Attacking Android system security layers : an implementation of several proofs of concept

e-Archivo Repository

Show simple item record

dc.contributor.advisor Suárez de Tangil Rotaeche, Guillermo Nicolás Rico Simal, Alberto 2014-09-03T14:43:48Z 2014-09-03T14:43:48Z 2013-02 2013-03-11
dc.description.abstract The purpose of the present thesis is to classify, explain and exemplify, via proofs of concept, some of the different approaches through which the Android system security elements can be overridden, granting access to unauthorized resources. The scope of the present thesis will comprehend the following stages, from definition to data analysis: - Identifying, listing and defining a set of different possible attacks to the Android system security layers. - Determining the feasibility and prerequisites per each defined attack. - Defining the success boundaries, per each. - Implementing proofs of concept able to reach those boundaries. - Collection and analysis of results, determining the estimated potential risk. Since the basis of the thesis consists of exploiting security flaws, feasibility will often depend on a complex set of factors, such as software versions, type of hardware, connectivity, etc. Thus, an attack can be considered feasible if there's at least one way to be reproduced - the minimum required environment will be explained for each different attack. Success boundaries are defined as the minimum set of collectable evidence, expected to be the outcome of a favorable attack. Therefore, it stands for the individual metric that determines success or failure of a single attack. A proof of concept will be the implementation of an attack, able to achieve the success boundaries from the environment defined in the feasibility stage. Estimated potential risk will be defined as a compound of metrics, such as sensitivity of reached data or device, denial of service, data tampering risks, reversibility, and reproducibility, amongst others. Since not all of these metrics are objective values, they will be weighed accordingly and explained separately in its computation.
dc.format.mimetype application/pdf
dc.language.iso eng
dc.rights Atribución-NoComercial-SinDerivadas 3.0 España
dc.rights GNU General Public License GPL v3
dc.subject.other Seguridad informática
dc.subject.other Protección de datos
dc.subject.other Android (Sistema operativo)
dc.title Attacking Android system security layers : an implementation of several proofs of concept
dc.type bachelorThesis
dc.subject.eciencia Informática
dc.rights.accessRights openAccess Ingeniería Informática
dc.contributor.departamento Universidad Carlos III de Madrid. Departamento de Informática
 Find Full text

Files in this item

*Click on file's image for preview. (Embargoed files's preview is not supported)

The following license files are associated with this item:

This item appears in the following Collection(s)

Show simple item record