Investigation of cyber attacks using post-installation app detection method

Kiran Kumar Mamidi; Kireet Muppavaram; Karuna Gotlur; Sudeepthi Govathoti; Khristina Maksudovna Vafaeva; Anil Kumar Saxena; Ammar Hameed Shnain

doi:10.1080/23311916.2024.2411859

Cogent Engineering (Dec 2024)

Investigation of cyber attacks using post-installation app detection method

Kiran Kumar Mamidi,
Kireet Muppavaram,
Karuna Gotlur,
Sudeepthi Govathoti,
Khristina Maksudovna Vafaeva,
Anil Kumar Saxena,
Ammar Hameed Shnain

Affiliations

Kiran Kumar Mamidi: Department of CSBS, Gokaraju Rangaraju Institute of Engineering and Technology, Hyderabad, India
Kireet Muppavaram: Department of CSE, GITAM School of Technology, Hyderabad, India
Karuna Gotlur: Department of AIML, Gokaraju Rangaraju Institute of Engineering and Technology, Hyderabad, India
Sudeepthi Govathoti: Department of CSE, GITAM School of Technology, Hyderabad, India
Khristina Maksudovna Vafaeva: Division of Research and Development, Lovely Professional University, Phagwara, Punjab, India
Anil Kumar Saxena: Department of Engineering, Uttaranchal University, Dehradun, India
Ammar Hameed Shnain: Department of Computers Techniques Engineering, College of Technical Engineering, The Islamic University, Najaf, Iraq

DOI: https://doi.org/10.1080/23311916.2024.2411859
Journal volume & issue: Vol. 11, no. 1

Abstract

Read online

The widespread use of smartphones worldwide in recent years has led to a corresponding rise in the number of mobile applications available for Android devices. These apps offer users convenient ways to perform various daily tasks but their proliferation has also created an environment in which attackers can steal sensitive information from smartphones. Insecure options employed by many app developers to create vulnerabilities that can be exploited by the attackers to gain access smartphones’ data. While existing methods can detect malware during an app installation but they do not sufficiently address the post-installation attacks such as fake apps or Man-in-the-Disk (MITD) attacks. The proposed method provide solution to address the post-installation attacks includes data leakage, malware injection, repackaging, reverse engineering, privilege escalation, and UI spoofing. To mitigate this risk, the Post-Installation App Detection Method is proposed to monitor and regulate sensitive information flow and prevent MITD attacks and is achieved 97% accuracy in detection of MITD attacks.

Published in Cogent Engineering

ISSN: 2331-1916 (Online)
Publisher: Taylor & Francis Group
Country of publisher: United Kingdom
LCC subjects: Technology: Engineering (General). Civil engineering (General)
Website: https://www.tandfonline.com/journals/oaen

About the journal

Abstract

Keywords