Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 2 of 2
Full-Text Articles in Entire DC Network
Security Vulnerabilities In Android Applications, Crischell Montealegre, Charles Rubia Njuguna, Muhammad Imran Malik, Peter Hannay, Ian Noel Mcateer
Security Vulnerabilities In Android Applications, Crischell Montealegre, Charles Rubia Njuguna, Muhammad Imran Malik, Peter Hannay, Ian Noel Mcateer
Australian Information Security Management Conference
Privacy-related vulnerabilities and risks are often embedded into applications during their development, with this action being either performed out of malice or out of negligence. Moreover, the majority of the mobile applications initiate connections to websites, other apps, or services outside of its scope causing significant compromise to the oblivious user. Therefore, mobile data encryption or related data-protection controls should be taken into account during the application development phase. This paper evaluates some standard apps and their associated threats using publicly available tools and demonstrates how an ignorant user or an organisation can fall prey to such apps.
Mitigating Man-In-The-Middle Attacks On Mobile Devices By Blocking Insecure Http Traffic Without Using Vpn, Kevin Chong, Muhammad Imran Malik, Peter Hannay
Mitigating Man-In-The-Middle Attacks On Mobile Devices By Blocking Insecure Http Traffic Without Using Vpn, Kevin Chong, Muhammad Imran Malik, Peter Hannay
Australian Information Security Management Conference
Mobile devices are constantly connected to the Internet, making countless connections with remote services. Unfortunately, many of these connections are in cleartext, visible to third-parties while in transit. This is insecure and opens up the possibility for man-in-the-middle attacks. While there is little control over what kind of connection running apps can make, this paper presents a solution in blocking insecure HTTP packets from leaving the device. Specifically, the proposed solution works on the device, without the need to tunnel packets to a remote VPN server, and without special privileges such as root access. Speed tests were performed to quantify …