SHARMA-THESIS-2017.pdf (13.83 MB)
0/0

Generating smartphone phishing applications for deception based defense

Download (13.83 MB)
thesis
posted on 27.10.2017 by Kruti Sharma
Graphical User Interface (GUI)-based APplications (GAPs) are ubiquitous, both in personal and business use and they are deployed on diverse software and hardware platforms. Android has been increasingly adopted as operating system for smartphones and is gaining popularity. With this increase, the smartphones are now built with capabilities to assist Users With Disabilities (UWDs). There are close to 50Mil people in USA and nearly 600Mil people worldwide who have some form of disability ranging from vision impairment to hearing etc. UWDs need specialized assistance with GAPs. Accessibility Services (AS) are embedded in smartphones to assist UWDs with GUI interaction but these mobile assistive technologies are fundamentally insecure thus exposing smartphones to a variety of attacks. SEAPHISH (SEcuring Accessibility using PHISHing) platform aims to analyze security issues and threats posed by AS which can effectively simulate the human user of the smartphone. The platform uses existing mobile apps which are already installed on the users smartphones to extract GUI properties via AS to generate a similar looking app i.e. a phishing app. These phished apps can help in predicting and mitigating security threats posed by malicious applications using deception as a base for defense.

History

Advisor

Grechanik, Mark

Chair

Grechanik, Mark

Department

Computer Science

Degree Grantor

University of Illinois at Chicago

Degree Level

Masters

Committee Member

Sistla, Aravinda Prasad Kanich, Chris Shah,, Mohak

Submitted date

May 2017

Issue date

11/04/2017

Exports