An Enhanced Framework to Mitigate Post-Installation Cyber Attacks on Android Apps

Abstract

The widespread use of smartphones worldwide has led to a corresponding rise in the number of mobile applications available for Android devices. These apps offer users convenient ways to perform various daily tasks, but their proliferation has also created an environment in which attackers can steal sensitive information. Insecure options employed by many app developers create vulnerabilities that can be exploited by attackers to gain access to most smartphones. While existing methods can detect malware during app installation, they do not sufficiently address post-installation attacks, such as those resulting from fake apps or Man-in-the-Disk (MitD) attacks. To address this issue, the current study conducted research on post-installation attacks, including data leakage, malware injection, repackaging, reverse engineering, privilege escalation, and UI spoofing. MitD attacks are particularly challenging to counter, so, to mitigate this risk, the Post-Installation App Detection Method is proposed to monitor and regulate sensitive information flow and prevent MitD attacks.