Conference Papers

Permanent URI for this collectionhttps://idr.nitk.ac.in/handle/123456789/28506

Browse

Filters

2012 - 20202

Settings

Author: search.filters.author.Pais, A.R.Subject: search.filters.subject.Privacy

Search Results

Now showing 1 - 2 of 2
  • No Thumbnail Available
    Item
    Restraining add-on's behavior in private browsing
    (2012) Bapat, A.D.; Pais, A.R.
    In this paper we address the privacy issues of add-on mechanism supported by browser in private mode. The add-ons enjoy unrestrained access to user sensitive information at all times. This freedom can be misused to create add-ons with malicious intent of violating privacy of the browser. We have designed and implemented an add-on which performs this task in private mode of the browser. This is a clear violation of the goals of private browsing. Mozilla lacks privacy ensuring mechanism against add-ons at browser level. So we have modified the source code of Mozilla Firefox to prevent such behavior of an add-on. It involves runtime monitoring of add-on?s behavior in private mode and notify/block suspicious ones. We have been able to prevent such add-on?s activity using our mechanism. Copyright 2012 ACM.
  • No Thumbnail Available
    Item
    Attacks on Android-Based Smartphones and Impact of Vendor Customization on Android OS Security
    (Springer Science and Business Media Deutschland GmbH, 2020) Kumar, S.; Kittur, L.J.; Pais, A.R.
    Smartphones are ubiquitous today, and they contain a large amount of personal and sensitive information. It is, therefore, essential to secure the underlying operating system. Android is the dominant operating system among the smartphone market; therefore, it is critical to uphold the security standards of Android. Android smartphone manufacturers and third-party custom ROM developers modify the operating system heavily to differentiate themselves among the competitors. The modifications done by the Smartphone manufacturers and third-party custom ROM developers posses a threat to the smartphone user’s privacy and make the Android OS vulnerable to advanced persistent threat (APT) attacks. This paper demonstrates that Smartphone manufacturers and third-party custom ROM developers can bypass Android’s security mechanisms and breach the user’s privacy without getting detected by the user by modifying parts of Android OS except for the kernel. In particular, this paper shows methods by which APT attacks can be performed on the Android 10’s Camera subsystem to capture pictures from the camera and upload them to a remote server without the user’s knowledge. © 2020, Springer Nature Switzerland AG.