liu.seSök publikationer i DiVA
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Application Whitelisting: Smartphones in High Security Environments
Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
2013 (Engelska)Självständigt arbete på avancerad nivå (masterexamen), 20 poäng / 30 hpStudentuppsats (Examensarbete)
Abstract [en]

Today, smartphones are in widespread use by consumers, commercial companies and government authorities. Unfortunately, there are many examples of applications carrying out malicious activities, such as stealing information or subscribing to premium-rate services. In this thesis work, a novel application whitelisting process (AWP) is proposed. It defines processes for application security audits and whitelisting i.e. methods on how to classify, evaluate and test a given application to make sure that it with a level of assurance does not have malicious intentions. In a risk analysis of users in high security environments, the results showed that confidentiality and availability is the top most important security aspects to protect in this environment. The applications in the whitelisting process should therefore be tested for known malware and adware as well as permissions that can be used to send private information to remote servers. Additionally, testing should also be carried out for information leakage through intents and content resolvers. Because whitelisting is locking down the freedom and usability that comes with a smartphone, three different leveled whitelists are proposed to satisfy users and organizations with different security needs. A prototype was developed to prove the overall usability of the design. The result of scanning 200 applications from Google Play showed that 12% of all applications can be placed in the highest leveled whitelist. The results also suggest that 17.5 % of all applications on Google Play are malware or potentially unwanted applications. The results points to that using this novel whitelisting process, about 30% of all applications can be automated into whitelists and will not need manual analysis.

Ort, förlag, år, upplaga, sidor
2013. , s. 62
Nyckelord [en]
Application whitelisting process, Android, malware, obfuscation
Nationell ämneskategori
Datavetenskap (datalogi)
Identifikatorer
URN: urn:nbn:se:liu:diva-96005ISRN: LIU-IDA/LITH-EX-A--13/018—SEOAI: oai:DiVA.org:liu-96005DiVA, id: diva2:640193
Externt samarbete
Sectra Communications AB
Ämne / kurs
Informationsteknologi
Handledare
Examinatorer
Tillgänglig från: 2013-08-16 Skapad: 2013-08-12 Senast uppdaterad: 2018-01-11Bibliografiskt granskad

Open Access i DiVA

Application Whitelisting(1785 kB)743 nedladdningar
Filinformation
Filnamn FULLTEXT01.pdfFilstorlek 1785 kBChecksumma SHA-512
51b6b80fb441a49f96ec85752d49d7b4dabc461d00523dce9444868920dfdcb8ac5c5948d09e36f449df80220d9c789b5293a61ba025ca1eb49ce07a98cda1f4
Typ fulltextMimetyp application/pdf

Av organisationen
Databas och informationsteknikTekniska högskolan
Datavetenskap (datalogi)

Sök vidare utanför DiVA

GoogleGoogle Scholar
Totalt: 743 nedladdningar
Antalet nedladdningar är summan av nedladdningar för alla fulltexter. Det kan inkludera t.ex tidigare versioner som nu inte längre är tillgängliga.

urn-nbn

Altmetricpoäng

urn-nbn
Totalt: 863 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf