Research On The Access Strategy Of Temporary Internet Permission And Device-wide Application History For Improving Android Data Security

Android operating system has become a very popular and widely used operating system in recent years.Smartphones that run the Android operating system occupy above 80% of the global smartphone market share currently.Because of its large user base,Android is a perfect target for hackers and attackers who seek to pursue their malicious intentions on a large group of users.These malicious intentions allow the attacker to obtain financial gain or cause destruction as a result of compromising user data.Many Android applications access internet networks to query,access or transmit digital resources.Unlike computer internet browsers,the privacy and security implications of internet access in mobile applications has not been fully explored.The current version of the Android Operating System(OS)fails to provide enough control to the user over the amount of internet access that an application has been given.This causes security concerns about data leakage and the safety of user data to arise.Significant user data vulnerability is introduced when applications can perform unsolicited data collection in the background without user knowledge.The Android Operating system has undergone several changes since its first official introduction in 2008.Though many of these changes have been in the interest of providing a more secure operating system,some however create obstacles to privacy and allow attackers to easily gain access user data.Permissions represent one of the major security features present in Android,used for the regulation of access to sensitive device resources.Prior work has explored the lack of fine grained control of the Android system's permission structure.Other work has brought to light vulnerabilities in the area of privilege escalation and data leakage due to permission access.Improvements made to the Android system from Android OS 6.0(API 23)and for later versions,have changed the permission specification of the internet permission from a DANGEROUS permission to a NORMAL permission.This change to the system automatically gives every application unregulated access to the internet without an option for access to be turned off at any time.This thesis work addresses these security concerns about data leakage and presents solutions backed by experimentation to mitigate these concerns.The main work of this thesis is presented as follows:1.This thesis work presents an approach that creates a more secure version of Android OS by assigning a temporary status to the INTERNET permission.For the purpose of this approach,the INTERNET permission is reassigned its status as Dangerous permission.In this approach,we developed a novel flow structure and algorithm to redirect internet access on an Android device through predetermined user regulated paths.The proposed approach was validated using experimentation generated from 297 real-world applications,downloaded from the internet.These applications have 1,000,000 – 50,000,000 downloads each and a rank of 4 stars and above out of 5 stars.These applications are deconstructed to reveal 39566 requested permissions.We conduct detailed analysis and employ machine learning techniques such as k-means clustering and hierarchical clustering to gain more detailed results.This2.means there is a high correlation of sensitive data on a user's device being exposed to applications that have unregulated access to the internet and possess the ability to transfer this data,even applicable some offline applications.Our findings and improvements promote a more secure Android system.3.This study proposes the model of internet history for all applications across the Android device.Malicious applications and malware work best when they are anonymous and when their activities are concealed from users.Thus,this study demonstrates the ability of malware attack model to be incorporated into a legitimate real-world application.We illustrate how legitimate wallpaper application can be used to leak user data without any visual representations show to the user.We investigate the impact of this form of attack.Our novel approach creates internet browsing history for each application to expose the activities of malicious apps.We generate the Risk Rank mathematical concept metric based on URL citation counting as a rating for each application based on its internet activities.Risk Rank provides a way of alerting a user to suspicious activities of an application that might be leaking data.4.In addition to the techniques mentioned above,this study proposes a novel prototype of the Android Internet permission system.This prototype enumerates a flow combines the other approaches into one cohesive model.The model accounts for both user and application behavior.Its primary objective is to limit the potential of applications to transmit sensitive user data using the internet.Because of this,our model outlines structures for user notification and user approved internet restriction techniques.Subsequently,we use stock and flow system dynamics and simulation techniques to validate our approach.In summary,this thesis provides major contributions to the theoretical background of Android internet permission vulnerability analysis and introduces 2 key techniques and 1 prototype to mitigate sensitive data leakage.