111. [Google Scholar]
- Goode, A. Managing mobile security: How are we doing? Netw. Secur. 2010, 2010, 12–15. [Google Scholar] [CrossRef]
- Maker, F.; Chan, Y.H. A Survey on Android vs. Linux; University of California: Los Angeles, CA, USA, 2009; pp. 1–10. [Google Scholar]
- Chaudhary, A.; Gupta, H.P.; Shukla, K. Real-Time Activities of Daily Living Recognition Under Long-Tailed Class Distribution. IEEE Trans. Emerg. Top. Comput. Intell. 2022, 6, 740–750. [Google Scholar] [CrossRef]
- Jiang, X.; Liu, M.; Yang, K.; Liu, Y.; Wang, R. A security sandbox approach of android based on hook mechanism. Secur. Commun. Netw. 2018, 2018. [Google Scholar] [CrossRef] [Green Version]
- Shabtai, A.; Fledel, Y.; Elovici, Y. Securing Android-powered mobile devices using SELinux. IEEE Secur. Priv. 2009, 8, 36–44. [Google Scholar] [CrossRef]
- Garg, S.; Baliyan, N. Android security assessment: A review, taxonomy and research gap study. Comput. Secur. 2021, 100, 102087. [Google Scholar] [CrossRef]
- Fatima, M.; Abbas, H.; Yaqoob, T.; Shafqat, N.; Ahmad, Z.; Zeeshan, R.; Muhammad, Z.; Rana, T.; Mussiraliyeva, S. A survey on common criteria (CC) evaluating schemes for security assessment of IT products. PeerJ Comput. Sci. 2021, 7, e701. [Google Scholar] [CrossRef]
- Gupta, B.B.; Gaurav, A.; Marín, E.C.; Alhalabi, W. Novel graph-based machine learning technique to secure smart vehicles in intelligent transportation systems. IEEE Trans. Intell. Transp. Syst. 2022. [Google Scholar] [CrossRef]
- Muhammad, Z.; Anwar, Z.; Saleem, B.; Shahid, J. Emerging Cybersecurity and Privacy Threats to Electric Vehicles and Their Impact on Human and Environmental Sustainability. Energies 2023, 16, 1113. [Google Scholar] [CrossRef]
- Chetan, R.; Avinash, N.; Aditya, K.; Gowri, M.; Pranav, K.; Namana. Providing Knee Movement Assistance using Android and IOT. In Proceedings of the 2021 2nd International Conference on Smart Electronics and Communication (ICOSEC), Trichy, India, 7–9 October 2021; pp. 140–145. [Google Scholar]
- Hou, Q.; Diao, W.; Wang, Y.; Liu, X.; Liu, S.; Ying, L.; Guo, S.; Li, Y.; Nie, M.; Duan, H. Large-scale Security Measurements on the Android Firmware Ecosystem. In Proceedings of the International Conference on Software Engineering (ICSE’22), Pittsburgh, PA, USA, 21–29 May 2022; Association for Computing Machinery: New York, NY, USA, 2022. [Google Scholar]
- Moulahi, T.; Jabbar, R.; Alabdulatif, A.; Abbas, S.; El Khediri, S.; Zidi, S.; Rizwan, M. Privacy-preserving federated learning cyber-threat detection for intelligent transport systems with blockchain-based security. Expert Syst. 2023, 40, e13103. [Google Scholar] [CrossRef]
- Radhika, B.; Kumar, N.N.; Shyamasundar, R.; Vyas, P. Consistency analysis and flow secure enforcement of selinux policies. Comput. Secur. 2020, 94, 101816. [Google Scholar] [CrossRef]
- Mayrhofer, R.; Stoep, J.V.; Brubaker, C.; Kralevich, N. The android platform security model. ACM Trans. Priv. Secur. 2021, 24, 1–35. [Google Scholar] [CrossRef]
- Hutchinson, S.; Zhou, B.; Karabiyik, U. Are we really protected? An investigation into the play protect service. In Proceedings of the 2019 IEEE International Conference on Big Data (Big Data), Los Angeles, CA, USA, 9–12 December 2019; pp. 4997–5004. [Google Scholar]
- Google. Protect against security threats with safetynet: Android developers.
- Muhammad, Z.; Anwar, Z.; Saleem, B. A cybersecurity risk assessment of electric vehicle mobile applications: Findings and recommendations. In Proceedings of the 2023 3rd International Conference on Artificial Intelligence (ICAI), Wuhan, China, 17–19 November 2023; pp. 45–51. [Google Scholar]
- Ning, P. Samsung knox and enterprise mobile security. In Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices, Scottsdale, AZ, USA, 3–7 November 2014; Association for Computing Machinery: New York, NY, USA, 2014; p. 1. [Google Scholar]
- Le, T.D.B.; Bao, L.; Lo, D.; Gao, D.; Li, L. Towards mining comprehensive android sandboxes. In Proceedings of the 2018 23rd International Conference on Engineering of Complex Computer Systems (ICECCS), Melbourne, Australia, 12–14 December 2018; pp. 51–60. [Google Scholar]
- Brahler, S. Analysis of the android architecture. Karlsr. Inst. Technol. 2010, 7. [Google Scholar]
- Framework, A.; Runtime, A.; Kernel, L. Android Architecture. Android Developers.
- Farooqi, S.; Feal, Á.; Lauinger, T.; McCoy, D.; Shafiq, Z.; Vallina-Rodriguez, N. Understanding incentivized mobile app installs on google play store. In Proceedings of the ACM Internet Measurement Conference, Virtual, 27–29 October 2020; Association for Computing Machinery: New York, NY, USA, 2020; pp. 696–709. [Google Scholar]
- Suleman, M.; Soomro, T.R.; Ghazal, T.M.; Alshurideh, M. Combating Against Potentially Harmful Mobile Apps. In Proceedings of the The International Conference on Artificial Intelligence and Computer Vision, Settat, Morocco, 28–30 June 2021; Springer: Berlin/Heidelberg, Germany, 2021; pp. 154–173. [Google Scholar]
- Kumar, S.; Shanker, R.; Verma, S. Context aware dynamic permission model: A retrospect of privacy and security in android system. In Proceedings of the 2018 International Conference on Intelligent Circuits and Systems (ICICS), Phagwara, India, 20–21 April 2018; pp. 324–329. [Google Scholar]
- Alkindi, Z.R.; Unviresity, S.Q.; Muscat, O.; Sarrab, M.; Alzidi, N. Android Application Permission Model. In Proceedings of the 4th Free & Open Source Software Conference (FOSSC’2019-OMAN), Abu Dhabi, Muscat, 11–12 February 2019. [Google Scholar]
- Zhan, X.; Liu, T.; Fan, L.; Li, L.; Chen, S.; Luo, X.; Liu, Y. Research on Third-Party Libraries in Android Apps: A Taxonomy and Systematic Literature Review. IEEE Trans. Softw. Eng. 2021. [Google Scholar] [CrossRef]
- Granthi, P.K.; Bansode, S. Android security: A survey of security issues and defenses. Int. Res. J. Eng. Technol. 2017, 4, 541–549. [Google Scholar]
- Gupta, P.; Yadav, K.; Gupta, B.B.; Alazab, M.; Gadekallu, T.R. A Novel Data Poisoning Attack in Federated Learning based on Inverted Loss Function. Comput. Secur. 2023, 103270. [Google Scholar] [CrossRef]
- Ahmed, A.; Javed, A.R.; Jalil, Z.; Srivastava, G.; Gadekallu, T.R. Privacy of web browsers: A challenge in digital forensics. In Proceedings of the Genetic and Evolutionary Computing: Proceedings of the Fourteenth International Conference on Genetic and Evolutionary Computing, Jilin, China, 21–23 October 2021; Springer: Berlin/Heidelberg, Germany, 2022; pp. 493–504. [Google Scholar]
- Enck, W.; Octeau, D.; McDaniel, P.D.; Chaudhuri, S. A study of android application security. Proc. USENIX Secur. Symp. 2011, 2. [Google Scholar]
- Ardito, L.; Coppola, R.; Leonardi, S.; Morisio, M.; Buy, U. Automated test selection for Android apps based on APK and activity classification. IEEE Access 2020, 8, 187648–187670. [Google Scholar] [CrossRef]
- Almomani, I.; Khayer, A. Android applications scanning: The guide. In Proceedings of the 2019 International Conference on Computer and Information Sciences (ICCIS), Sakaka, Saudi Arabia, 3–4 April 2019; pp. 1–5. [Google Scholar]
- Lee, B.s. Changes in the Android App Support Model. In Proceedings of the Korean Institute of Information and Commucation Sciences Conference, Pyeongchang, Republic of Korea, 9–25 February 2019; The Korea Institute of Information and Commucation Engineering: Seoul, Republic of Korea, 2019; pp. 201–203. [Google Scholar]
- Roy, D.B.; Fritzmann, T.; Sigl, G. Efficient hardware/software co-design for post-quantum crypto algorithm SIKE on ARM and RISC-V based microcontrollers. In Proceedings of the 39th International Conference on Computer-Aided Design, Virtual Event, 2–5 November 2020; Association for Computing Machinery: New York, NY, USA, 2020; pp. 1–9. [Google Scholar]
- Pilato, C.; Bohm, S.; Brocheton, F.; Castrillon, J.; Cevasco, R.; Cima, V.; Cmar, R.; Diamantopoulos, D.; Ferrandi, F.; Martinovic, J.; et al. EVEREST: A design environment for extreme-scale big data analytics on heterogeneous platforms. In Proceedings of the 2021 Design, Automation & Test in Europe Conference & Exhibition (DATE), Virtual, 1–5 February 2021; pp. 1320–1325. [Google Scholar]
- Cherif, Z.; Danger, J.L.; Lozac’h, F.; Mathieu, Y.; Bossuet, L. Evaluation of Delay PUFs on CMOS 65 nm Technology: ASIC vs. FPGA. In Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, Tel-Aviv, Israel, 23–24 June 2013; pp. 1–8. [Google Scholar]
- Pulte, C.; Pichon-Pharabod, J.; Kang, J.; Lee, S.H.; Hur, C.K. Promising-ARM/RISC-V: A simpler and faster operational concurrency model. In Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation, Phoenix, AZ, USA, 22–26 June 2019; pp. 1–15. [Google Scholar]
- Joshi, J.; Parekh, C. Android smartphone vulnerabilities: A survey. In Proceedings of the 2016 International Conference on Advances in Computing, Communication, & Automation (ICACCA), Greater Noida, India, 29–30 April 2016; pp. 1–5. [Google Scholar]
- Asif, S.; Ambreen, M.; Muhammad, Z.; ur Rahman, H.; Iqbal, S. Cloud Computing in Healthcare-Investigation of Threats, Vulnerabilities, Future Challenges and Counter Measure. LC Int. J. STEM 2022, 3, 63–74. [Google Scholar]
- Margossian, H.; Sayed, A.R.J.; Fawaz, W.; Nakad, Z. Partial grid false data injection attacks against state estimation. Int. J. Electr. Power Energy Syst. 2019, 110, 623–629. [Google Scholar] [CrossRef]
- Gandhewar, N.; Sheikh, R. Google Android: An emerging software platform for mobile devices. Int. J. Comput. Sci. Eng. 2010, 1, 12–17. [Google Scholar]
- Rashidi, B.; Fung, C.J. A Survey of Android Security Threats and Defenses. J. Wirel. Mob. Netw. Ubiquitous Comput. Dependable Appl. 2015, 6, 3–35. [Google Scholar]
- Shahid, J.; Muhammad, Z.; Iqbal, Z.; Khan, M.S.; Amer, Y.; Si, W. SAT: Integrated Multi-agent Blackbox Security Assessment Tool using Machine Learning. In Proceedings of the 2022 2nd International Conference on Artificial Intelligence (ICAI), Islamabad, Pakistan, 30–31 March 2022; pp. 105–111. [Google Scholar]
- Elsersy, W.F.; Feizollah, A.; Anuar, N.B. The rise of obfuscated Android malware and impacts on detection methods. PeerJ Comput. Sci. 2022, 8, e907. [Google Scholar] [CrossRef] [PubMed]
- Rathod, J.; Bhatti, D. Towards a Static and Dynamic Features-Based Framework for Android Vulnerabilities Detection. In Proceedings of the International Joint Conference on Advances in Computational Intelligence, Valletta, Malta, 24–26 October 2022; Springer: Berlin/Heidelberg, Germany, 2022; pp. 153–166. [Google Scholar]
- Selvaganapathy, S.; Sadasivam, S.; Ravi, V. A review on android malware: Attacks, countermeasures and challenges ahead. J. Cyber Secur. Mobil. 2021, 177–230. [Google Scholar] [CrossRef]
- Shao, Y.; Lu, Y.; Wei, D.; Fang, J.; Qin, F.; Chen, B. Malicious Code Classification Method Based on Deep Residual Network and Hybrid Attention Mechanism for Edge Security. Wirel. Commun. Mob. Comput. 2022, 2022. [Google Scholar] [CrossRef]
- Moses, A.; Morris, S. Analysis of Mobile Malware: A Systematic Review of Evolution and Infection Strategies. J. Inf. Secur. Cybercrimes Res. 2021, 4, 103–131. [Google Scholar]
- Guerra-Manzanares, A.; Luckner, M.; Bahsi, H. Android Malware Concept Drift using System Calls: Detection, Characterization and Challenges. Expert Syst. Appl. 2022, 206, 117200. [Google Scholar] [CrossRef]
- Bhat, P.; Dutta, K. A survey on various threats and current state of security in android platform. ACM Comput. Surv. 2019, 52, 1–35. [Google Scholar] [CrossRef]
- Gao, J.; Li, L.; Kong, P.; Bissyandé, T.F.; Klein, J. Should you consider adware as malware in your study? In Proceedings of the 2019 IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER), Hangzhou, China, 24–27 February 2019; pp. 604–608. [Google Scholar]
- Keyes, D.S.; Li, B.; Kaur, G.; Lashkari, A.H.; Gagnon, F.; Massicotte, F. EntropLyzer: Android malware classification and characterization using entropy analysis of dynamic characteristics. In Proceedings of the 2021 Reconciling Data Analytics, Automation, Privacy, and Security: A Big Data Challenge (RDAAPS), Hamilton, ON, Canada, 18–19 May 2021; pp. 1–12. [Google Scholar]
- Rehman, F.; Muhammad, Z.; Asif, S.; Rahman, H. The next generation of cloud security through hypervisor-based virtual machine introspection. In Proceedings of the 2023 3rd International Conference on Artificial Intelligence (ICAI), Islamabad, Pakistan, 22 February 2023; pp. 116–121. [Google Scholar]
- Pham, A.; Dacosta, I.; Losiouk, E.; Stephan, J.; Huguenin, K.; Hubaux, J.P. Hidemyapp: Hiding the presence of sensitive apps on android. In Proceedings of the 28th USENIX Security Symposium (USENIX Security), Berkeley, CA, USA, 14–16 August 2019; p. 18. [Google Scholar]
- Alsoghyer, S.; Almomani, I. Ransomware detection system for Android applications. Electronics 2019, 8, 868. [Google Scholar] [CrossRef] [Green Version]
- Mi, X. Characterizing Emerging Cybersecurity Threats: An Ecosystem Approach; Journal Of Indiana University: Bloomington, IN, USA, 2020. [Google Scholar]
- Bagui, S.; Brock, H. Machine Learning for Android Scareware Detection. J. Inf. Technol. Res. 2022, 15, 1–15. [Google Scholar] [CrossRef]
- Pierazzi, F.; Mezzour, G.; Han, Q.; Colajanni, M.; Subrahmanian, V. A data-driven characterization of modern Android spyware. ACM Trans. Manag. Inf. Syst. 2020, 11, 1–38. [Google Scholar] [CrossRef] [Green Version]
- Ali, M.; Ali, H.; Anwar, Z. Enhancing Stealthiness & Efficiency of Android Trojans and Defense Possibilities (EnSEAD)-Android’s Malware Attack, Stealthiness and Defense: An Improvement. In Proceedings of the 2011 Frontiers of Information Technology, Islamabad, Pakistan, 19–21 December 2011; pp. 148–153. [Google Scholar]
- Chen, P.; Desmet, L.; Huygens, C. A study on advanced persistent threats. In Proceedings of the IFIP International Conference on Communications and Multimedia Security, Aveiro, Portugal, 25–26 September 2014; Springer: Berlin/Heidelberg, Germany, 2014; pp. 63–72. [Google Scholar]
- Kaster, S.D.; Ensign, P.C. Privatized espionage: NSO Group Technologies and its Pegasus spyware. Thunderbird Int. Bus. Rev. 2022. [Google Scholar] [CrossRef]
- Tankard, C. Advanced persistent threats and how to monitor and deter them. Netw. Secur. 2011, 2011, 16–19. [Google Scholar] [CrossRef]
- Patil, M.R.; Mulimani, C. Pegasus: Transforming Phone Into A Spy. Think India J. 2019, 22, 7883–7890. [Google Scholar]
- Lee, H.W.; Lee, J. Mobile Forged App Identification System with Centralized Signature Self-verification Method. In Proceedings of the Sixth International Conference on Green and Human Information Technology: ICGHIT 2018, Chiang Mai, Thailand, 31 January–2 February 2019; Springer: Berlin/Heidelberg, Germany, 2019; pp. 176–182. [Google Scholar]
- Pingle, A.; Piplai, A.; Mittal, S.; Joshi, A.; Holt, J.; Zak, R. Relext: Relation extraction using deep learning approaches for cybersecurity knowledge graph improvement. In Proceedings of the 2019 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, Vancouver, BC, Canada, 27–30 August 2019; pp. 879–886. [Google Scholar]
- Ansar, S.A.; Yadav, J.; Dwivedi, S.K.; Pandey, A.; Srivastava, S.P.; Ishrat, M.; Khan, M.W.; Pandey, D.; Khan, R.A. A Critical Analysis of Fraud Cases on the Internet. Turk. J. Comput. Math. Educ. 2021, 12, 2164–2186. [Google Scholar]
- Ichioka, S.; Pouget, E.; Mimura, T.; Nakajima, J.; Yamauchi, T. Accessibility service utilization rates in android applications shared on twitter. In Proceedings of the Information Security Applications: 21st International Conference, WISA 2020, Jeju Island, Republic of Korea, 26–28 August 2020; Revised Selected Papers 21. Springer: Berlin/Heidelberg, Germany, 2020; pp. 101–111. [Google Scholar]
- Dhalaria, M.; Gandotra, E. Android malware detection techniques: A literature review. Recent Patents Eng. 2021, 15, 225–245. [Google Scholar] [CrossRef]
- Stevanoski, G.; Kacurova, M.; Bogatinov, D. Rootkits-cyber security challenges and mechanisms for protection. ETIMA 2021, 1, 174–181. [Google Scholar]
- Ramamurthy, M. Fraudster Mobile Apps Detector in Google Playstore. J. Comput. Theor. Nanosci. 2020, 17, 1752–1757. [Google Scholar] [CrossRef]
- Aritonang, J.; Rokhim, R. Big Data Analysis of Paid and Free Applications in Google Playstore and Apple App Store to Know Application Characteristics and Monetization Opportunities for New Startup in Indonesia. In Proceedings of the The International Conference on Business and Management Research (ICBMR 2020), Online, 21–22 October 2020; Atlantis Press: Noord-Holland, The Netherlands, 2020; pp. 205–210. [Google Scholar]
- Mirza, S.; Abbas, H.; Shahid, W.B.; Shafqat, N.; Fugini, M.; Iqbal, Z.; Muhammad, Z. A Malware Evasion Technique for Auditing Android Anti-Malware Solutions. In Proceedings of the 2021 IEEE 30th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), Bayonne, France, 23–25 June 2021; pp. 125–130. [Google Scholar]
- Glanz, L.; Amann, S.; Eichberg, M.; Reif, M.; Hermann, B.; Lerch, J.; Mezini, M. CodeMatch: Obfuscation will not conceal your repackaged app. In Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering, Paderborn, Germany, 4–8 September 2017; pp. 638–648. [Google Scholar]
- Montano, I.H.; de la Torre Díez, I.; López-Izquierdo, R.; Villamor, A.R.J.C.; Martín-Rodríguez, F. Mobile triage applications: A systematic review in the literature and play store. J. Med Syst. 2021, 45, 1–11. [Google Scholar] [CrossRef] [PubMed]
- Cao, M.; Ahmed, K.; Rubin, J. Rotten apples spoil the bunch: An anatomy of Google Play malware. In Proceedings of the 44th International Conference on Software Engineering, Pittsburgh, PA, USA, 21–29 May 2022; pp. 1919–1931. [Google Scholar]
- Meacham, M.C.; Vogel, E.A.; Thrul, J. Vaping-related mobile apps available in the Google Play Store after the Apple ban: Content review. J. Med Internet Res. 2020, 22, e20009. [Google Scholar] [CrossRef] [PubMed]
- D’Angelo, G.; Palmieri, F.; Robustelli, A.; Castiglione, A. Effective classification of android malware families through dynamic features and neural networks. Connect. Sci. 2021, 33, 786–801. [Google Scholar] [CrossRef]
- Alazab, M.; Alazab, M.; Shalaginov, A.; Mesleh, A.; Awajan, A. Intelligent mobile malware detection using permission requests and API calls. Future Gener. Comput. Syst. 2020, 107, 509–521. [Google Scholar] [CrossRef]
- Cai, L.; Machiraju, S.; Chen, H. Defending against sensor-sniffing attacks on mobile phones. In Proceedings of the 1st ACM Workshop on Networking, Systems, and Applications for Mobile Handhelds, New York, NY, USA, 17 August 2009; pp. 31–36. [Google Scholar]
- Sikder, A.K.; Petracca, G.; Aksu, H.; Jaeger, T.; Uluagac, A.S. A survey on sensor-based threats and attacks to smart devices and applications. IEEE Commun. Surv. Tutorials 2021, 23, 1125–1159. [Google Scholar] [CrossRef]
- Hubbard, J.; Weimer, K.; Chen, Y. A study of SSL proxy attacks on Android and iOS mobile applications. In Proceedings of the 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC), Las Vegas, NV, USA, 10–13 January 2014; pp. 86–91. [Google Scholar]
- Vidas, T.; Votipka, D.; Christin, N. All your droid are belong to us: A survey of current android attacks. In Proceedings of the 5th USENIX Workshop on Offensive Technologies (WOOT 11), San Francisco, CA, USA, 8 August 2011. [Google Scholar]
- Sihombing, P.; Siregar, Y.; Tarigan, J.; Jaya, I.; Turnip, A. Development of building security integration system using sensors, microcontroller and GPS (Global Positioning System) based android smartphone. In Proceedings of the Journal of Physics: Conference Series; IOP Publishing: Bristol, UK, 2018; Volume 978, p. 012105. [Google Scholar]
- Alrawais, A. Security Issues in Near Field Communications (NFC). Int. J. Adv. Comput. Sci. Appl. 2020, 11. [Google Scholar] [CrossRef]
- Tu, Y.J.; Piramuthu, S. On addressing RFID/NFC-based relay attacks: An overview. Decis. Support Syst. 2020, 129, 113194. [Google Scholar] [CrossRef]
- Singh, M.M.; Adzman, K.; Hassan, R. Near Field Communication (NFC) technology security vulnerabilities and countermeasures. Int. J. Eng. Technol. 2018, 7, 298–305. [Google Scholar]
- Shahid, J.; Muhammad, Z.; Iqbal, Z.; Almadhor, A.S.; Javed, A.R. Cellular automata trust-based energy drainage attack detection and prevention in wireless sensor networks. Comput. Commun. 2022. [Google Scholar] [CrossRef]
- Senthil Mahesh, P.; Muthumanickam, K. A Security Scheme for Discovering Battery Draining Attacks in Android Smartphone. In Proceedings of the ICDSMLA 2019; Springer: Berlin/Heidelberg, Germany, 2020; pp. 1908–1915. [Google Scholar]
- Prakash, J.; Sankaran, S.; Jithish, J. Attack Detection based on Statistical Analysis of Smartphone Resource Utilization. In Proceedings of the 2019 IEEE 16th India Council International Conference (INDICON), Rajkot, India, 13–15 December 2019; pp. 1–4. [Google Scholar]
- Bala, N.; Ahmar, A.; Li, W.; Tovar, F.; Battu, A.; Bambarkar, P. DroidEnemy: Battling adversarial example attacks for Android malware detection. Digit. Commun. Netw. 2021. [Google Scholar] [CrossRef]
- Halawi, B.; Mourad, A.; Otrok, H.; Damiani, E. Few are as good as many: An ontology-based tweet spam detection approach. IEEE Access 2018, 6, 63890–63904. [Google Scholar] [CrossRef]
- Kherraf, N.; Sharafeddine, S.; Assi, C.M.; Ghrayeb, A. Latency and reliability-aware workload assignment in IoT networks with mobile edge clouds. IEEE Trans. Netw. Serv. Manag. 2019, 16, 1435–1449. [Google Scholar] [CrossRef]
- Giri, A. A Study on Efficient Battery Management System Providing Features to Resolve Damage occurring in Mobile Phones.
- Mwinuka, L.J.; Agghey, A.Z.; Kaijage, S.F.; Ndibwile, J.D. FakeAP Detector: An Android-Based Client-Side Application for Detecting Wi-Fi Hotspot Spoofing. IEEE Access 2022, 10, 13611–13623. [Google Scholar] [CrossRef]
- Vanhoef, M. Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation. In Proceedings of the 30th USENIX Security Symposium, Virtual Event, 11–13 August 2021; USENIX Association: Berkeley, CA, USA, 2021. [Google Scholar]
- Schrötter, M.; Scheffler, T.; Schnor, B. Evaluation of Intrusion Detection Systems in IPv6 Networks. In Proceedings of the ICETE (2), Prague, Czech Republic, 26–28 July 2019; pp. 408–416. [Google Scholar]
- Khazaaleh, S.; Korres, G.; Eid, M.; Rasras, M.; Daqaq, M.F. Vulnerability of MEMS gyroscopes to targeted acoustic attacks. IEEE Access 2019, 7, 89534–89543. [Google Scholar] [CrossRef]
- Guri, M. GAIROSCOPE: Leaking Data from Air-Gapped Computers to Nearby Smartphones using Speakers-to-Gyro Communication. In Proceedings of the 2021 18th International Conference on Privacy, Security and Trust (PST), Auckland, New Zealand, 13–15 December 2021; pp. 1–10. [Google Scholar]
- Lin, J.; Seibel, J. Motion-based side-channel attack on mobile keystrokes, 2019.
- Jaafar, R.H.; Saab, S.S. A neural network approach for indoor fingerprinting-based localization. In Proceedings of the 2018 9th IEEE Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), New York, NY, USA, 8–10 November 2018; pp. 537–542. [Google Scholar]
- Wang, X.; Chen, Y.; Yang, R.; Shi, S.; Lau, W.C. Fingerprint-jacking: Practical fingerprint authorization hijacking in Android apps. Blackhat Eur. Tech. Rep. Blackhat 2020, 2020. [Google Scholar]
- Chugh, T.; Jain, A.K. Fingerprint presentation attack detection: Generalization and efficiency. In Proceedings of the 2019 International Conference on Biometrics (ICB), Crete, Greece, 4–7 June 2019; pp. 1–8. [Google Scholar]
- Zhang, R.; Chen, X.; Wen, S.; Zheng, J. Who activated my voice assistant? A stealthy attack on android phones without users’ awareness. In Proceedings of the International Conference on Machine Learning for Cyber Security, Xi’an, China, 19–21 September 2019; Springer: Berlin/Heidelberg, Germany, 2019; pp. 378–396. [Google Scholar]
- Zhang, G.; Yan, C.; Ji, X.; Zhang, T.; Zhang, T.; Xu, W. Dolphinattack: Inaudible voice commands. In Proceedings of the 2017 ACM SIGSAC conference on computer and communications security, Dallas, TX, USA, 30 October–3 November 2017; pp. 103–117. [Google Scholar]
- Costa-Pazo, A.; Bhattacharjee, S.; Vazquez-Fernandez, E.; Marcel, S. The replay-mobile face presentation-attack database. In Proceedings of the 2016 International Conference of the Biometrics Special Interest Group (BIOSIG), Darmstadt, Germany, 21–23 September 2016; pp. 1–7. [Google Scholar]
- Ye, G.; Tang, Z.; Fang, D.; Chen, X.; Wolff, W.; Aviv, A.J.; Wang, Z. A video-based attack for android pattern lock. ACM Trans. Priv. Secur. 2018, 21, 1–31. [Google Scholar] [CrossRef]
- Morales, A.; Fierrez, J.; Galbally, J.; Gomez-Barrero, M. Introduction to iris presentation attack detection. In Handbook of Biometric Anti-Spoofing; Springer: Berlin/Heidelberg, Germany, 2019; pp. 135–150. [Google Scholar]
- Gupta, M.; Singh, V.; Vatsa, M.; Singh, R. Detecting Iris spoofing attacks. 2020.
- Aviv, A.J.; Gibson, K.; Mossop, E.; Blaze, M.; Smith, J.M. Smudge attacks on smartphone touch screens. In Proceedings of the 4th USENIX Workshop on Offensive Technologies (WOOT 10), Berkeley, CA, USA, 9 August 2010. [Google Scholar]
- Shahzad, M.; Liu, A.X.; Samuel, A. Behavior based human authentication on touch screen devices using gestures and signatures. IEEE Trans. Mob. Comput. 2016, 16, 2726–2741. [Google Scholar] [CrossRef]
- Shahzad, M.; Liu, A.X.; Samuel, A. Secure unlocking of mobile touch screen devices by simple gestures: You can see it but you can not do it. In Proceedings of the 19th Annual International Conference on Mobile Computing & Networking, New York, NY, USA, 30 September–4 October 2013; pp. 39–50. [Google Scholar]
- Imtiaz, S.I.; Khan, L.A.; Almadhor, A.S.; Abbas, S.; Alsubai, S.; Gregus, M.; Jalil, Z. Efficient Approach for Anomaly Detection in Internet of Things Traffic Using Deep Learning. Wirel. Commun. Mob. Comput. 2022. [Google Scholar] [CrossRef]
- Song, R.; Song, Y.; Gao, S.; Xiao, B.; Hu, A. I know what you type: Leaking user privacy via novel frequency-based side-channel attacks. In Proceedings of the 2018 IEEE Global Communications Conference (GLOBECOM), Abu Dhabi, United Arab Emirates, 9–13 December 2018; pp. 1–6. [Google Scholar]
- Maiti, A.; Jadliwala, M.; He, J.; Bilogrevic, I. Side-channel inference attacks on mobile keypads using smartwatches. IEEE Trans. Mob. Comput. 2018, 17, 2180–2194. [Google Scholar] [CrossRef] [Green Version]
- Bo, L.; Fengjun, L.; Guanghui, W.; Wang, L. I Know What You Type on Your Phone: Keystroke Inference on Android Device Using Deep Learning. Ph.D. Thesis, University of Kansas, Lawrence, KS, USA, 2019. [Google Scholar]
- Kröger, J.L.; Raschke, P.; Bhuiyan, T.R. Privacy implications of accelerometer data: A review of possible inferences. In Proceedings of the 3rd International Conference on Cryptography, Security and Privacy, Kuala Lumpur, Malaysia, 19–21 January 2019; pp. 81–87. [Google Scholar]
- Owusu, E.; Han, J.; Das, S.; Perrig, A.; Zhang, J. Accessory: Password inference using accelerometers on smartphones. In Proceedings of the Twelfth Workshop on Mobile Computing Systems & Applications, New York, NY, USA, 28–29 February 2012; pp. 1–6. [Google Scholar]
- Chen, D.; Zhao, Z.; Qin, X.; Luo, Y.; Cao, M.; Xu, H.; Liu, A. Magleak: A learning-based side-channel attack for password recognition with multiple sensors in IIoT environment. IEEE Trans. Ind. Inform. 2020, 18, 467–476. [Google Scholar] [CrossRef]
- Veerasamy, N. The Threat of Juice Jacking. In Proceedings of the ECCWS 2021 20th European Conference on Cyber Warfare and Security, Online, 24–25 June 2021; Academic Conferences Inter Ltd.: Montreal, QC, Canada, 2021; p. 449. [Google Scholar]
- Spolaor, R.; Abudahi, L.; Moonsamy, V.; Conti, M.; Poovendran, R. No free charge theorem: A covert channel via usb charging cable on mobile devices. In Proceedings of the International Conference on Applied Cryptography and Network Security, Kanazawa, Japan, 10–12 July 2017; Springer: Berlin/Heidelberg, Germany, 2017; pp. 83–102. [Google Scholar]
- Kumar, Y. Juice Jacking-The USB Charger Scam. Available at SSRN 3580209 2020. [Google Scholar] [CrossRef]
- Goodin, D. Hackers Have Been Exploiting 4 Critical Android Vulnerabilities. Ars Technica 2021. [Google Scholar]
- Qiu, P.; Wang, D.; Lyu, Y.; Tian, R.; Wang, C.; Qu, G. Voltjockey: A new dynamic voltage scaling-based fault injection attack on intel sgx. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 2020, 40, 1130–1143. [Google Scholar] [CrossRef]
- Gao, J.; Xu, Y.; Jiang, Y.; Liu, Z.; Chang, W.; Jiao, X.; Sun, J. Em-fuzz: Augmented firmware fuzzing via memory checking. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 2020, 39, 3420–3432. [Google Scholar] [CrossRef]
- Melotti, D.; Rossi-Bellom, M.; Continella, A. Reversing and fuzzing the google titan m chip. In Proceedings of the Reversing and Offensive-Oriented Trends Symposium, Vienna, Austria, 28–29 November 2021; pp. 1–10. [Google Scholar]
- Cheng, J.; Liu, W.; Sun, N.; Peng, Z.; Sun, C.; Wang, C.; Bi, Y.; Wen, Y.; Zhang, H.; Zhang, P.; et al. A machine learning low-dropout regulator-assisted differential power analysis attack countermeasure with voltage scaling. Int. J. Circuit Theory Appl. 2023. [CrossRef]
- Aminuddin, A. Android Assets Protection Using RSA and AES Cryptography to Prevent App Piracy. In Proceedings of the 2020 3rd International Conference on Information and Communications Technology (ICOIACT), Yogyakarta, Indonesia, 24–25 November 2020; pp. 461–465. [Google Scholar]
- Banik, S.; Bogdanov, A.; Isobe, T.; Shibutani, K.; Hiwatari, H.; Akishita, T.; Regazzoni, F. Midori: A block cipher for low energy. In Proceedings of the Advances in Cryptology–ASIACRYPT 2015: 21st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, 29 November–3 December 2015; Part II 21. Springer: Berlin/Heidelberg, Germany, 2015; pp. 411–436. [Google Scholar]
- Fahrianto, F.; Nurhayati; Kastari. End-To-End Encryption on the Instant Messaging Application Based Android using AES Cryptography Algorithm to a Text Message. In Proceedings of the 2022 10th International Conference on Cyber and IT Service Management (CITSM), Yogyakarta, Indonesia, 20–21 September 2022; pp. 1–6. [Google Scholar]
- Li, H.; Shen, L.; Wang, Y.; Feng, J.; Tan, H.; Li, Z. Risk measurement method of collusion privilege escalation attacks for android apps based on feature weight and behavior determination. Secur. Commun. Netw. 2021, 2021. [Google Scholar] [CrossRef]
- Bhandari, S.; Laxmi, V.; Zemmari, A.; Gaur, M.S. Intersection automata based model for android application collusion. In Proceedings of the 2016 IEEE 30th International Conference on Advanced Information Networking and Applications (AINA), Crans-Montana, Switzerland, 23–25 March 2016; pp. 901–908. [Google Scholar]
- Bhandari, S.; Jaballah, W.B.; Jain, V.; Laxmi, V.; Zemmari, A.; Gaur, M.S.; Mosbah, M.; Conti, M. Android inter-app communication threats and detection techniques. Comput. Secur. 2017, 70, 392–421. [Google Scholar] [CrossRef] [Green Version]
- Liu, F.; Cai, H.; Wang, G.; Yao, D.; Elish, K.O.; Ryder, B.G. MR-Droid: A scalable and prioritized analysis of inter-app communication risks. In Proceedings of the 2017 IEEE Security and Privacy Workshops (SPW), San Jose, CA, USA, 25 May 2017; pp. 189–198. [Google Scholar]
- Elish, K.O.; Cai, H.; Barton, D.; Yao, D.; Ryder, B.G. Identifying mobile inter-app communication risks. IEEE Trans. Mob. Comput. 2018, 19, 90–102. [Google Scholar] [CrossRef]
- Casolare, R.; Di Giacomo, U.; Martinelli, F.; Mercaldo, F.; Santone, A. Android Collusion Detection by means of Audio Signal Analysis with Machine Learning techniques. Procedia Comput. Sci. 2021, 192, 2340–2346. [Google Scholar] [CrossRef]
- Lee, Y.K.; Bang, J.Y.; Safi, G.; Shahbazian, A.; Zhao, Y.; Medvidovic, N. A sealant for inter-app security holes in android. In Proceedings of the 2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE), Buenos Aires, Argentina, 20–28 May 2017; pp. 312–323. [Google Scholar]
- Stang, J.; Dmitrienko, A.; Roth, S. RIP StrandHogg: A practical StrandHogg attack detection method on Android. In Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, New York, NY, USA, 28 June–2 July 2021; pp. 216–226. [Google Scholar]
- Escobar, F.S.; da Silva, A.S.; Vergara, L.O.C. Nova Vulnerabilidade DO Android. Semin. Technol. Manag. Educ. 2020, 2. [Google Scholar]
- Eliassen, K.O. Strandens topologier. K&K-Kultur Klasse 2020, 48, 177–208. [Google Scholar]
- Sun, P.; Chen, S.; Fan, L.; Gao, P.; Song, F.; Yang, M. VenomAttack: Automated and Adaptive Activity Hijacking in Android.
- Kasagiannis, G. Security Evaluation of Android Keystore. Master’s Thesis, University of Piraeus, Pireas, Greece, 2018. [Google Scholar]
- Focardi, R.; Palmarini, F.; Squarcina, M.; Steel, G.; Tempesta, M. Mind Your Keys? A Security Evaluation of Java Keystores. In Proceedings of the NDSS, San Diego, CA, USA, 18–21 February 2018. [Google Scholar]
- Sabt, M.; Traoré, J. Breaking into the keystore: A practical forgery attack against Android keystore. In Proceedings of the European Symposium on Research in Computer Security; Springer: Berlin/Heidelberg, Germany, 2016; pp. 531–548. [Google Scholar]
- Chalhoub, M.; Khazzaka, A.; Sarkis, R.; Sleiman, Z. The role of smartphone game applications in improving laparoscopic skills. Adv. Med Educ. Pract. 2018, 541–547. [Google Scholar] [CrossRef] [PubMed] [Green Version]
- Chehab, M.; Mourad, A. Towards a lightweight policy-based privacy enforcing approach for IoT. In Proceedings of the 2018 International Conference on Computational Science and Computational Intelligence (CSCI), Las Vegas, NV, USA, 12–14 December 2018; pp. 984–989. [Google Scholar]
- Bugiel, S.; Davi, L.; Dmitrienko, A.; Fischer, T.; Sadeghi, A.R.; Shastry, B. Towards Taming Privilege-Escalation Attacks on Android. Proc. NDSS Citeseer 2012, 17, 19. [Google Scholar]
- Costamagna, V.; Zheng, C.; Huang, H. Identifying and evading android sandbox through usage-profile based fingerprints. In Proceedings of the First Workshop on Radical and Experiential Security, New York, NY, USA, 4 June 2018; pp. 17–23. [Google Scholar]
- Crosta, P.; Serruys, H.; Watterton, T.; Galluzzo, G.; Lucas, R. Authentication of GNSS orbital and clock parameters at android application layer. In Proceedings of the 32nd International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2019), Miami, FL, USA, 16–20 September 2019; pp. 290–298. [Google Scholar]
- Zhang, W.; Su, N.; Niu, S.; Li, H.; Huang, R. A Novel Hotfix Scheme for System Vulnerability Based on the Android Application Layer. Chin. J. Electron. 2019, 28, 408–415. [Google Scholar] [CrossRef]
- Wang, W.; Fida, M.H.; Lian, Z.; Yin, Z.; Pham, Q.V.; Gadekallu, T.R.; Dev, K.; Su, C. Secure-enhanced federated learning for ai-empowered electric vehicle energy prediction. IEEE Consum. Electron. Mag. 2021. [Google Scholar] [CrossRef]
- Shen, L.; Li, H.; Wang, H.; Wang, Y. Multifeature-based behavior of privilege escalation attack detection method for android applications. Mob. Inf. Syst. 2020, 2020. [Google Scholar] [CrossRef]
- Xiang, X.; Zhang, R.; Wen, H.; Gong, X.; Liu, B. Ghost in the Binder: Binder Transaction Redirection Attacks in Android System Services. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, New York, NY, USA, 15–19 November 2021; pp. 1581–1597. [Google Scholar]
- Ma, H.; Li, S.; Gao, D.; Wu, D.; Jia, Q.; Jia, C. Active warden attack: On the (in) effectiveness of Android app repackage-proofing. IEEE Trans. Dependable Secur. Comput. 2021. [Google Scholar] [CrossRef]
- Sun, X.; Han, J.; Dai, H.; Li, Q. An active android application repacking detection approach. In Proceedings of the 2018 10th International Conference on Communication Software and Networks (ICCSN), Chengdu, China, 6–9 July 2018; pp. 493–496. [Google Scholar]
- Shaik, A.; Borgaonkar, R.; Park, S.; Seifert, J.P. New vulnerabilities in 4G and 5G cellular access network protocols: Exposing device capabilities. In Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks, Miami, FL, USA, 15–17 May 2019; pp. 221–231. [Google Scholar]
- Zeqiri, R.; Idrizi, F.; Halimi, H. Comparison of Algorithms and Technologies 2G, 3G, 4G and 5G. In Proceedings of the 2019 3rd International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT), Ankara, Turkey, 11–13 October 2019; pp. 1–4. [Google Scholar]
- Fang, K.; Yan, G. Paging storm attacks against 4G/LTE networks from regional Android botnets: Rationale, practicality, and implications. In Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, New York, NY, USA, 8–10 July 2020; pp. 295–305. [Google Scholar]
- Qasmi, W.N.A. Cellular Networks under Signalling Attacks. Ph.D. Thesis, Lahore University of Management Sciences, Punjab, Pakistan, 2019. [Google Scholar]
- Shaikhanov, Z.; Hassan, F.; Guerboukha, H.; Mittleman, D.; Knightly, E. Metasurface-in-the-middle attack: From theory to experiment. In Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks, New York, NY, USA, 16–19 May 2022; pp. 257–267. [Google Scholar]
- Ankita, A.; Rani, S. Machine Learning and Deep Learning for Malware and Ransomware Attacks in 6G Network. In Proceedings of the 2021 Fourth International Conference on Computational Intelligence and Communication Technologies (CCICT), Sonepat, India, 3 July 2021; pp. 39–44. [Google Scholar]
- Mone, G. The quantum threat. Commun. ACM 2020, 63, 12–14. [Google Scholar] [CrossRef]
- Niraula, T.; Pokharel, A.; Phuyal, A.; Palikhel, P.; Pokharel, M. Quantum computers’ threat on current cryptographic measures and possible solutions. Int. J. Wirel. Microw. Technol. 2022, 12, 10–20. [Google Scholar] [CrossRef]
- Kaddoura, S.; Haraty, R.A.; Al Kontar, K.; Alfandi, O. A parallelized database damage assessment approach after cyberattack for healthcare systems. Future Internet 2021, 13, 90. [Google Scholar] [CrossRef]
- Abbas, N.; Nasser, Y.; Shehab, M.; Sharafeddine, S. Attack-specific feature selection for anomaly detection in software-defined networks. In Proceedings of the 2021 3rd IEEE Middle East and North Africa COMMunications Conference (MENACOMM), Agadir, Morocco, 3–5 December 2021; pp. 142–146. [Google Scholar]
- Borkar, T.; Heide, F.; Karam, L. Defending against universal attacks through selective feature regeneration. In Proceedings of the IEEE/CVF conference on computer vision and pattern recognition, Seattle, WA, USA, 13–19 June 2020; pp. 709–719. [Google Scholar]
- Xu, G.; Mao, J.; Sakk, E.; Wang, S.P. An Overview of Quantum-Safe Approaches: Quantum Key Distribution and Post-Quantum Cryptography. In Proceedings of the 2023 57th Annual Conference on Information Sciences and Systems (CISS), Hopkins, MN, USA, 23–24 March 2023; pp. 1–6. [Google Scholar]
- Joseph, D.; Misoczki, R.; Manzano, M.; Tricot, J.; Pinuaga, F.D.; Lacombe, O.; Leichenauer, S.; Hidary, J.; Venables, P.; Hansen, R. Transitioning organizations to post-quantum cryptography. Nature 2022, 605, 237–243. [Google Scholar] [CrossRef]
- Sharma, R.M.; Agrawal, C.; Kumar, V.; Mulatu, A.N. CFSBFDroid: Android Malware Detection Using CFS+ Best First Search-Based Feature Selection. Mob. Inf. Syst. 2022, 2022. [Google Scholar] [CrossRef]
- Ou, F.; Xu, J. S3Feature: A static sensitive subgraph-based feature for android malware detection. Comput. Secur. 2022, 112, 102513. [Google Scholar] [CrossRef]
- Sasidharan, S.K.; Thomas, C. ProDroid—An Android malware detection framework based on profile hidden Markov model. Pervasive Mob. Comput. 2021, 72, 101336. [Google Scholar] [CrossRef]
- Alzaylaee, M.K.; Yerima, S.Y.; Sezer, S. DL-Droid: Deep learning based android malware detection using real devices. Comput. Secur. 2020, 89, 101663. [Google Scholar] [CrossRef]
- Lee, W.Y.; Saxe, J.; Harang, R. SeqDroid: Obfuscated Android malware detection using stacked convolutional and recurrent neural networks. In Deep Learning Applications for Cyber Security; Springer: Berlin/Heidelberg, Germany, 2019; pp. 197–210. [Google Scholar]
- Xu, K.; Li, Y.; Deng, R.; Chen, K.; Xu, J. Droidevolver: Self-evolving android malware detection system. In Proceedings of the 2019 IEEE European Symposium on Security and Privacy (EuroS&P), Stockholm, Sweden, 17–19 June 2019; pp. 47–62. [Google Scholar]
- Riad, K.; Ke, L. RoughDroid: Operative scheme for functional android malware detection. Secur. Commun. Netw. 2018, 2018. [Google Scholar] [CrossRef] [Green Version]
- Karbab, E.B.; Debbabi, M.; Derhab, A.; Mouheb, D. MalDozer: Automatic framework for android malware detection using deep learning. Digit. Investig. 2018, 24, S48–S59. [Google Scholar] [CrossRef]
- Hou, S.; Ye, Y.; Song, Y.; Abdulhayoglu, M. Hindroid: An intelligent android malware detection system based on structured heterogeneous information network. In Proceedings of the 23rd ACM SIGKDD international conference on knowledge discovery and data mining, New York, NY, USA, 13–17 August 2017; pp. 1507–1515. [Google Scholar]
- Alzaylaee, M.K.; Yerima, S.Y.; Sezer, S. DynaLog: An automated dynamic analysis framework for characterizing android applications. In Proceedings of the 2016 International Conference on Cyber Security Furthermore, Protection of Digital Services (Cyber Security), London, UK, 13–14 June 2016; pp. 1–8. [Google Scholar]
- Xu, K.; Li, Y.; Deng, R.H. Iccdetector: Icc-based malware detection on android. IEEE Trans. Inf. Forensics Secur. 2016, 11, 1252–1264. [Google Scholar] [CrossRef]
- Talha, K.A.; Alper, D.I.; Aydin, C. APK Auditor: Permission-based Android malware detection system. Digit. Investig. 2015, 13, 1–14. [Google Scholar] [CrossRef]
- Arzt, S.; Rasthofer, S.; Fritz, C.; Bodden, E.; Bartel, A.; Klein, J.; Le Traon, Y.; Octeau, D.; McDaniel, P. Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. ACM Sigplan Not. 2014, 49, 259–269. [Google Scholar] [CrossRef]
- Zhang, Y.; Yang, M.; Xu, B.; Yang, Z.; Gu, G.; Ning, P.; Wang, X.S.; Zang, B. Vetting undesirable behaviors in android apps with permission use analysis. In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, Berlin, Germany, 4–8 November 2013; pp. 611–622. [Google Scholar]
- Wu, D.J.; Mao, C.H.; Wei, T.E.; Lee, H.M.; Wu, K.P. Droidmat: Android malware detection through manifest and api calls tracing. In Proceedings of the 2012 Seventh Asia joint conference on information security, Tokyo, Japan, 9–10 August 2012; pp. 62–69. [Google Scholar]
- Iland, D.; Pucher, A.; Schauble, T. Detecting android malware on network level. Univ. Calif. Santa Barbar. 2011, 12. [Google Scholar]
- Shabtai, A.; Fledel, Y.; Kanonov, U.; Elovici, Y.; Dolev, S. Google android: A state-of-the-art review of security mechanisms. arXiv 2009, arXiv:0912.5101. [Google Scholar]
- Chess, B.; McGraw, G. Static analysis for security. IEEE Secur. Priv. 2004, 2, 76–79. [Google Scholar] [CrossRef]
- Landi, W. Undecidability of static analysis. ACM Lett. Program. Lang. Syst. 1992, 1, 323–337. [Google Scholar] [CrossRef]
- Li, L.; Bissyandé, T.F.; Papadakis, M.; Rasthofer, S.; Bartel, A.; Octeau, D.; Klein, J.; Traon, L. Static analysis of android apps: A systematic literature review. Inf. Softw. Technol. 2017, 88, 67–95. [Google Scholar] [CrossRef] [Green Version]
- Ball, T. The concept of dynamic analysis. In Proceedings of the Software Engineering—ESEC/FSE’99, Toulouse, France, 6–10 September 1999; Springer: Berlin/Heidelberg, Germany, 1999; pp. 216–234. [Google Scholar]
- Vamvatsikos, D.; Cornell, C.A. Incremental dynamic analysis. Earthq. Eng. Struct. Dyn. 2002, 31, 491–514. [Google Scholar] [CrossRef]
- Wong, M.Y.; Lie, D. Intellidroid: A targeted input generator for the dynamic analysis of android malware. Proc. NDSS 2016, 16, 21–24. [Google Scholar]
- Cintas-Canto, A.; Mozaffari-Kermani, M.; Azarderakhsh, R.; Gaj, K. CRC-oriented error detection architectures of post-quantum cryptography niederreiter key generator on FPGA. In Proceedings of the 2022 IEEE Nordic Circuits and Systems Conference (NorCAS), Oslo, Norway, 25–26 October 2022; pp. 1–7. [Google Scholar]
- Mozaffari-Kermani, M.; Azarderakhsh, R.; Aghaie, A. Fault detection architectures for post-quantum cryptographic stateless hash-based secure signatures benchmarked on ASIC. ACM Trans. Embed. Comput. Syst. 2016, 16, 1–19. [Google Scholar] [CrossRef]
- Canto, A.C.; Kermani, M.M.; Azarderakhsh, R. Reliable constructions for the key generator of code-based post-quantum cryptosystems on FPGA. ACM J. Emerg. Technol. Comput. Syst. 2022, 19, 1–20. [Google Scholar] [CrossRef]
- Anastasova, M.; Azarderakhsh, R.; Kermani, M.M.; Beshaj, L. Time-Efficient Finite Field Microarchitecture Design for Curve448 and Ed448 on Cortex-M4. In Proceedings of the Information Security and Cryptology–ICISC 2022: 25th International Conference, ICISC 2022, Seoul, Republic of Korea, 30 November–2 December 2022; Revised Selected Papers. Springer: Berlin/Heidelberg, Germany, 2023; pp. 292–314. [Google Scholar]
- Anastasova, M.; Bisheh-Niasar, M.; Seo, H.; Azarderakhsh, R.; Kermani, M.M. Efficient and Side-Channel Resistant Design of High-Security Ed448 on ARM Cortex-M4. In Proceedings of the 2022 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), McLean, VA, USA, 27–30 June 2022; pp. 93–96. [Google Scholar]
- Bisheh Niasar, M.; Azarderakhsh, R.; Kermani, M.M. Efficient hardware implementations for elliptic curve cryptography over Curve448. In Proceedings of the Progress in Cryptology–INDOCRYPT 2020: 21st International Conference on Cryptology in India, Bangalore, India, 13–16 December 2020; Proceedings 21. Springer: Berlin/Heidelberg, Germany, 2020; pp. 228–247. [Google Scholar]
- Bruno, G.; Batina, L.; Bosma, W. Crypto Security Optimizations; Radboud University Nijmegen: Nijmegen, The Netherlands, 2021. [Google Scholar]
- Anastasova, M.; Bisheh-Niasar, M.; Azarderakhsh, R.; Kermani, M.M. Compressed SIKE Round 3 on ARM Cortex-M4. In Proceedings of the Security and Privacy in Communication Networks: 17th EAI International Conference, SecureComm 2021, Virtual Event, 6–9 September 2021; Proceedings, Part II 17. Springer: Berlin/Heidelberg, Germany, 2021; pp. 441–457. [Google Scholar]
- Anastasova, M.; Azarderakhsh, R.; Kermani, M.M. Fast strategies for the implementation of SIKE round 3 on ARM Cortex-M4. IEEE Trans. Circuits Syst. Regul. Pap. 2021, 68, 4129–4141. [Google Scholar] [CrossRef]
- Elkhatib, R.; Koziel, B.; Azarderakhsh, R. Faster Isogenies for Post-quantum Cryptography: SIKE. In Proceedings of the Topics in Cryptology–CT-RSA 2022: Cryptographers’ Track at the RSA Conference 2022, Virtual Event, 1–2 March 2022; Springer: Berlin/Heidelberg, Germany, 2022; pp. 49–72. [Google Scholar]
- Sanal, P.; Karagoz, E.; Seo, H.; Azarderakhsh, R.; Mozaffari-Kermani, M. Kyber on ARM64: Compact implementations of Kyber on 64-bit ARM Cortex-A processors. In Proceedings of the Security and Privacy in Communication Networks: 17th EAI International Conference, SecureComm 2021, Virtual Event, 6–9 September 2021; Part II. Springer: Berlin/Heidelberg, Germany, 2021; pp. 424–440. [Google Scholar]
- Kwon, H.; Kim, H.; Sim, M.; Lee, W.K.; Seo, H. Look-up the Rainbow: Efficient Table-based Parallel Implementation of Rainbow Signature on 64-bit ARMv8 Processors. Cryptol. Eprint Arch. 2021. [Google Scholar]
- Bisheh-Niasar, M.; Azarderakhsh, R.; Mozaffari-Kermani, M. Cryptographic accelerators for digital signature based on Ed25519. IEEE Trans. Very Large Scale Integr. (Vlsi) Syst. 2021, 29, 1297–1305. [Google Scholar] [CrossRef]
- Hoang, T.T.; Duran, C.; Serrano, R.; Sarmiento, M.; Nguyen, K.D.; Tsukamoto, A.; Suzaki, K.; Pham, C.K. Trusted execution environment hardware by isolated heterogeneous architecture for key scheduling. IEEE Access 2022, 10, 46014–46027. [Google Scholar] [CrossRef]
- Malina, L.; Cibik, P.; Jedlicka, P.; Smekal, D.; Ricci, S.; Hrabovsky, J. Hardware-based Cryptographic Accelerator for Post Quantum Era. In Proceedings of the 2021 13th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT), Brno, Czech Republic, 25–27 October 2021; pp. 149–155. [Google Scholar]
- Bauer, S.; Rass, S.; Schartner, P. Generic parity-based concurrent error detection for lightweight ARX ciphers. IEEE Access 2020, 8, 142016–142025. [Google Scholar] [CrossRef]
- Mozaffari-Kermani, M.; Azarderakhsh, R.; Aghaie, A. Reliable and error detection architectures of Pomaranch for false-alarm-sensitive cryptographic applications. IEEE Trans. Very Large Scale Integr. Syst. 2015, 23, 2804–2812. [Google Scholar] [CrossRef]
- Gowri, B.; Dhanyasri, J. An FPGA Implementation of Fault Diagnosis Architecture of S-Box For Cryptographic Application. Int. J. Multidiscip. Res. 2018, 3, 2395–7964. [Google Scholar]
- Mozaffari-Kermani, M.; Reyhani-Masoleh, A. Reliable hardware architectures for the third-round SHA-3 finalist Grostl benchmarked on FPGA platform. In Proceedings of the 2011 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems, Washington, DC, USA, 3–5 October 2011; pp. 325–331. [Google Scholar]
- Fischer, W.; Reuter, C.A. Differential fault analysis on Grøstl. In Proceedings of the 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography, Leuven, Belgium, 9 September 2012; pp. 44–54. [Google Scholar]
- Aghaie, A.; Kermani, M.M.; Azarderakhsh, R. Fault diagnosis schemes for low-energy block cipher Midori benchmarked on FPGA. IEEE Trans. Very Large Scale Integr. Syst. 2016, 25, 1528–1536. [Google Scholar] [CrossRef]
- Zhang, W.; Bao, Z.; Lin, D.; Rijmen, V.; Yang, B.; Verbauwhede, I. RECTANGLE: A bit-slice lightweight block cipher suitable for multiple platforms. Cryptol. Eprint Arch. 2014. [Google Scholar] [CrossRef]
- Wei, L.; Liu, Y.; Cheung, S.C. Taming android fragmentation: Characterizing and detecting compatibility issues for android apps. In Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, Singapore, 3–7 September 2016; pp. 226–237. [Google Scholar]
- Farhang, S.; Laszka, A.; Grossklags, J. An economic study of the effect of android platform fragmentation on security updates. In Proceedings of the Financial Cryptography and Data Security: 22nd International Conference, FC 2018, Nieuwpoort, Curaçao, 26 February–2 March 2018; Revised Selected Papers 22. Springer: Berlin/Heidelberg, Germany, 2018; pp. 119–137. [Google Scholar]
- Nguyen-Vu, L.; Ahn, J.; Jung, S. Android fragmentation in malware detection. Comput. Secur. 2019, 87, 101573. [Google Scholar] [CrossRef]
- Park, J.H.; Park, Y.B.; Ham, H.K. Fragmentation problem in Android. In Proceedings of the 2013 International Conference on Information Science and Applications (ICISA), Pattaya, Thailand, 24–26 June 2013; pp. 1–2. [Google Scholar]
- He, Y.; Yang, X.; Hu, B.; Wang, W. Dynamic privacy leakage analysis of Android third-party libraries. J. Inf. Secur. Appl. 2019, 46, 259–270. [Google Scholar] [CrossRef]
- Zhan, X.; Fan, L.; Chen, S.; We, F.; Liu, T.; Luo, X.; Liu, Y. Atvhunter: Reliable version detection of third-party libraries for vulnerability identification in android applications. In Proceedings of the 2021 IEEE/ACM 43rd International Conference on Software Engineering (ICSE), Madrid, Spain, 22–30 May 2021; pp. 1695–1707. [Google Scholar]
- Ma, Z.; Wang, H.; Guo, Y.; Chen, X. Libradar: Fast and accurate detection of third-party libraries in android apps. In Proceedings of the 38th International Conference on Software Engineering Companion, Austin, TX, USA, 14–22 May 2016; pp. 653–656. [Google Scholar]
- Zhang, L.; Liu, C.; Xu, Z.; Chen, S.; Fan, L.; Zhao, L.; Wu, J.; Liu, Y. Compatible Remediation on Vulnerabilities from Third-Party Libraries for Java Projects. arXiv 2023, arXiv:2301.08434. [Google Scholar]
- Chehab, M.; Mourad, A. Lp-sba-xacml: Lightweight semantics based scheme enabling intelligent behavior-aware privacy for iot. IEEE Trans. Dependable Secur. Comput. 2020, 19, 161–175. [Google Scholar] [CrossRef]
- Liu, X.; Liu, J.; Zhu, S.; Wang, W.; Zhang, X. Privacy risk analysis and mitigation of analytics libraries in the android ecosystem. IEEE Trans. Mob. Comput. 2019, 19, 1184–1199. [Google Scholar] [CrossRef] [Green Version]
- Rehman, A.; Razzak, I.; Xu, G. Federated learning for privacy preservation of healthcare data from smartphone-based side-channel attacks. IEEE J. Biomed. Health Inform. 2022. [Google Scholar] [CrossRef]
- AbdulRahman, S.; Tout, H.; Mourad, A.; Talhi, C. FedMCCS: Multicriteria client selection model for optimal IoT federated learning. IEEE Internet Things J. 2020, 8, 4723–4735. [Google Scholar] [CrossRef]
- Rahman, S.A.; Tout, H.; Talhi, C.; Mourad, A. Internet of things intrusion detection: Centralized, on-device, or federated learning? IEEE Netw. 2020, 34, 310–317. [Google Scholar] [CrossRef]
- AbdulRahman, S.; Tout, H.; Ould-Slimane, H.; Mourad, A.; Talhi, C.; Guizani, M. A survey on federated learning: The journey from centralized to distributed on-site learning and beyond. IEEE Internet Things J. 2020, 8, 5476–5497. [Google Scholar] [CrossRef]
- Wahab, O.A.; Mourad, A.; Otrok, H.; Taleb, T. Federated machine learning: Survey, multi-level classification, desirable criteria and future directions in communication and networking systems. IEEE Commun. Surv. Tutor. 2021, 23, 1342–1397. [Google Scholar] [CrossRef]
- Qu, Z.; Alam, S.; Chen, Y.; Zhou, X.; Hong, W.; Riley, R. DyDroid: Measuring dynamic code loading and its security implications in Android applications. In Proceedings of the 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Denver, CO, USA, 26–29 June 2017; pp. 415–426. [Google Scholar]
- Shaikh, S.; Rupa, C.; Srivastava, G.; Gadekallu, T.R. Botnet Attack Intrusion Detection In IoT Enabled Automated Guided Vehicles. In Proceedings of the 2022 IEEE International Conference on Big Data (Big Data), Osaka, Japan, 17–20 December 2022; pp. 6332–6336. [Google Scholar]
- Gookyi, N.; Agyemanh, D.; Kanda, G.; Ryoo, K. NIST Lightweight Cryptography Standardization Process: Classification of Second Round Candidates, Open Challenges, and Recommendations. J. Inf. Process. Syst. 2021, 17. [Google Scholar]
- Altınay, Ö.; Örs, B. Instruction extension of RV32I and GCC back end for Ascon lightweight cryptography algorithm. In Proceedings of the 2021 IEEE International Conference on Omni-Layer Intelligent Systems (COINS), Barcelona, Spain, 23–26 August 2021; pp. 1–6. [Google Scholar]
Authors | Year | Security Posture | Vulnerabilities | APTs | Side-Channel Attacks | Sensor-Based Attacks | Biometric Threats | Play Store Threats | Threat Defense | Malware Detection | Open Challenges |
---|---|---|---|---|---|---|---|---|---|---|---|
Frank et al. [38] | 2009 | ✓ | × | × | × | × | × | × | × | × | ✓ |
Alan et al. [37] | 2010 | × | ✓ | × | × | × | × | × | × | ✓ | ✓ |
Michael et al. [36] | 2011 | ✓ | ✓ | × | × | × | × | × | ✓ | × | ✓ |
Mariantonietta et al. [35] | 2012 | × | ✓ | × | × | × | × | × | ✓ | ✓ | × |
Yang et al. [34] | 2013 | × | ✓ | × | × | × | × | × | × | ✓ | ✓ |
Parvez et al. [33] | 2014 | × | ✓ | × | × | × | × | × | ✓ | ✓ | ✓ |
Darell et al. [32] | 2015 | ✓ | ✓ | × | × | × | × | × | ✓ | ✓ | × |
Meng et al. [31] | 2016 | ✓ | ✓ | × | × | × | × | × | × | ✓ | × |
Jalal et al. [30] | 2017 | ✓ | ✓ | × | × | × | × | × | ✓ | × | × |
Dini et al. [29] | 2018 | ✓ | × | × | × | × | × | × | ✓ | × | × |
Kumar et al. [28] | 2019 | × | × | × | ✓ | ✓ | × | × | ✓ | ✓ | × |
Haowei et al. [27] | 2020 | × | × | × | ✓ | ✓ | ✓ | × | × | × | × |
Cheng et al. [26] | 2021 | × | ✓ | × | ✓ | ✓ | × | × | × | × | ✓ |
Muhammad et al. [25] | 2021 | ✓ | ✓ | × | × | × | × | × | ✓ | ✓ | ✓ |
Wang et al. [24] | 2021 | × | ✓ | × | × | × | × | × | ✓ | × | × |
Michael et al. [23] | 2022 | ✓ | × | × | × | × | × | ✓ | ✓ | ✓ | ✓ |
Meijin et al. [21] | 2022 | ✓ | × | × | × | × | × | × | ✓ | ✓ | × |
Acharya et al. [11] | 2022 | ✓ | ✓ | × | × | × | × | × | ✓ | ✓ | × |
Wang et al. [20] | 2023 | × | × | ✓ | × | × | × | × | ✓ | ✓ | ✓ |
This Paper | 2023 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
No. | Family Name | Number of Applications | Overall Percentage (%) |
---|---|---|---|
1 | Airpush | 1574 | 23.8 |
2 | Plankton | 722 | 10.9 |
3 | Adwo | 593 | 9.0 |
4 | Kuguo | 492 | 7.4 |
5 | Leadbolt | 298 | 4.5 |
6 | Dowgin | 261 | 3.9 |
7 | Fakeinst | 214 | 3.2 |
8 | Gingermaster | 194 | 2.9 |
9 | Wapsx | 192 | 2.9 |
10 | Waps | 187 | 2.8 |
11 | Youmi | 110 | 1.7 |
12 | Smsreg | 95 | 1.4 |
13 | Utchi | 84 | 1.3 |
14 | Lotoor | 80 | 1.2 |
15 | Smssend | 71 | 1.1 |
16 | .Admogo | 65 | 1.0 |
17 | Agent | 62 | 0.9 |
18 | Smsspy | 59 | 0.9 |
19 | Boqx | 57 | 0.9 |
20 | Wooboo | 54 | 0.8 |
21 | Mseg | 36 | 0.5 |
22 | Droidkungfu | 28 | 0.4 |
23 | Mobwin | 27 | 0.4 |
24 | Immodiads | 26 | 0.4 |
25 | Nandrobox | 25 | 0.4 |
26 | Smspay | 25 | 0.4 |
27 | Mulad | 23 | 0.3 |
28 | Opfake | 23 | 0.3 |
29 | Ginmaster | 22 | 0.3 |
30 | Andup | 20 | 0.3 |
31 | Adload | 20 | 0.3 |
32 | F47v1119 | 20 | 0.3 |
33 | Umeng | 19 | 0.3 |
34 | Domonn | 19 | 0.3 |
35 | Kyview | 18 | 0.3 |
36 | Viser | 18 | 0.3 |
37 | Mobclick | 16 | 0.2 |
38 | EEE | 16 | 0.2 |
39 | Ksapp | 15 | 0.2 |
40 | Revmob | 14 | 0.2 |
41 | Droidtrooter | 14 | 0.2 |
42 | Smskey | 12 | 0.2 |
43 | Umpay | 10 | 0.2 |
44 | Bankun | 9 | 0.1 |
45 | Goldentouch | 8 | 0.1 |
46 | Adswo | 7 | 0.1 |
47 | Chuli | 6 | 0.1 |
48 | Hacktool | 5 | 0.1 |
49 | Telman | 4 | 0.1 |
50 | Ddlight | 3 | 0.0 |
Family | % | Group | Severity |
---|---|---|---|
INTERNET | 98.8 | Network | Dangerous |
ACCESS_NETWORK_STATE | 94.4 | Network | Normal |
READ_PHONE_STATE | 82.7 | Phone_Call | Dangerous |
WRITE_EXTERNAL_STORAGE | 70.4 | Storage | Dangerous |
ACCESS_COARSE_LOCATION | 56.2 | Location | Dangerous |
ACCESS_WIFI_STATE | 54.9 | Network | Normal |
ACCESS_FINE_LOCATION | 53.7 | Location | Dangerous |
GET_ACCOUNTS | 29.0 | Accounts | Normal |
C2D_MESSAGE | 24.7 | None | Signature |
RECEIVE_BOOT_COMPLETED | 24.7 | App_Info | Normal |
SYSTEM_ALERT_WINDOW | 17.3 | Display | Dangerous |
READ_EXTERNAL_STORAGE | 14.8 | Storage | Normal |
CALL_PHONE | 14.2 | Phone_Calls | Dangerous |
CAMERA | 13.0 | Camera | Dangerous |
RECORD_AUDIO | 12.3 | Microphone | Dangerous |
READ_HISTORY_BOOKMARKS | 11.7 | Bookmarks | Dangerous |
SEND_SMS | 11.7 | Messages | Dangerous |
READ_LOGS | 6.8 | Tools | Signature |
READ_CONTACTS | 4.9 | Social_Info | Dangerous |
UNINSTALL_SHORTCUT | 3.7 | System_Tools | Dangerous |
RECEIVE_SMS | 2.5 | Messages | Dangerous |
WRITE_CONTACTS | 2.5 | Social_Info | Dangerous |
MANAGE_ACCOUNTS | 2.5 | Accounts | Dangerous |
READ_SMS | 2.5 | Messages | Dangerous |
WRITE_SMS | 1.9 | Messages | Dangerous |
USE_CREDENTIALS | 1.9 | Accounts | Dangerous |
PROCESS_OUTGOING_CALLS | 1.9 | Phone_Calls | Dangerous |
MODIFY_PHONE_STATE | 1.2 | Phone_Calls | Signature |
ACCESS_SUPERUSER | 0.6 | None | Dangerous |
DOWNLOAD_WITHOUT_NOTI | 0.6 | None | Dangerous |
WRITE_CALL_LOG | 0.6 | Social_Info | Dangerous |
ACCESS_DOWNLOAD_MANAGER | 0.6 | None | Normal |
DELETE_PACKAGES | 0.6 | None | Signature |
RECORD_VIDEO | 0.6 | None | Dangerous |
READ_CALL_LOG | 0.6 | Social_Info | Dangerous |
DELETE_CACHE_FILES | 0.6 | None | Signature |
CHECK_LICENSE | 0.6 | None | Normal |
Name | Type | Year | Methodology | Discussion | Dataset | Open Source |
---|---|---|---|---|---|---|
CFSBFDroid [204] | Static analysis | 2022 | Performs detection using CFS and best first search on permissions and API calls | Groups up to seven algorithms (REPTree, RF, SMO, SGD, Rule PART, RF, and LMT) | Public dataset | No |
S3Feature [205] | Static analysis | 2022 | This is a subgraph-based feature selection technique that uses a sensitive function call graph) | Can be an extension of existing malware detection tools and shows effective validation | Public dataset | No |
ProDroid [206] | Static analysis | 2021 | Uses signatures, services, broadcasts, and API calls for detection | Cannot detect obfuscation and repackaged malware | Public dataset | No |
DL-Droid [207] | Dynamic analysis | 2020 | Uses enhanced input generation and deep learning during sandbox analysis | Has a lack of diversity in the dataset that leads to poor validation and detection | 30,000 apps | GitHub |
SeqDroid [208] | Dynamic analysis | 2019 | Uses stacked convolutional and recurrent neural networks to detect obfuscated malware | Unable to detect APTs, dynamic code loading, and side-channel attacks | 2,888,620 VirusTotal | No |
DroidEvolver [209] | Static analysis | 2019 | Detection is based on API calls, runtime permissions, and signatures | Has limited feature set and lack of diversity in the dataset that leads to poor results | 68,016 open source | GitHub |
RoughDroid [210] | Dynamic analysis | 2018 | Uses a set of permissions, API calls, services, and intents | Unable to counter contemporary threats and side-channel attacks | Deribit dataset | No |
MalDozer [211] | Dynamic analysis | 2018 | Uses deep learning algorithms on API calls and services | Lower accuracy due to the diversity of the dataset used for training and testing | 71,000, Drebin, Virusshare | No |
HinDroid [212] | Static analysis | 2017 | Uses a heterogeneous information network (HIN) on permission, intents, and API calls | Unable to detect APTs and side-channel attacks | 32,334 | No |
DynaLog [213] | Dynamic analysis | 2016 | Classifies Android applications based on API calls and services executions | Lack of real-time data, and limited feature sets are deceivable | 1940 open source APK | Github |
ICCDetector [214] | Static analysis | 2016 | Analyzes application code, services, intents, and intent filters | Unable to detect malicious code loading and evolving malware families | 17,290, open source APK | No |
APK Auditor [215] | Static analysis | 2015 | Performs Android manifest permission-based malware classification | Insufficient training data, and limited feature sets are unable to defend against APTs | 8762 | No |
FlowDroid [216] | Static analysis | 2014 | Uses package name and methods call to perform analysis and workflow | Unable to detect hidden API calls, methods, and dynamic code loading | 1500 | Github |
vetDroid [217] | Static analysis | 2013 | Reconstructs sensitive behaviors in Android apps from a permission-based detection | Fails to identify APTs, sensor-based attacks, and side-channel attacks | 1249 apps | No |
DroidMat [218] | Static analysis | 2012 | Decompiles and dissolves applications and use dex code to extract suspicious API calls | Unable to detect obfuscation, dynamic code loading, and contemporary threats | 1738 apps | No |
Droidbox [219] | Static analysis | 2011 | Analyzes network traffic to identify security and privacy threats to android users | Unable to detect dynamic code loading, side-channel attacks, and sensor-based attacks | Not disclosed | Github |
AASandbox [220] | Dynamic analysis | 2010 | Performs both static and dynamic analysis to identify malicious patterns and application logs | Unable to detect contemporary threats, Google Play attacks, and side-channel attacks | Not disclosed | No |
Scandroid [220] | Static analysis | 2009 | Applies data flow analysis on APK files to detect suspicious patterns | Unable to detect side-channel attacks, Google Play attacks, and contemporary threats | Not disclosed | No |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Muhammad, Z.; Anwar, Z.; Javed, A.R.; Saleem, B.; Abbas, S.; Gadekallu, T.R. Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses. Technologies 2023, 11, 76. https://doi.org/10.3390/technologies11030076
Muhammad Z, Anwar Z, Javed AR, Saleem B, Abbas S, Gadekallu TR. Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses. Technologies. 2023; 11(3):76. https://doi.org/10.3390/technologies11030076
Chicago/Turabian StyleMuhammad, Zia, Zahid Anwar, Abdul Rehman Javed, Bilal Saleem, Sidra Abbas, and Thippa Reddy Gadekallu. 2023. "Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses" Technologies 11, no. 3: 76. https://doi.org/10.3390/technologies11030076