Preventive Policy Enforcement with Minimum User Intervention Against SMS Malware in Android Devices
Derhab, Abdelouahid . 2016
In this paper, we propose MinDroid, a user-centric preventive policy enforcement system against SMS malware in Android devices. The design of MinDroid takes into consideration the user’s little understanding of the Android permission system. This can be done by deriving the policy rules from the behavioral model of the malicious SMS applications rather than adopting user-defined rules. MinDroid requires user intervention only during the first T time units from the application installation time. The user during this time period is notified to accept or reject the SMS-sending operations. MinDroid execution is specified as a finite state machine, and its security properties are formally proven using Metric Temporal Logic. We also show that MinDroid is resilient against threats trying to compromise its correct functionality. In addition, an analytical study demonstrates that MinDroid offers good performance in terms of detection time and execution cost in comparison with intrusion detection systems based on static and dynamic analysis. The detection efficiency of MinDroid is also studied in terms of detection rate, false positive rate, and ROC distance. A prototype implementation of MinDroid is tested under Android emulator.
Cybersecurity in the health care domain is one of the most important and critical issues of this era. In fact, it was reported in 2014 that on the black market medical records are worth 10 times…
Information and Communication Technologies (ICT) based applications for Ambient Assisted Living (AAL) help elderly or individual people living home alone. AAL system reliability is mostly based on…
E-Healthcare is an emerging field that provides mobility to its users. The protected health information of the users are stored at a remote server (Telecare Medical Information System) and can be…