A prototype to improve the security and integrity of mobile banking

26 June 2015

M.Sc. (Computer Science) / In the rapidly evolving world that we live in, the methods by which items are purchased are starting to be revolutionized. In a developing country such as South Africa, financial institutions within the banking sector are starting to implement their own systems or processes to process bank transactions. These processes include the identification and authentication of bank transactions, as well as the validation of the integrity of bank transactions between buyer and merchant. The changing of these processes by the banking sector could be viewed as a result of the increase in mobile device users. The purpose of the research presented within this dissertation is to explore an alternative method for identifying and authenticating a user in order to authorize a purchase made from a mobile device. The research will include evidence for the necessity of an alternative process as well as investigate the current technology by examining a few mobile banking solutions provided by the banking sector. The alternative process will be based upon a prototype design, which will employ Near Field Communication (NFC) technology to forward the purchase information from a point-of-sale (POS) device to the client’s mobile device, as well as employ fingerprint recognition technology to improve the identification and authentication of a user in order to authorize the purchase. The prototype will be known as BankAuth. The researcher hopes that this dissertation encourages other academics to discover new approaches in further researching mobile banking solutions.

Mobile computing

The Effectiveness of Remote Wipe as a Valid Defense for Enterprises Implementing a BYOD Policy

Uz, Ali

08 January 2014

In today’s work place where corporations allow employees to use their own smart phones to access their company’s network and sensitive data, it is essential to ensure the security of said data. When an employee smart phone is compromised, companies will rely on the remote wipe command that attempts to remove sensitive data. In this thesis, we analyze the effectiveness of remote wipe commands on the Apple iPhone and Android model devices and demonstrate how data can be recovered following a remote wipe procedure. We conduct two experiments on each device to verify whether remote wipe is a viable defense mechanism or not. Furthermore, we touch on the subject of mobile forensics used by law enforcement and review methods and techniques used to recover data for use as evidence in criminal cases.

security

mobile security

BYOD

mobile forensics

forensics

Learning-based Cyber Security Analysis and Binary Customization for Security

Tian, Ke

13 September 2018

This thesis presents machine-learning based malware detection and post-detection rewriting techniques for mobile and web security problems. In mobile malware detection, we focus on detecting repackaged mobile malware. We design and demonstrate an Android repackaged malware detection technique based on code heterogeneity analysis. In post-detection rewriting, we aim at enhancing app security with bytecode rewriting. We describe how flow- and sink-based risk prioritization improves the rewriting scalability. We build an interface prototype with natural language processing, in order to customize apps according to natural language inputs. In web malware detection for Iframe injection, we present a tag-level detection system that aims to detect the injection of malicious Iframes for both online and offline cases. Our system detects malicious iframe by combining selective multi-execution and machine learning algorithms. We design multiple contextual features, considering Iframe style, destination and context properties. / Ph. D. / Our computing systems are vulnerable to different kinds of attacks. Cyber security analysis has been a problem ever since the appearance of telecommunication and electronic computers. In the recent years, researchers have developed various tools to protect the confidentiality, integrity, and availability of data and programs. However, new challenges are emerging as for the mobile security and web security. Mobile malware is on the rise and threatens both data and system integrity in Android. Furthermore, web-based iframe attack is also extensively used by web hackers to distribute malicious content after compromising vulnerable sites. This thesis presents on malware detection and post-detection rewriting for both mobile and web security. In mobile malware detection, we focus on detecting repackaged mobile malware. We propose a new Android repackaged malware detection technique based on code heterogeneity analysis. In post-detection rewriting, we aim at enhancing app security with bytecode rewriting. Our rewriting is based on the flow and sink risk prioritization. To increase the feasibility of rewriting, our work showcases a new application of app customization with a more friendly user interface. In web malware detection for Iframe injection, we developed a tag-level detection system which aims to detect injection of malicious Iframes for both online and offline cases. Our system detects malicious iframe by combining selective multi-execution and machine learning. We design multiple contextual features, considering Iframe style, destination and context properties.

mobile security

web security

Machine learning

The Effectiveness of Remote Wipe as a Valid Defense for Enterprises Implementing a BYOD Policy

Uz, Ali

January 2014

In today’s work place where corporations allow employees to use their own smart phones to access their company’s network and sensitive data, it is essential to ensure the security of said data. When an employee smart phone is compromised, companies will rely on the remote wipe command that attempts to remove sensitive data. In this thesis, we analyze the effectiveness of remote wipe commands on the Apple iPhone and Android model devices and demonstrate how data can be recovered following a remote wipe procedure. We conduct two experiments on each device to verify whether remote wipe is a viable defense mechanism or not. Furthermore, we touch on the subject of mobile forensics used by law enforcement and review methods and techniques used to recover data for use as evidence in criminal cases.

security

mobile security

BYOD

mobile forensics

forensics

Automated Vulnerability Assessment of Mobile Device Vulnerabilities

Shambra, Stephen M

06 May 2017

Mobile device security presents a unique challenge in the realm of cyber security, one which is difficult to assess and ultimately defend. Mobile devices, like other computing devices, should possess a secure environment by which a mobile user may operate safely and securely. However, insecure coding when developing applications, incomplete assessment tools to determine platform/application security, and security shortcomings in the Android platform and mobile communications standards result in an insecure environment. This thesis presents an analysis of aspects of a Mobile Station to identify components that contribute to the attack surface. An investigation is conducted to highlight vulnerabilities at the Application, Communications, and Resource Layers. The thesis also identifies current efforts to assess and identify mobile vulnerabilities and weaknesses in application and system settings. Finally, an automated vulnerability assessment solution is developed and introduced in this thesis that can aid in combating potential threats to mobile security.

Vulnerability Assessment

Mobile Security

Cyber Security

Precise, General, and Efficient Data-flow Analysis for Security Vetting of Android Apps

Wei, Fengguo

18 June 2018

This dissertation presents a new approach to static analysis for security vetting of Android apps, and a general framework called Argus-SAF. Argus-SAF determines points-to information for all objects in an Android app component in a flow and context-sensitive (user-configurable) way and performs data-flow and data dependence analysis for the component. Argus-SAF also tracks inter-component communication activities. It can stitch the component-level information into the app- level information to perform intra-app or inter-app analysis. Moreover, Argus-SAF is NDK/JNI- aware and can efficiently track precise data-flow across language boundary. This dissertation shows that, (a) the aforementioned type of comprehensive app analysis is utterly feasible in terms of computing resources with modern hardware, (b) one can easily leverage the results from this general analysis to build various types of specialized security analyses – in many cases the amount of additional coding needed is around 100 lines of code, and (c) the result of those specialized analyses leveraging Argus-SAF is at least on par and often exceeds prior works designed for the specific problems, which this dissertation demonstrate by comparing Argus-SAF’s results with those of prior works whenever the tool can be obtained. Since Argus-SAF’s analysis directly handles intercomponent and inter-language control and data flows, it can be used to address security problems that result from interactions among multiple components from either the same or different apps and among java code and native code. Argus-SAF’s analysis is sound in that it can assure the absence of the specified security problems in an app with well-specified and reasonable assumptions on Android runtime system and its library.

Android App Security Analysis

Mobile Security

Static Analysis

Computer Sciences

Analyzing Mobile App Privacy Using Computation and Crowdsourcing

Amini, Shahriyar

01 May 2014

Mobile apps can make use of the rich data and sensors available on smartphones to offer compelling services. However, the use of sensitive resources by apps is not always justified, which has led to new kinds of privacy risks and challenges. While it is possible for app market owners and third-parties to analyze the privacy-related behaviors of apps, present approaches are difficult and tedious. I present two iterations of the design, implementation, and evaluation of a system, Gort, which enables more efficient app analysis, by reducing the burden of instrumenting apps, making it easier to find potential privacy problems, and presenting sensitive behavior in context. Gort interacts with apps while instrumenting them to detect sensitive information transmissions. It then presents this information along with the associated app context to a crowd of users to obtain their expectations and comfort regarding the privacy implications of using the app. Gort also runs a set of heuristics on the app to flag potential privacy problems. Finally, Gort synthesizes the information obtained through its analysis and presents it in an interactive GUI, built specifically for privacy analysts. This work offers three distinct new advances over the state of the art. First, Gort uses a set of heuristics, elicited through interviews with 12 experts, to identify potential app privacy problems. Gort heuristics present high-level privacy problems instead of the overwhelming amount of information offered through existing tools. Second, Gort automatically interacts with apps by discovering and interacting with UI elements while instrumenting app behavior. This eliminates the need for analysts to manually interact with apps or to script interactions. Third, Gort uses crowdsourcing in a novel way to determine whether app privacy leaks are legitimate and desirable and raises red flags about potentially suspicious app behavior. While existing tools can detect privacy leaks, they cannot determine whether the privacy leaks are beneficial or desirable to the user. Gort was evaluated through two separate user studies. The experiences from building Gort and the insights from the user studies guide the creation of future systems, especially systems intended for the inspection and analysis of software.

mobile privacy

mobile security

app privacy

privacy analysis

crowdsourcing

Android

Improving smartphone security with remote attestation / Förbättra säkerheten hos smartphones med remote attestation

Persson, Jesper

January 2017

Smartphones are becoming increasingly powerful and useful in a work environment. This has led to their adoption at the workplace. Many companies hand out smartphones to their employees and allow employees to bring their own devices to work. There are multiple potential vulnerabilities with such a situation. What happens if the device an employee uses to access secret company data with becomes infected by malware? Existing techniques such as remote attestation is widely used on desktop computers using a Trusted Platform Module (TPM) to allow remote parties to determine the integrity of a computer. However, no smartphones come equipped with a TPM, resulting in the need of alternate solutions. This report proposes a remote attestation system for the Android platform that allows employers to detect compromised devices. Any modification to an application is detected and reliably reported to a remote party.

Remote attestation

mobile security

Computer Sciences

Datavetenskap (datalogi)

Mining Security Risks from Massive Datasets

Liu, Fang

09 August 2017

Cyber security risk has been a problem ever since the appearance of telecommunication and electronic computers. In the recent 30 years, researchers have developed various tools to protect the confidentiality, integrity, and availability of data and programs. However, new challenges are emerging as the amount of data grows rapidly in the big data era. On one hand, attacks are becoming stealthier by concealing their behaviors in massive datasets. One the other hand, it is becoming more and more difficult for existing tools to handle massive datasets with various data types. This thesis presents the attempts to address the challenges and solve different security problems by mining security risks from massive datasets. The attempts are in three aspects: detecting security risks in the enterprise environment, prioritizing security risks of mobile apps and measuring the impact of security risks between websites and mobile apps. First, the thesis presents a framework to detect data leakage in very large content. The framework can be deployed on cloud for enterprise and preserve the privacy of sensitive data. Second, the thesis prioritizes the inter-app communication risks in large-scale Android apps by designing new distributed inter-app communication linking algorithm and performing nearest-neighbor risk analysis. Third, the thesis measures the impact of deep link hijacking risk, which is one type of inter-app communication risks, on 1 million websites and 160 thousand mobile apps. The measurement reveals the failure of Google's attempts to improve the security of deep links. / Ph. D.

Cyber Security

Big Data Security

Mobile Security

Data Leakage Detection

Multi-Dimensional Identification of Vulnerable Access Control in Mobile Applications

Chaoshun, Zuo

January 2020

No description available.

Computer Science