Smartphones are becoming increasingly important in all aspects of life, including corporate environments, where “bring your own device” (BYOD) policies are gaining widespread acceptance. Malware already exists to take advantage of Android phones in BYOD settings, aiming to take control of devices with access to privileged information by disguising itself as a benign app. Malware could be easier to detect if network administrators had more insight into employee-owned smartphones. We propose a system, called Appjudicator, to address this issue. It implements an accessibility service to monitor user interactions with the user interface (UI) of other apps, so this context can be used in malware detection. For example, if an app sends a new network request without any user interaction, this flow could be the result of malware and should be investigated. Our app is a host-based software defined networking (SDN) agent that works in conjunction with an SDN controller to monitor and control the phone’s networking abilities based on the organization’s SDN rules and our UI context. We build a proof of concept application and find that it can successfully combine network and UI data while adding less than 14 milliseconds of total latency in 95% of flows.

Creator

• Petitti, Joseph P.

Colaboradores

• Walls, Robert Joseph
• Shue, Craig A.

Degree

• MS

Unit

• Computer Science

Publisher

• Worcester Polytechnic Institute

Identifier

• etd-23006

Palabra Clave

• Android
• Software-defined networking

Advisor

• Shue, Craig A.

Defense date

• 2021-04-15

Year

• 2021

Date created

• 2021-05-06

Resource type

• Thesis

Rights statement

• In Copyright

Última modificación

• 2023-12-05