Perceived Confidentiality of Mobile Application Data

137724-Thumbnail Image.png
Description
Over the past several years, the three major mobile platforms have seen
tremendous growth and success; as a result, the platforms have been the target
of many malicious attacks. These attacks often request certain permissions in
order to carry out the malicious activities,

Over the past several years, the three major mobile platforms have seen
tremendous growth and success; as a result, the platforms have been the target
of many malicious attacks. These attacks often request certain permissions in
order to carry out the malicious activities, and uninformed users usually grant
them. One prevalent example of this type of malware is one that requests
permission  to  the  device’s  SMS  service,  and  once  obtained,  uses  the  SMS
service to accrue charges to the user. This type of attack is one of the most
prevalent on the Android application marketplace, and requires a long-term
solution. Replication of an attack is necessary to fully understand efficient
prevention methods, and due to the open-source nature of Android development,
to determine the likely mechanics of the attack as feasible.
This study uses the Hacker News application, an open source application
that is available for download through GitHub as a basis for creating a malware
application to study the SMS attack and explore prevention methods. From the
results and knowledge gained from both research and experimentation, a
proposition for a more secure operating system architecture was defined to
prevent and mitigate various attacks on mobile systems with a focus on SMS
attacks.
Date Created
2013-05
Agent

Enhancing Mobile Forensics on iOS

154172-Thumbnail Image.png
Description
Due to the shortcomings of modern Mobile Device Management solutions, businesses

have begun to incorporate forensics to analyze their mobile devices and respond

to any incidents of malicious activity in order to protect their sensitive data. Current

forensic tools, however, can only look

Due to the shortcomings of modern Mobile Device Management solutions, businesses

have begun to incorporate forensics to analyze their mobile devices and respond

to any incidents of malicious activity in order to protect their sensitive data. Current

forensic tools, however, can only look a static image of the device being examined,

making it difficult for a forensic analyst to produce conclusive results regarding the

integrity of any sensitive data on the device. This research thesis expands on the

use of forensics to secure data by implementing an agent on a mobile device that can

continually collect information regarding the state of the device. This information is

then sent to a separate server in the form of log files to be analyzed using a specialized

tool. The analysis tool is able to look at the data collected from the device over time

and perform specific calculations, according to the user's specifications, highlighting

any correlations or anomalies among the data which might be considered suspicious

to a forensic analyst. The contribution of this paper is both an in-depth explanation

on the implementation of an iOS application to be used to improve the mobile forensics

process as well as a proof-of-concept experiment showing how evidence collected

over time can be used to improve the accuracy of a forensic analysis.
Date Created
2015
Agent