M. Shafi, Muhammad Israr, Muhammad Sohail Khan, M. I. Khattak, Togeer Ali Syed
{"title":"Assessment of source data vulnerability to reproduction in Android applications","authors":"M. Shafi, Muhammad Israr, Muhammad Sohail Khan, M. I. Khattak, Togeer Ali Syed","doi":"10.1109/CICN.2017.8319369","DOIUrl":null,"url":null,"abstract":"The vast distribution of smartphone applications and the data resident on the phone (in case of offline applications) makes the data more vulnerable to theft and reproduction. This exposure of data not only affects the intellectual property but also exposes the smartphone users to spam and illegal use of private data. This paper analyzes the offline Android applications with sizable databases such as dictionaries to assess the level of security they have against data theft/reproduction. 200 dictionaries were downloaded from Google Play Store to assess the level of security they provide against data theft/reproduction. Alarmingly, it was found that most of the applications have no encryption and the data is just few clicks away from reproduction while others are encrypted but the encryption schemes are so naïve and could easily be decrypted. Only few applications were found to have robust encryption making it hard to reproduce the data.","PeriodicalId":339750,"journal":{"name":"2017 9th International Conference on Computational Intelligence and Communication Networks (CICN)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 9th International Conference on Computational Intelligence and Communication Networks (CICN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CICN.2017.8319369","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The vast distribution of smartphone applications and the data resident on the phone (in case of offline applications) makes the data more vulnerable to theft and reproduction. This exposure of data not only affects the intellectual property but also exposes the smartphone users to spam and illegal use of private data. This paper analyzes the offline Android applications with sizable databases such as dictionaries to assess the level of security they have against data theft/reproduction. 200 dictionaries were downloaded from Google Play Store to assess the level of security they provide against data theft/reproduction. Alarmingly, it was found that most of the applications have no encryption and the data is just few clicks away from reproduction while others are encrypted but the encryption schemes are so naïve and could easily be decrypted. Only few applications were found to have robust encryption making it hard to reproduce the data.
智能手机应用程序的广泛分布和驻留在手机上的数据(在离线应用程序的情况下)使得数据更容易被盗窃和复制。这种数据暴露不仅会影响知识产权,还会使智能手机用户面临垃圾邮件和非法使用私人数据的风险。本文分析了具有大量数据库(如字典)的离线Android应用程序,以评估它们对数据盗窃/复制的安全级别。从Google Play Store下载了200本词典,以评估它们提供的防止数据盗窃/复制的安全级别。令人震惊的是,大多数应用程序没有加密,数据只需点击几下就可以复制,而其他应用程序是加密的,但加密方案非常naïve,很容易被解密。只有少数应用程序被发现具有强大的加密功能,使数据难以重现。
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
