智能手机安全和隐私:关于apt,基于传感器的攻击,侧信道攻击,Google Play攻击和防御的调查

Z. Muhammad, Z. Anwar, A. R. Javed, Bilal Saleem, Sidra Abbas, T. Gadekallu
{"title":"智能手机安全和隐私:关于apt,基于传感器的攻击,侧信道攻击,Google Play攻击和防御的调查","authors":"Z. Muhammad, Z. Anwar, A. R. Javed, Bilal Saleem, Sidra Abbas, T. Gadekallu","doi":"10.3390/technologies11030076","DOIUrl":null,"url":null,"abstract":"There is an exponential rise in the use of smartphones in government and private institutions due to business dependencies such as communication, virtual meetings, and access to global information. These smartphones are an attractive target for cybercriminals and are one of the leading causes of cyber espionage and sabotage. A large number of sophisticated malware attacks as well as advanced persistent threats (APTs) have been launched on smartphone users. These attacks are becoming significantly more complex, sophisticated, persistent, and undetected for extended periods. Traditionally, devices are targeted by exploiting a vulnerability in the operating system (OS) or device sensors. Nevertheless, there is a rise in APTs, side-channel attacks, sensor-based attacks, and attacks launched through the Google Play Store. Previous research contributions have lacked contemporary threats, and some have proven ineffective against the latest variants of the mobile operating system. In this paper, we conducted an extensive survey of papers over the last 15 years (2009–2023), covering vulnerabilities, contemporary threats, and corresponding defenses. The research highlights APTs, classifies malware variants, defines how sensors are exploited, visualizes multiple ways that side-channel attacks are launched, and provides a comprehensive list of malware families that spread through the Google Play Store. In addition, the research provides details on threat defense solutions, such as malware detection tools and techniques presented in the last decade. Finally, it highlights open issues and identifies the research gap that needs to be addressed to meet the challenges of next-generation smartphones.","PeriodicalId":22341,"journal":{"name":"Technologies","volume":"1 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses\",\"authors\":\"Z. Muhammad, Z. Anwar, A. R. Javed, Bilal Saleem, Sidra Abbas, T. Gadekallu\",\"doi\":\"10.3390/technologies11030076\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"There is an exponential rise in the use of smartphones in government and private institutions due to business dependencies such as communication, virtual meetings, and access to global information. These smartphones are an attractive target for cybercriminals and are one of the leading causes of cyber espionage and sabotage. A large number of sophisticated malware attacks as well as advanced persistent threats (APTs) have been launched on smartphone users. These attacks are becoming significantly more complex, sophisticated, persistent, and undetected for extended periods. Traditionally, devices are targeted by exploiting a vulnerability in the operating system (OS) or device sensors. Nevertheless, there is a rise in APTs, side-channel attacks, sensor-based attacks, and attacks launched through the Google Play Store. Previous research contributions have lacked contemporary threats, and some have proven ineffective against the latest variants of the mobile operating system. In this paper, we conducted an extensive survey of papers over the last 15 years (2009–2023), covering vulnerabilities, contemporary threats, and corresponding defenses. The research highlights APTs, classifies malware variants, defines how sensors are exploited, visualizes multiple ways that side-channel attacks are launched, and provides a comprehensive list of malware families that spread through the Google Play Store. In addition, the research provides details on threat defense solutions, such as malware detection tools and techniques presented in the last decade. Finally, it highlights open issues and identifies the research gap that needs to be addressed to meet the challenges of next-generation smartphones.\",\"PeriodicalId\":22341,\"journal\":{\"name\":\"Technologies\",\"volume\":\"1 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-06-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.3390/technologies11030076\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3390/technologies11030076","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1

摘要

由于通信、虚拟会议和获取全球信息等业务依赖,政府和私人机构中智能手机的使用呈指数级增长。这些智能手机是网络犯罪分子的一个有吸引力的目标,也是网络间谍和破坏活动的主要原因之一。智能手机用户遭遇了大量复杂的恶意软件攻击和高级持续性威胁(apt)。这些攻击正变得越来越复杂、复杂、持久,并且在很长一段时间内无法被发现。传统上,通过利用操作系统(OS)或设备传感器中的漏洞来攻击设备。然而,apt、侧信道攻击、基于传感器的攻击以及通过Google Play Store发起的攻击都有所增加。以前的研究成果缺乏当代威胁,有些已被证明对移动操作系统的最新变种无效。在本文中,我们对过去15年(2009-2023)的论文进行了广泛的调查,涵盖了漏洞、当代威胁和相应的防御。该研究强调了apt,对恶意软件变种进行了分类,定义了传感器是如何被利用的,可视化了发起侧信道攻击的多种方式,并提供了通过Google Play商店传播的恶意软件家族的综合列表。此外,该研究还详细介绍了威胁防御解决方案,例如过去十年中出现的恶意软件检测工具和技术。最后,它强调了开放的问题,并确定了需要解决的研究差距,以迎接下一代智能手机的挑战。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses
There is an exponential rise in the use of smartphones in government and private institutions due to business dependencies such as communication, virtual meetings, and access to global information. These smartphones are an attractive target for cybercriminals and are one of the leading causes of cyber espionage and sabotage. A large number of sophisticated malware attacks as well as advanced persistent threats (APTs) have been launched on smartphone users. These attacks are becoming significantly more complex, sophisticated, persistent, and undetected for extended periods. Traditionally, devices are targeted by exploiting a vulnerability in the operating system (OS) or device sensors. Nevertheless, there is a rise in APTs, side-channel attacks, sensor-based attacks, and attacks launched through the Google Play Store. Previous research contributions have lacked contemporary threats, and some have proven ineffective against the latest variants of the mobile operating system. In this paper, we conducted an extensive survey of papers over the last 15 years (2009–2023), covering vulnerabilities, contemporary threats, and corresponding defenses. The research highlights APTs, classifies malware variants, defines how sensors are exploited, visualizes multiple ways that side-channel attacks are launched, and provides a comprehensive list of malware families that spread through the Google Play Store. In addition, the research provides details on threat defense solutions, such as malware detection tools and techniques presented in the last decade. Finally, it highlights open issues and identifies the research gap that needs to be addressed to meet the challenges of next-generation smartphones.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Technology in Forensic Sciences: Innovation and Precision Enhanced Energy Transfer Efficiency for IoT-Enabled Cyber-Physical Systems in 6G Edge Networks with WPT-MIMO-NOMA Development of a Body Weight Support System Employing Model-Based System Engineering Methodology Nano-Level Additive Manufacturing: Condensed Review of Processes, Materials, and Industrial Applications Development of a New Prototype Paediatric Central Sleep Apnoea Monitor
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1