Android phone security
In this report, a detailed analysis and explanation of the project will be discussed. It shall serve as a progress guide for project supervisors on the progress of the project. The report shall highlight the work accomplished, achievements and difficulties encountered. The project kick started off...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2016
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/66676 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | In this report, a detailed analysis and explanation of the project will be discussed. It shall serve as a progress guide for project supervisors on the progress of the project. The report shall highlight the work accomplished, achievements and difficulties encountered.
The project kick started off in researching for vulnerabilities on Android device. For this project, it is important to know the framework of Android as this helps in understanding of how Android Operating System (OS) works. The next step is to learn about the built-in security features of Android OS. With the knowledge and hypothesis of a secured Android OS, it is key to find out how Android devices can be compromised even with the security features in placed.
The project experiment is done on a Samsung S4 phone running on CyanogenMod CM11 - Android OS version 4.4.4. In this project, 4 different types of vulnerabilities that might cause theft of phone information are focused on. There are numerous known vulnerabilities with phone running on Android OS but not all vulnerabilities will lead to theft of phone information such as denial of service. Thus, the focus of this project is on those vulnerabilities that cause a phone to lose its confidentiality.
Pertaining to the Project Plan, the project scope includes understanding the architecture of Android OS, Android OS security and penetration testing of the possible vulnerabilities. For a successful test case, the phone contacts and text messages are extracted out through the vulnerability. At the end of this project, a list of mitigating factors is complied. This will help readers of this project to fully appreciate the importance of preventing attacks on their Android devices.
The results of the four experiments were accurate in contrast with the Android version used, two of which produced successful results. Based on the results, a clear conclusion is drawn – Android OS is built with good security features but it is users that compromise security. Security is only as strong as the weakest link. |
|---|