Autosoft Journal

Online Manuscript Access


Cyber threats to mobile messenger apps from identity cloning


Authors



Abstract

People enjoy connecting to the Internet outside of their homes and offices, due to technological innovations and the convenience. With smartphones and other mobile devices giving us the ability to conduct everyday activities such as mobile banking, online shopping, and social networking, cyber criminals are constantly looking to take advantage of insecure wireless networks, third party applications, and texting to your personal information, steal your identity, or read personal e-mails and work documents. Such cyber threats become very high, in particular, with Android apps since they are structurally easy to rebuild, to modify or inject arbitrary code. When an adversary has victim2019s credential files in a local device, this vulnerability becomes more solemn. While the adversary can bypass all applied security techniques and forge an identity completely, he can do everything that victim can. If a mobile messenger app was selected as an attack model, the adversary is able to not only view chat history and timeline records of a specific user but to also receive or send messages in real time. In this paper, we analyze the security weak points of representative Android message apps and prove this is realistic threat in cyber defense. We then propose alternative solutions against this attack.


Keywords


Pages

Total Pages: 9
Pages: 379-387

DOI
10.1080/10798587.2015.1118276


Manuscript ViewPdf Subscription required to access this document

Obtain access this manuscript in one of the following ways


Already subscribed?

Need information on obtaining a subscription? Personal and institutional subscriptions are available.

Already an author? Have access via email address?


Published

Volume: 22
Issue: 3
Year: 2016

Cite this document


References

Crussell, Jonathan, Clint Gibler, and Hao Chen. "Attack of the Clones: Detecting Cloned Applications on Android Markets." Lecture Notes in Computer Science (2012): 37-54. Crossref. Web. https://doi.org/10.1007/978-3-642-33167-1_3

Hanna, Steve et al. "Juxtapp: A Scalable System for Detecting Code Reuse Among Android Applications." Lecture Notes in Computer Science (2013): 62-81. Crossref. Web. https://doi.org/10.1007/978-3-642-37300-8_4

Jung, Jin-Hyuk et al. "Repackaging Attack on Android Banking Applications and Its Countermeasures." Wireless Personal Communications 73.4 (2013): 1421-1437. Crossref. Web. https://doi.org/10.1007/s11277-013-1258-x

Park S. W. Journal of Internet Services and Information Security (JISIS)

Piao Y. Security and Communication Networks

Potharaju, Rahul et al. "Plagiarizing Smartphone Applications: Attack Strategies and Defense Techniques." Engineering Secure Software and Systems (2012): 106-120. Crossref. Web. https://doi.org/10.1007/978-3-642-28166-2_11

Schulz P. Code protection in android

Zhou W. Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security

Zhou W. Proceedings of the third ACM conference on Data and application security and privacy

Zhou W. Proceedings of the second ACM conference on Data and Application Security and Privacy

JOURNAL INFORMATION


ISSN PRINT: 1079-8587
ISSN ONLINE: 2326-005X
DOI PREFIX: 10.31209
10.1080/10798587 with T&F
IMPACT FACTOR: 0.652 (2017/2018)
Journal: 1995-Present




CONTACT INFORMATION


TSI Press
18015 Bullis Hill
San Antonio, TX 78258 USA
PH: 210 479 1022
FAX: 210 479 1048
EMAIL: tsiepress@gmail.com
WEB: http://www.wacong.org/tsi/