Vulnerability Evaluation Method through Correlation Analysis of Android Applications

Vulnerability Evaluation Method through Correlation Analysis of Android Applications

Due to people in companies use mobile devices to access corporate data, attackers targeting corporate data use vulnerabilities in mobile devices. Most vulnerabilities in applications are caused by the carelessness of developers, and confused deputy attacks and data leak attacks using inter-applicati...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Sustainability 2019-12, Vol.11 (23), p.6637
Hauptverfasser: Yeom, Cheolmin, Won, Yoojae
Format: Artikel
Sprache:eng
Schlagworte:
Application programming interface
C plus plus
Correlation analysis
Damage prevention
Internet access
Java
Libraries
Linux
Mobile commerce
Personal information
Sustainability
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue 23
container_start_page 6637
container_title Sustainability
container_volume 11
creator Yeom, Cheolmin
Won, Yoojae
description Due to people in companies use mobile devices to access corporate data, attackers targeting corporate data use vulnerabilities in mobile devices. Most vulnerabilities in applications are caused by the carelessness of developers, and confused deputy attacks and data leak attacks using inter-application vulnerabilities are possible. These vulnerabilities are difficult to find through the single-application diagnostic tool that is currently being studied. This paper proposes a process to automate the decompilation of all the applications on a user’s mobile device and a mechanism to find inter-application vulnerabilities. The mechanism generates a list and matrix, detailing the vulnerabilities in the mobile device. The proposed mechanism is validated through an experiment on an actual mobile device with four installed applications, and the results show that the mechanism can accurately capture all application risks as well as inter-application risks. Through this mechanism, users can expect to find the risks in their mobile devices in advance and prevent damage.
doi_str_mv 10.3390/su11236637
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2533347177</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2533347177</sourcerecordid><originalsourceid>FETCH-LOGICAL-c295t-4bd9a45d015256cc23982cf7e046d736bebca9992e3e7d22a9161288163a60713</originalsourceid><addsrcrecordid>eNpNUE1LxDAUDKLgsu7FX1DwJlSTvDZpjqWsH7DiZfVa0iS1WeKmJq3Qf2-1gs7lDcwwzBuELgm-ARD4No6EUGAM-AlaUcxJSnCOT__xc7SJ8YBnABBB2ArtX0d3NEE21tlhSraf0o1ysP6YPJmh8zoZuuDHty6pfAjGLVJ5lG6KNia-nbkO3uqk7Htn1Y8eL9BZK100m9-7Ri932331kO6e7x-rcpcqKvIhzRotZJZrTHKaM6UoiIKqlhucMc2BNaZRUghBDRiuKZVzY0KLgjCQbH4J1uhqye2D_xhNHOqDH8NcLtY0B4CME85n1_XiUsHHGExb98G-yzDVBNffw9V_w8EX48xf2g</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2533347177</pqid></control><display><type>article</type><title>Vulnerability Evaluation Method through Correlation Analysis of Android Applications</title><source>MDPI - Multidisciplinary Digital Publishing Institute</source><source>EZB-FREE-00999 freely available EZB journals</source><creator>Yeom, Cheolmin ; Won, Yoojae</creator><creatorcontrib>Yeom, Cheolmin ; Won, Yoojae</creatorcontrib><description>Due to people in companies use mobile devices to access corporate data, attackers targeting corporate data use vulnerabilities in mobile devices. Most vulnerabilities in applications are caused by the carelessness of developers, and confused deputy attacks and data leak attacks using inter-application vulnerabilities are possible. These vulnerabilities are difficult to find through the single-application diagnostic tool that is currently being studied. This paper proposes a process to automate the decompilation of all the applications on a user’s mobile device and a mechanism to find inter-application vulnerabilities. The mechanism generates a list and matrix, detailing the vulnerabilities in the mobile device. The proposed mechanism is validated through an experiment on an actual mobile device with four installed applications, and the results show that the mechanism can accurately capture all application risks as well as inter-application risks. Through this mechanism, users can expect to find the risks in their mobile devices in advance and prevent damage.</description><identifier>ISSN: 2071-1050</identifier><identifier>EISSN: 2071-1050</identifier><identifier>DOI: 10.3390/su11236637</identifier><language>eng</language><publisher>Basel: MDPI AG</publisher><subject>Application programming interface ; C plus plus ; Correlation analysis ; Damage prevention ; Internet access ; Java ; Libraries ; Linux ; Mobile commerce ; Personal information ; Sustainability</subject><ispartof>Sustainability, 2019-12, Vol.11 (23), p.6637</ispartof><rights>2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c295t-4bd9a45d015256cc23982cf7e046d736bebca9992e3e7d22a9161288163a60713</citedby><cites>FETCH-LOGICAL-c295t-4bd9a45d015256cc23982cf7e046d736bebca9992e3e7d22a9161288163a60713</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>Yeom, Cheolmin</creatorcontrib><creatorcontrib>Won, Yoojae</creatorcontrib><title>Vulnerability Evaluation Method through Correlation Analysis of Android Applications</title><title>Sustainability</title><description>Due to people in companies use mobile devices to access corporate data, attackers targeting corporate data use vulnerabilities in mobile devices. Most vulnerabilities in applications are caused by the carelessness of developers, and confused deputy attacks and data leak attacks using inter-application vulnerabilities are possible. These vulnerabilities are difficult to find through the single-application diagnostic tool that is currently being studied. This paper proposes a process to automate the decompilation of all the applications on a user’s mobile device and a mechanism to find inter-application vulnerabilities. The mechanism generates a list and matrix, detailing the vulnerabilities in the mobile device. The proposed mechanism is validated through an experiment on an actual mobile device with four installed applications, and the results show that the mechanism can accurately capture all application risks as well as inter-application risks. Through this mechanism, users can expect to find the risks in their mobile devices in advance and prevent damage.</description><subject>Application programming interface</subject><subject>C plus plus</subject><subject>Correlation analysis</subject><subject>Damage prevention</subject><subject>Internet access</subject><subject>Java</subject><subject>Libraries</subject><subject>Linux</subject><subject>Mobile commerce</subject><subject>Personal information</subject><subject>Sustainability</subject><issn>2071-1050</issn><issn>2071-1050</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2019</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><recordid>eNpNUE1LxDAUDKLgsu7FX1DwJlSTvDZpjqWsH7DiZfVa0iS1WeKmJq3Qf2-1gs7lDcwwzBuELgm-ARD4No6EUGAM-AlaUcxJSnCOT__xc7SJ8YBnABBB2ArtX0d3NEE21tlhSraf0o1ysP6YPJmh8zoZuuDHty6pfAjGLVJ5lG6KNia-nbkO3uqk7Htn1Y8eL9BZK100m9-7Ri932331kO6e7x-rcpcqKvIhzRotZJZrTHKaM6UoiIKqlhucMc2BNaZRUghBDRiuKZVzY0KLgjCQbH4J1uhqye2D_xhNHOqDH8NcLtY0B4CME85n1_XiUsHHGExb98G-yzDVBNffw9V_w8EX48xf2g</recordid><startdate>20191201</startdate><enddate>20191201</enddate><creator>Yeom, Cheolmin</creator><creator>Won, Yoojae</creator><general>MDPI AG</general><scope>AAYXX</scope><scope>CITATION</scope><scope>4U-</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope></search><sort><creationdate>20191201</creationdate><title>Vulnerability Evaluation Method through Correlation Analysis of Android Applications</title><author>Yeom, Cheolmin ; Won, Yoojae</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c295t-4bd9a45d015256cc23982cf7e046d736bebca9992e3e7d22a9161288163a60713</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Application programming interface</topic><topic>C plus plus</topic><topic>Correlation analysis</topic><topic>Damage prevention</topic><topic>Internet access</topic><topic>Java</topic><topic>Libraries</topic><topic>Linux</topic><topic>Mobile commerce</topic><topic>Personal information</topic><topic>Sustainability</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Yeom, Cheolmin</creatorcontrib><creatorcontrib>Won, Yoojae</creatorcontrib><collection>CrossRef</collection><collection>University Readers</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><jtitle>Sustainability</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Yeom, Cheolmin</au><au>Won, Yoojae</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Vulnerability Evaluation Method through Correlation Analysis of Android Applications</atitle><jtitle>Sustainability</jtitle><date>2019-12-01</date><risdate>2019</risdate><volume>11</volume><issue>23</issue><spage>6637</spage><pages>6637-</pages><issn>2071-1050</issn><eissn>2071-1050</eissn><abstract>Due to people in companies use mobile devices to access corporate data, attackers targeting corporate data use vulnerabilities in mobile devices. Most vulnerabilities in applications are caused by the carelessness of developers, and confused deputy attacks and data leak attacks using inter-application vulnerabilities are possible. These vulnerabilities are difficult to find through the single-application diagnostic tool that is currently being studied. This paper proposes a process to automate the decompilation of all the applications on a user’s mobile device and a mechanism to find inter-application vulnerabilities. The mechanism generates a list and matrix, detailing the vulnerabilities in the mobile device. The proposed mechanism is validated through an experiment on an actual mobile device with four installed applications, and the results show that the mechanism can accurately capture all application risks as well as inter-application risks. Through this mechanism, users can expect to find the risks in their mobile devices in advance and prevent damage.</abstract><cop>Basel</cop><pub>MDPI AG</pub><doi>10.3390/su11236637</doi><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 2071-1050
ispartof Sustainability, 2019-12, Vol.11 (23), p.6637
issn 2071-1050
2071-1050
language eng
recordid cdi_proquest_journals_2533347177
source MDPI - Multidisciplinary Digital Publishing Institute; EZB-FREE-00999 freely available EZB journals
subjects Application programming interface
C plus plus
Correlation analysis
Damage prevention
Internet access
Java
Libraries
Linux
Mobile commerce
Personal information
Sustainability
title Vulnerability Evaluation Method through Correlation Analysis of Android Applications
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-05T11%3A08%3A31IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Vulnerability%20Evaluation%20Method%20through%20Correlation%20Analysis%20of%20Android%20Applications&rft.jtitle=Sustainability&rft.au=Yeom,%20Cheolmin&rft.date=2019-12-01&rft.volume=11&rft.issue=23&rft.spage=6637&rft.pages=6637-&rft.issn=2071-1050&rft.eissn=2071-1050&rft_id=info:doi/10.3390/su11236637&rft_dat=%3Cproquest_cross%3E2533347177%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2533347177&rft_id=info:pmid/&rfr_iscdi=true