IIIT-Delhi Institutional Repository

Protecting android devices following BYOD policy against data security and privacy attacks

Show simple item record

dc.contributor.author Jindal, Arun Kumar
dc.contributor.author Naik, Vinayak (Advisor)
dc.date.accessioned 2013-07-15T04:25:37Z
dc.date.available 2013-07-15T04:25:37Z
dc.date.issued 2013-07-15T04:25:37Z
dc.identifier.uri https://repository.iiitd.edu.in/jspui/handle/123456789/105
dc.description.abstract Bring Your Own Device (BYOD) is an IT policy being adopted by corporate organizations worldwide. It permits the employees to bring their own devices like smartphones, tablets, etc to their place of work and use them to access the privileged corporate information while being both inside and outside their place of work. Therefore, employees use the same device for their personal and o ce work. Such a corporate policy brings in a number of advantages like increased employee productivity, improved employee satisfaction, and reduction in corporate expenses. However, one of the major concerns in implementing such a policy is data security and privacy. Permitting employees to access the privileged corporate information on their personal device can lead to pertinent corporate data being compromised. On the other hand, employees are apprehensive that the corporate organizations may spy or track their personal cyber activities. Existing solutions for BYOD can be categorized into Mobile Device Management (MDM)-based and Network Access Control (NAC)-based. MDM-based solutions are comprised of a client software, which runs on the users' mobile devices 24/7 monitoring, securing, and managing the mobile device from a corporate-based server. Such a solution could lead to breach of employees' privacy and extensive battery drainage. NAC-based solutions assumes the use of corporate network. Such a solution is not full proof because the corporate data is at a security risk, when the device is not connected to the corporate network. In this study, we formulate a generic BYOD policy from a corporate data security perspective, study the possible security breaches on that policy from Android devices' perspective, and propose ways to defend against them. We propose a solution architecture for Android-based mobile devices. Our approach, unlike the existing BYOD solutions, provides data security, preserves privacy, and consumes less energy. Our approach successfully detects (a) root status of the device and (b) malicious apps, which steal information or subvert information. Our detection is 70 % accurate when tested on real malicious applications. Finally, we present limitations of our approach. en_US
dc.language.iso en_US en_US
dc.subject Bring Your Own Device (BYOD) en_US
dc.subject Android en_US
dc.subject Mobile Devices en_US
dc.subject Security en_US
dc.subject Malware en_US
dc.subject Operating System (OS) en_US
dc.subject Mobile Device Management (MDM) en_US
dc.subject Network Access Control (NAC) and Rooting en_US
dc.title Protecting android devices following BYOD policy against data security and privacy attacks en_US
dc.type Thesis en_US

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search Repository

Advanced Search


My Account