The majority of malware seen on Android has a top-down approach often targeting application programming interfaces (API) of the financially rewarding telephony and short message service (SMS). In this paper we present a proof of concept of compromising an Android based smartphone by targeting the underlying Linux kernel. We adopt an unorthodox bottom-up approach on modifying the operating syste...

Today’s Smartphone operating systems frequently fail to provide users with adequate control and visibility into how the third-party applications use their private data. With TaintDroid realized on Android system, we can detect user’s implicit taint and privacy leakage. But TaintDroid has some inherent defects. To better detect user’s implicit taint and privacy leakage in the Android platform, t...

Usage of Android smartphones is more as compared to another smartphones due to its Open Source Operating System. Due to its Open OS, Android enables us to install third party applications. However, Security is one of the main concerns in Android. Security threats of malicious applications are rapidly increasing due to the nature of the third party applications where only developers can assign r...

Today, as we all know that the development of hardware for mobile device is getting better and the performance index is veryhigh than the actual requirements ofthe software configuration. Phone's features are now more dependent on software or application. This paper describes development of Android mobile platform application. Development environment of Windows Mobile and Apple’s iPhone are ver...

URANOS is an Android application which uses syntactical static analysis to determine in which component of an Android application a permission is required. This work describes how the detection and analysis of widely distributed and security critical adware plugins is achieved. We show, how users can trigger bytecode rewriting to (de)activate selected or redundant permissions in Android applica...

Cryptographic libraries that implement Transport Layer Security (TLS) have a responsibility to delete cryptographic keys once they’re no longer in use. Any key that’s left in memory can potentially be recovered through the actions of an attacker, up to and including the physical capture and forensic analysis of a device’s memory. This paper describes an analysis of the TLS library stack used in...

Android is a major target of attackers for malicious purposes due to its popularity. Despite obvious malicious functionality of Android malware, its analysis is a challenging task. Extracting and using features that discriminate malicious and benign behaviors in applications is essential for malware classi cation in using machine learning methods. In this paper, we propose a new feature in Andr...

Mobile devices are becoming essential for today life. In developed countries, about half of the people have a smartphone, resulting in millions of these electronic devices. Android is the most popular operating system for smartphones and other electronic devices such as tablets. Hence, for network administrators, it is essential to start managing all the Android based devices. SNMP is the de fa...

The appearance of the Android platform and its popularity has resulted in a sharp rise in the number of reported vulnerabilities and consequently in the number of mobile threats. Leveraging openness of Android app markets and the lack of security testing, malware authors commonly plagiarize Android applications (e.g., through code reuse and repackaging) boosting the amount of malware on the mar...

Android stores and users need mechanisms to evaluate whether their applications are secure or not. Although various previous works use data and control flow techniques to evaluate security features of Android applications, this paper extends those works by using Jif to verify compliance of information flow policies. To do so, the authors addressed some challenges that emerge in Android environm...