Increasing Android Security Using a Lightweight OVAL-Based Vulnerability Assessment Framework
نویسندگان
چکیده
Mobile computing devices and the services offered by them are utilized by millions of users on a daily basis. However, they operate in hostile environments getting exposed to a wide variety of threats. Accordingly, vulnerability management mechanisms are highly required. We present in this paper a novel approach for increasing the security of mobile devices by efficiently detecting vulnerable configurations. In that context, we propose a modeling for performing vulnerability assessment activities as well as an OVAL-based distributed framework for ensuring safe configurations within the Android platform. We also describe an implementation prototype and evaluate its performance through an extensive set of experiments.
منابع مشابه
Towards Central Vulnerability Management by Mobile Phone Operators
The application of XML-based approaches in passing vulnerability information between vulnerability management devices or software residing on wired networks has been demonstrated. We propose a proof of concept framework for mobile operators that extends this use of XML into the area of vulnerability management on public land mobile networks. Our proposed framework allows for a pro-active centra...
متن کاملارائه الگویی برای ارزیابی ریسک آتشسوزیهای عمدی
Background & Objectives : It is not possible to live without using fire. However, fire could destruct human properties in a short time. One of the most important types of fire is intentional fire. This type of fire has become a great problem for insurance companies, fire departments, industries, government and business in the recent years. This study aimed to provide a framework for risk assess...
متن کاملSecurity Issues in the Android Cross-Layer Architecture
The security of Android has been recently challenged by the discovery of a number of vulnerabilities involving different layers of the Android stack. We argue that such vulnerabilities are largely related to the interplay among layers composing the Android stack. Thus, we also argue that such interplay has been underestimated from a security point-ofview and a systematic analysis of the Android...
متن کاملMAD-IOS: Dynamic App Vulnerability Analysis in Non-jailbroken Devices
Mobile apps are pervasive in our life supporting us from simple actions, such as photo sharing, to more important ones, such as banking transactions. Security around these operations and data is crucial, making app vulnerability analysis and code review fundamental. Android and iOS split the mobile market share each other. However, while the first can rely on many analysis tools, for iOS it is ...
متن کاملRapid Vulnerability Assessment of Lavizan Urban Forest Park
Although the vulnerability assessment of forest parks is used to determine the threats they face, a rapid and holistic framework has not been established well. The primary objective of this study is to adopt a framework for rapid assessment of forest parks vulnerability, examined in Lavizan forest park in Tehran (Iran) as the case study. The vulnerability assessment has been conducted, using th...
متن کامل