Abstract
In the age of smartphones, people do most of their daily work using their smartphones due to significant improvement in smartphone technology. When comparing different platforms such as Windows, iOS, Android, and Blackberry, Android has captured the highest percentage of total market share [1]. Due to this tremendous growth, cybercriminals are encouraged to penetrate various mobile marketplaces with malicious applications. Most of these applications require device information permissions aiming to collect sensitive data without user’s consent. This paper investigates each element of system information permissions and illustrates how cybercriminals can harm users’ privacy. It presents some attack scenarios using READ_PHONE_STATE permission and the risks behind it. In addition, this paper refers to possible attacks that can be performed when additional permissions are combined with READ_PHONE_STATE permission. It also discusses a proposed solution to defeat these types of attacks.
Highlights
Android has been increasing in popularity throughout the recent years, gaining a large majority of the smartphone market
This paper investigates each element of system information permissions and illustrates how cybercriminals can harm users’ privacy
Inter-Process Communication (IPC) apps are sandboxed, applications can still communicate with other apps and the Android system if the correct permissions are in place
Summary
Android has been increasing in popularity throughout the recent years, gaining a large majority of the smartphone market. Google’s hands-off approach with developers has facilitated a great deal of free-
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have