Use this URL to cite or link to this record in EThOS:
Title: Privacy analysis of mobile apps
Author: Olukoya, Oluwafemi Samuel
ISNI:       0000 0004 8503 2000
Awarding Body: University of Glasgow
Current Institution: University of Glasgow
Date of Award: 2019
Availability of Full Text:
Access from EThOS:
Full text unavailable from EThOS. Please try the link below.
Access from Institution:
The increasing popularity of the Android OS has resulted in its user base surging past 2.5 billion monthly active users, which has made cybercriminals and non-criminal actors attracted to the OS because of the amount and quality of information they can access. As malicious apps are at an arms race with their benign counterparts in malware analysis, coupled with the evolving nature of the Android ecosystem, it is important to continuously analyse the ecosystem for privacy and security issues. The thesis proposes a privacy and security analysis approach for mobile software systems. The research methodology abstracts the mobile security problem as an access control problem, where the behavioural elements mirror the standard elements in an access control system - identification, authentication and authorization. This involves analyzing the app's behavioural elements for unstructured user input, user-granted permissions, UI textual description, and literal app/product description. Next, the effectiveness of the proposed approach was evaluated in the context of mobile systems security, particularly in the area of malware analysis and its mitigation. The approaches are different because they utilize different aspects of the app metadata, such that security analysis of apps could be done depending on what aspect of the app information is available. Overall, this thesis contributes to knowledge around mobile software systems for the design of robust malware detection tools, a security-oriented overview of mobile systems behaviour and reliable risk signalling for privacy awareness. The findings demonstrated great promise in using the elements of access control for mobile systems in anomaly detection and sustainable malware mitigation. The proposed approach succeeded where other approaches have not, in malware analysis.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
Keywords: Q Science (General) ; QA75 Electronic computers. Computer science ; QA76 Computer software ; T Technology (General)