On privacy risks of Android phones
Ng, Xin Yi
Date of Issue2014
School of Computer Engineering
Smartphone is no longer used for communication but also entertainment, personal or work purposes. In 2013, Android has been top in the market. Android is an open source development that provide free license for development to create and upload application in Google’s Android Market App Store. By providing a platform for developers to freely develop applications at no cost, it has brought to an attention where security has become a concern in Android. Malware and Phishing are common security threats in computers. Consumers accessing malicious link or application from third-party through smartphone may also face the risk of security threats. However, applications from Google’s Android Market App Store may not be free from security threats too. A set of permissions are required to be accepted before an application can proceed to be installed into the device. Information or data resides in the device can be accessed by permitted applications. Users may face privacy risk by having information not solely for application purpose but to other parties or so. In this project, an implementation is developed to demonstrate the privacy risk that may be faced by users. The implementation is designed to execute information retrieval from background processing and without user’s consent. Mobile data is enabled to access network to store information retrieved into cloud. Meanwhile, GPS is also enabled to capture the current location. Picture taken and video recording are used in this implementation too. Through tests and experiments on various individuals, it is known that the individuals are oblivious to which of their information was transmitted. The information collected can be used to track on individuals. Due to the current nature of Android coding, implementing a counter measure may be difficult to detect the developer’s intention of permission use. In fact, prevention methods are recommended to be taken instead to decrease the probability of facing the privacy risk.
DRNTU::Engineering::Computer science and engineering
Final Year Project (FYP)
Nanyang Technological University