Android Apps Conspire to Mine Information from Your Smartphone Say Researchers
Mobile phones have increasingly become the repository for the details that drive our everyday lives. But Virginia Tech researchers have recently discovered that the same apps we regularly use on our phones to organize lunch dates, make convenient online purchases, and communicate the most intimate details of our existence have secretly been colluding to mine our information.
Associate Professor of Computer Science Daphne Yao (left), Fang Liu, doctoral candidate (center), and Assistant Professor of Computer Science Gang Wang (right), are co-authors on a first-of-its-kind large scale and systematic study that evaluated collusion between Android smartphone apps.
The types of threats fall into two major categories, either a malware app that is specifically designed to launch a cyberattack or apps that simply allow for collusion and privilege escalation. In the latter category, it is not possible to quantify the intention of the developer, so collusion, while still a security breach, can in many cases be unintentional.
In order to run the programs to test pairs of apps, the team developed a tool called DIALDroid to perform their massive inter-app security analysis. The study, funded by the Defense Advanced Research Projects Agency as part of its Automated Program Analysis for Cybersecurity initiative, took 6,340 hours using the newly developed DIALDroid software, a task that would have been considerably longer without it.
First author of the paper Amiangshu Bosu, an assistant professor at Southern Illinois University, spearheaded the software development effort and the push to release the code to the wider research community. Fang Liu, a fifth year Ph.D. candidate studying under Yao, also contributed to the malware detection research.
“Our team was able to exploit the strengths of relational databases to complete the analysis, in combination with efficient static program analysis, workflow engineering and optimization, and the utilization of high performance computing. Of the apps we studied, we found thousands of pairs of apps that could potentially leak sensitive phone or personal information and allow unauthorized apps to gain access to privileged data,” said Yao, who is both an Elizabeth and James E. Turner Jr. ’56 and L-3 Faculty Fellow.
The team studied a whopping 110,150 apps over three years including 100,206 of Google Play¹s most popular apps and 9,994 malware apps from Virus Share, a private collection of malware app samples. The set up for cybersecurity leaks works when a seemingly innocuous sender app like that handy and ubiquitous flashlight app works in tandem with a receiver app to divulge a user¹s information such as contacts, geolocation, or provide access to the web.
The team found that the biggest security risks were some of the least utilitarian. Apps that pertained to personalization of ringtones, widgets, and emojis.
“App security is a little like the Wild West right now with few regulations,” said Wang. “We hope this paper will be a source for the industry to consider re-examining their software development practices and incorporate safeguards on the front end. While we can¹t quantify what the intention is for app developers in the non-malware cases we can at least raise awareness of this security problem with mobile apps for consumers who previously may not have thought much about what they were downloading onto their phones.”
Shannon Andrea
Anyone can join.
Anyone can contribute.
Anyone can become informed about their world.
"United We Stand" Click Here To Create Your Personal Citizen Journalist Account Today, Be Sure To Invite Your Friends.
Before It’s News® is a community of individuals who report on what’s going on around them, from all around the world. Anyone can join. Anyone can contribute. Anyone can become informed about their world. "United We Stand" Click Here To Create Your Personal Citizen Journalist Account Today, Be Sure To Invite Your Friends.
LION'S MANE PRODUCT
Try Our Lion’s Mane WHOLE MIND Nootropic Blend 60 Capsules
Mushrooms are having a moment. One fabulous fungus in particular, lion’s mane, may help improve memory, depression and anxiety symptoms. They are also an excellent source of nutrients that show promise as a therapy for dementia, and other neurodegenerative diseases. If you’re living with anxiety or depression, you may be curious about all the therapy options out there — including the natural ones.Our Lion’s Mane WHOLE MIND Nootropic Blend has been formulated to utilize the potency of Lion’s mane but also include the benefits of four other Highly Beneficial Mushrooms. Synergistically, they work together to Build your health through improving cognitive function and immunity regardless of your age. Our Nootropic not only improves your Cognitive Function and Activates your Immune System, but it benefits growth of Essential Gut Flora, further enhancing your Vitality.
Our Formula includes: Lion’s Mane Mushrooms which Increase Brain Power through nerve growth, lessen anxiety, reduce depression, and improve concentration. Its an excellent adaptogen, promotes sleep and improves immunity. Shiitake Mushrooms which Fight cancer cells and infectious disease, boost the immune system, promotes brain function, and serves as a source of B vitamins. Maitake Mushrooms which regulate blood sugar levels of diabetics, reduce hypertension and boosts the immune system. Reishi Mushrooms which Fight inflammation, liver disease, fatigue, tumor growth and cancer. They Improve skin disorders and soothes digestive problems, stomach ulcers and leaky gut syndrome. Chaga Mushrooms which have anti-aging effects, boost immune function, improve stamina and athletic performance, even act as a natural aphrodisiac, fighting diabetes and improving liver function. Try Our Lion’s Mane WHOLE MIND Nootropic Blend 60 Capsules Today. Be 100% Satisfied or Receive a Full Money Back Guarantee. Order Yours Today by Following This Link.
| Visits: | 1,707,111,711 |
| Stories: | 8,447,251 |
Whistler Blowers, Insiders
