상세정보
학술지
Analyzing User Awareness of Privacy Data Leak in Mobile Applications
- 발행일
- 201512
- 출처
- Mobile Information Systems, v.2015, pp.1-12
- ISSN
- 1574-017X
- 출판사
- Hindawi Publishing
- 협약과제
- 15MS8200, (IoT 운영체제-총괄) 스마트 경량 IoT 기기용 운영체제 보안 핵심 기술 개발, 김정녀
- 초록
- To overcome the resource and computing power limitation of mobile devices in Internet of Things (IoT) era, a cloud computing provides an effective platform without human intervention to build a resource-oriented security solution. However, existing malware detection methods are constrained by a vague situation of information leaks. The main goal of this paper is to measure a degree of hiding intention for the mobile application (app) to keep its leaking activity invisible to the user. For real-world application test, we target Android applications, which unleash user privacy data. With the TaintDroid-ported emulator, we make experiments about the timing distance between user events and privacy leaks. Our experiments with Android apps downloaded from the Google Play show that most of leak cases are driven by user explicit events or implicit user involvement which make the user aware of the leakage. Those findings can assist a malware detection system in reducing the rate of false positive by considering malicious intentions. From the experiment, we understand better about app's internal operations as well. As a case study, we also presents a cloud-based dynamic analysis framework to perform a traffic monitor.
- KSP 제안 키워드
- Case studies, Cloud Computing, Cloud-based, Computing power, Data Leak, Detection Method, Dynamic analysis, False positive, Google play, Internet of thing(IoT), Intrusion detection system(IDS)