Work place: Department of Computing, Sunway University, Bandar Sunway, 47500, Malaysia
E-mail: 16095267@imail.sunway.edu.my
Website:
Research Interests: Computer systems and computational processes, Systems Architecture, Data Mining, Data Structures and Algorithms, Detection Theory
Biography
MIRA SILWAL is currently pursing dual degree in BSc (Hons) Information Technology (Computer Networking and Security) from Sunway University and Lancaster University. She is a prolific IT enthusiast whose research interests includes the aspects of data mining, machine learning, intrusion detection systems (IDSs) and cybersecurity.
By Ahamed K. H. Hussain Mohsen Kakavand Mira Silval Lingges Arulsamy
DOI: https://doi.org/10.5815/ijcnis.2020.01.03, Pub. Date: 8 Feb. 2020
Android is the most popular operating system in the world, with numerous applications having been developed for the platform since its inception, however, it has its fair share of security issues. Despite security precautions taken by developers and the system itself when it comes to permission delegation for applications, privilege escalation attacks are still possible up till Android API level 25. Unfortunately, many existing detection and prevention solutions fall short of the standard necessary or are taxing in resources not found on most Android devices. Proof is shown that a custom created malicious application can elevate its privileges, beyond the permissions it was given, in the existing Android system. In this paper, a modification to the existing Android framework is proposed, one that can detect inter-component communication messages between malicious apps attempting to elevate their privileges and benign applications. Part of this framework is the ability for the user to decide if permissions should be elevated, allowing them some measure of control. The results of the experimental evaluation demonstrate that the solution proposed is effective in preventing privilege escalation attacks on Android API level 24.
[...] Read more.Subscribe to receive issue release notifications and newsletters from MECS Press journals