Potential privacy vulnerabilities in android data sharing between applications

Taenam Cho, Seung Hyun Seo, Seung-Joo Kim

    Research output: Contribution to journalArticlepeer-review

    Abstract

    High-performance smartphones have enabled people to accomplish diverse types of work thanks to apps which provide unprecedented portability and convenience. Unlike PCs, smartphones are constantly on and connected with the Internet via WiFi or mobile communication networks. Nonetheless, such convenience also sets up an environment favorable for attackers as well, possibly leading to the leakage of user sensitive information in real-time. In this paper, we analyzed the vulnerabilities of ContentProviders, and how it is able to leak the data of other apps. In order to show the risk of illegal leakage of personal data stored in other apps, we created a proof-of-concept malicious application by using the potential vulnerabilities which may be exploited by attackers. Then, we proposed countermeasures to address the vulnerabilities of ContentProviders.

    Original languageEnglish
    Pages (from-to)1517-1531
    Number of pages15
    JournalInformation (Japan)
    Volume17
    Issue number4
    Publication statusPublished - 2014

    Keywords

    • Android
    • Content Provider
    • Data sharing
    • Malware
    • Security

    ASJC Scopus subject areas

    • General

    Fingerprint

    Dive into the research topics of 'Potential privacy vulnerabilities in android data sharing between applications'. Together they form a unique fingerprint.

    Cite this