IIIT-Delhi Institutional Repository
Protecting android devices following BYOD policy against data security and privacy attacks
- Home
- →
- Computer Science and Engineering
- →
- MTech Theses
- →
- Year-2013
- →
- View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Jindal, Arun Kumar | |
| dc.contributor.author | Naik, Vinayak (Advisor) | |
| dc.date.accessioned | 2013-07-15T04:25:37Z | |
| dc.date.available | 2013-07-15T04:25:37Z | |
| dc.date.issued | 2013-07-15T04:25:37Z | |
| dc.identifier.uri | https://repository.iiitd.edu.in/jspui/handle/123456789/105 | |
| dc.description.abstract | Bring Your Own Device (BYOD) is an IT policy being adopted by corporate organizations worldwide. It permits the employees to bring their own devices like smartphones, tablets, etc to their place of work and use them to access the privileged corporate information while being both inside and outside their place of work. Therefore, employees use the same device for their personal and o ce work. Such a corporate policy brings in a number of advantages like increased employee productivity, improved employee satisfaction, and reduction in corporate expenses. However, one of the major concerns in implementing such a policy is data security and privacy. Permitting employees to access the privileged corporate information on their personal device can lead to pertinent corporate data being compromised. On the other hand, employees are apprehensive that the corporate organizations may spy or track their personal cyber activities. Existing solutions for BYOD can be categorized into Mobile Device Management (MDM)-based and Network Access Control (NAC)-based. MDM-based solutions are comprised of a client software, which runs on the users' mobile devices 24/7 monitoring, securing, and managing the mobile device from a corporate-based server. Such a solution could lead to breach of employees' privacy and extensive battery drainage. NAC-based solutions assumes the use of corporate network. Such a solution is not full proof because the corporate data is at a security risk, when the device is not connected to the corporate network. In this study, we formulate a generic BYOD policy from a corporate data security perspective, study the possible security breaches on that policy from Android devices' perspective, and propose ways to defend against them. We propose a solution architecture for Android-based mobile devices. Our approach, unlike the existing BYOD solutions, provides data security, preserves privacy, and consumes less energy. Our approach successfully detects (a) root status of the device and (b) malicious apps, which steal information or subvert information. Our detection is 70 % accurate when tested on real malicious applications. Finally, we present limitations of our approach. | en_US |
| dc.language.iso | en_US | en_US |
| dc.subject | Bring Your Own Device (BYOD) | en_US |
| dc.subject | Android | en_US |
| dc.subject | Mobile Devices | en_US |
| dc.subject | Security | en_US |
| dc.subject | Malware | en_US |
| dc.subject | Operating System (OS) | en_US |
| dc.subject | Mobile Device Management (MDM) | en_US |
| dc.subject | Network Access Control (NAC) and Rooting | en_US |
| dc.title | Protecting android devices following BYOD policy against data security and privacy attacks | en_US |
| dc.type | Thesis | en_US |
Files in this item
This item appears in the following Collection(s)
-
Year-2013 [11]