Security and Privacy of Users' Personal Information on Smartphones

Security and Privacy of Users' Personal Information on Smartphones

Security and Privacy of Users’ Personal Information on Smartphones by Veelasha Moonsamy Bachelor of IT Honours (BIT Hon) Submitted in fulfilment of the requirements for the degree of Doctor of Philosophy Deakin University December, 2014 Abstract The recent surge in the popularity of smartphones has shifted the focus of malware attackers from the desktop platform onto that of the smartphone platform. Smart- phones, which are hand-held devices with significantly more computational power than traditional mobile phones, store a wide range of personally identifiable infor- mation about their users in order for smartphone applications to function properly. As a result, malware authors are able to acquire private and confidential information about the victims by successfully deploying their attacks. Such information could be later used for blackmailing or trading in underground markets. Thus, the challenge of smartphone malware detection is directly related to the increasing number of smartphone users and applications available. As the number of smartphone malware continues to rapidly increase, there is an urgent need to deploy detection and classification frameworks that can cope with the large volume of suspicious applications and efficiently detect and classify malware. In this thesis, I consider the Android platform as a case study because it is an open-source platform and has the highest number of malicious applications. I begin by proposing a pattern mining algorithm to generate contrasting permission patterns that can distinguish clean from malicious applications. The permission patterns were then used to identify malware. I propose a linear classifier that uses permission patterns as features. These patterns are unique to malicious applications only and can also be used to conduct a high-level malware triage. The proposed classifier was consistent in generating prediction rules and the highest output accuracy was 97%, which is comparable to the best existing results. i ii Furthermore, while identifying malware is a high priority and also a challeng- ing problem, the issue is further exacerbated by unauthorised disclosure of personal information by clean applications, behaviour which cannot be detected by antivirus software. In my study, I examined the causes and impact of information leaks by clean applications in order to identify the motivation behind accessing users’ personal in- formation without their knowledge. The empirical results indicate that third-party advertising libraries are responsible for privacy breaches. I further extended my re- search by investigating the built-in tracking settings made available to users by the smartphone operating system. In summary, the three main contributions of my thesis are: (a) The discovery that existing mechanisms for identifying malware on smartphones are insufficient in detecting all types of threats to them. (b) An improved malware detection procedure for smartphones. (c) A set of proposals for preventing identity theft on smartphones. Acknowledgements I would like to take this opportunity to thank a number of people without whom the completion of my thesis would not have been possible. I owe my deepest gratitude to Prof. Lynn Batten for her guidance and support throughout my time at Deakin. It was an honour to be her student and to have her as a mentor. Her relentless dedication towards her students is inspiring and has always motivated me to work harder. Thanks to her training, I feel prepared and confident to embark on my research career. I would like to thank our collaborators, including Dr. Gang Li, Dr. Jia Rong and Mr. Shaowu Liu for introducing me to the area of pattern mining. Special thanks to Dr. Malcolm Shore for giving me the opportunity to gain industry experience while working on my PhD. I am also indebted to the support staff, in particular Ms. Judy Chow and Mr. Nghia Dang, from the School of IT for their administrative and technical help. Thanks to Deakin University and the International Information Systems Security Certification Consortium (ISC2) for the financial support and opportunity to attend international conferences. Last but not least, I am eternally grateful to my parents for giving me the gift of education. They have always encouraged me to be tenacious and ambitious. I will forever be indebted to them for all their sacrifices, and for the unconditional love and support they have given me throughout my studies. iii Table of Contents Contents iv List of Publications ix List of Tables xi List of Figures xiii 1 Introduction 1 1.1Motivation................................. 1 1.2 Research Questions and Contributions ................. 2 1.3 Thesis Outline ............................... 5 1.4 Summary ................................. 7 2 Smartphone Application Security 8 2.1 Preliminary ................................ 8 2.2SmartphoneMalware........................... 9 2.2.1 HistoryofPre-SmartphoneMalware.............. 9 2.2.2 HistoryofSmartphoneMalware................. 10 2.2.3 TypesofSmartphoneMalware.................. 11 2.3 Application Analysis Techniques ..................... 14 2.3.1 StaticAnalysis.......................... 15 2.3.2 DynamicAnalysis......................... 18 2.3.3 HybridMethod.......................... 22 2.3.4 ObservationsofCurrentMethods................ 23 iv v 2.3.5 Research Challenges ....................... 24 2.4CaseStudy:Android........................... 25 2.4.1 AndroidPermissionSystem................... 26 2.5 Summary ................................. 27 3 Contrast Permission Pattern Mining 28 3.1Introduction................................ 28 3.2 Definition and Problem Formulation .................. 28 3.2.1 ProblemStatement........................ 30 3.3LiteratureReview............................. 31 3.4 Data Pre-processing ........................... 33 3.4.1 Dataset.............................. 33 3.4.2 StatisticalAnalysisofAndroidPermissions........... 37 3.4.3 VisualizationofPermissionsUsingBiclustering........ 41 3.5 Contrast Permission Pattern Mining .................. 46 3.5.1 Candidate Subset Generation .................. 46 3.5.2 ContrastSubsetSelection.................... 49 3.6AndroidPermissionPatterns....................... 49 3.6.1 Malware-Specific Required Permission Patterns (MSRPP)............................. 52 3.6.2 Malware-Specific Used Permission Patterns (MSUPP) . 55 3.6.3 ContrastRequiredPermissionPatterns(CRPP)........ 56 3.6.4 ContrastUsedPermissionPatterns(CUPP).......... 56 3.7Discussion................................. 57 3.7.1 ObservationsfromStatisticalAnalysis............. 58 3.7.2 AnalysisofPermissionVisualizations.............. 59 3.7.3 AnalysisofContrastPermissionPatterns............ 60 3.8 Summary ................................. 61 4 Android Permission Pattern Classifier 63 4.1Introduction................................ 63 4.2RelatedWork............................... 65 4.3AndroidPermissionPatternClassification............... 68 4.3.1 PermissionPatternSelection................... 68 4.3.2 PermissionPatternClassifierAlgorithm............ 70 4.3.2.1 BoostingAlgorithm.................. 72 4.3.2.2 PerceptronAlgorithm................. 73 vi 4.3.2.3 PermissionPatternClassifier............. 74 4.4ExperimentalEvaluation......................... 76 4.4.1 ComparativeClassificationModel................ 76 4.4.2 ExperimentalResults....................... 78 4.5Discussion................................. 81 4.5.1 ExperimentalResults....................... 81 4.5.2 AnalysisofResults........................ 83 4.5.3 Observations about Privacy Implications ............ 84 4.6 Summary ................................. 85 5 Smartphone Application Privacy 86 5.1Introduction................................ 86 5.1.1 Definition of Privacy ....................... 86 5.1.2 PrivacyversusSecurity...................... 87 5.2 Smartphone Application Privacy ..................... 87 5.2.1 Importance of Application Privacy ............... 87 5.2.2 AvenuesforPrivacyBreaches.................. 88 5.3RelatedWork............................... 89 5.4 Research Challenges ........................... 92 5.5 Summary ................................. 93 6 Understanding Information Leaks 95 6.1Introduction................................ 95 6.2RelatedWork............................... 97 6.3DetectionofInformationLeaks..................... 101 6.3.1 Dataset.............................. 101 6.3.2 ExperimentalFramework..................... 101 6.3.2.1 ExperimentalSet-up.................. 104 6.3.2.2 DroidBox:DynamicAnalysis............. 105 6.3.2.3 StaticAnalysis..................... 107 6.4ExperimentalResults........................... 108 6.4.1 PermissionUsage&AdvertisingLibraries........... 108 6.4.2 Identification of Leaky Applications ............... 109 6.4.3 Determine Causes of Leaks .................... 110 6.5Discussion................................. 112 6.6 Summary ................................. 114 vii 7 Information Leaks via Tracking Services 116 7.1Introduction................................ 116 7.1.1 ProblemStatement........................ 117 7.2RelatedWork............................... 118 7.3TrackingServicesonAndroid...................... 120 7.4ExperimentalWork............................ 121 7.4.1 CaseStudy:AndroidDataset.................. 121 7.4.2 ExperimentalSetup........................ 122 7.5AnalysisofResults............................ 124 7.5.1 InformationLeaksforTrackingOFF.............. 127 7.5.2 Comparison:TrackingONversusTrackingOFF........ 130 7.6Discussion................................. 131 7.6.1

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    202 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us