With the dominance of Android in the smartphone market, malware targeting Android users has increased over time. Android applications are now being used to control unmanned aircraft systems (UAS) making smartphones the storehouse for all the data that is generated by the UAS. This data can be sensitive in nature which puts the user at the risk of data exfiltration. As most Android-hosted UAS applications are proprietary software, their source code cannot be studied or modified. This thesis discusses an external monitoring system which is devised in order to assess the threat of data exfiltration.
The system is further used to analyze the network behavior of the popular Android-hosted UAS application, DJI GO 4. Current methods to limit data exfiltration are discussed along with their limitations and are categorized based on the ease of deployment.
Even though the Android framework provides a permission system which helps to limit the capabilities of an application, this security mechanism is coarse-grain in nature. The user either allows access to the required permissions or the application fails to function. Moreover, there is no system in place to provide finer control over the existing permissions that are granted to an application. This thesis proposes a fine-grain and application-specific access control mechanism based on system call interposition. The solution focuses on limiting the I/O operations of the target application without any framework or application modification. / Master of Science / Advances in smartphone technology has led major consumer and commercial unmanned aircraft system (UAS) manufacturers to provide users with the feature to fly the UAS using their smartphones. The UAS generate and store large amounts of data which may be sensitive in nature. This has led the U.S. Department of Defense to ban the use of all commercial off-the-shelf UAS due to the threat of data leakage. This thesis discusses an external monitoring system which maps the network behavior of an Android-hosted UAS application, along with the existing methods to limit data leakage. To overcome the limitations of existing techniques, a fine-grain and application-specific access control mechanism is proposed. The solution provides users with the ability to enforce custom security policies to safeguard their data.
Identifer | oai:union.ndltd.org:VTETD/oai:vtechworks.lib.vt.edu:10919/92874 |
Date | 06 August 2019 |
Creators | Malik, Akshat |
Contributors | Electrical and Computer Engineering, Patterson, Cameron D., Williams, Ryan K., Min, Chang Woo |
Publisher | Virginia Tech |
Source Sets | Virginia Tech Theses and Dissertation |
Detected Language | English |
Type | Thesis |
Format | ETD, application/pdf |
Rights | In Copyright, http://rightsstatements.org/vocab/InC/1.0/ |
Page generated in 0.0021 seconds