Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

Introduction to Android Security, Study Guides, Projects, Research of Computer Security

Air Force Institute of Technology (AFIT)Computer Security

A beginners guide into android security and how to protect against android hacking.

Typology: Study Guides, Projects, Research

2020/2021

Available from 12/19/2021

abdurraheem-abdulfattah
abdurraheem-abdulfattah 🇳🇬

2 documents

1 / 3

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
AIRFORCE INSTITUTE OF TECNOLOGY
CYBER SECURITY
INTRODCUTION TO ANDROID SECURITY STUDY MATERIAL, DECEMBER 2021
We often use our android devices today without bothering about our information and privacy being
compromised by attackers or hackers. As we speak, some of us don’t even have an antivirus software
installed on our phones. It is very possible for our phones to get hacked through our social media
accounts most especially WhatsApp and even Instagram and sometimes email.
Our phones can be attacked through so many ways. Some of them include,
1. Shoulder Surfing
2. Social Engineering
3. Phishing
4. Use of malware (Backdoors and key loggers)
1. Shoulder Surfing
Shoulder surfing is a way of spying on a person to obtain information. Shoulder surfing is the
easiest form of android hacking. It involves the hacker spying on the user by standing behind and looking
over the shoulder of the person using the phone, for the purpose of gathering login credentials,
passwords and other sensitive information. Shoulder surfing is not only applied in phones. It can also be
applied at the ATM where the attacker uses the same spying process to look at the pin of the user.
NOTE: Anyone can be an attacker.
2. Social Engineering
Social Engineering is the ability of an attacker to manipulate a person to perform certain acts as
a means to trick a user into giving out information. The attacker tries to trick sensitive information out of
the victim by exploiting his or her weakness in their life, home and even their jobs. One of the methods
of perpetrating social engineering in a company or organization is through Human Foot printing
Human Foot printing involves gathering information about an employee. And that can be done
by searching the internet, getting website information about the organization, gathering information
about the employees, dumpster diving and so on
After the attacker gathers enough info about the organization. He finds a vulnerable target or person.
Particularly one that is emotionally disturbed or angry or even mentally fragile. A target with these
qualities can give out sensitive information so easily. After finding the target, the attacker establishes a
pleasurable interpersonal relationship between him and the target in order to facilitate trust between
them. And once that is done, the attacker can effortlessly gain information from the target.
pf3

Partial preview of the text

Download Introduction to Android Security and more Study Guides, Projects, Research Computer Security in PDF only on Docsity!

AIRFORCE INSTITUTE OF TECNOLOGY

CYBER SECURITY

INTRODCUTION TO ANDROID SECURITY – STUDY MATERIAL, DECEMBER 2021

We often use our android devices today without bothering about our information and privacy being compromised by attackers or hackers. As we speak, some of us don’t even have an antivirus software installed on our phones. It is very possible for our phones to get hacked through our social media accounts most especially WhatsApp and even Instagram and sometimes email. Our phones can be attacked through so many ways. Some of them include,

  1. Shoulder Surfing
  2. Social Engineering
  3. Phishing
  4. Use of malware (Backdoors and key loggers)
  5. Shoulder Surfing Shoulder surfing is a way of spying on a person to obtain information. Shoulder surfing is the easiest form of android hacking. It involves the hacker spying on the user by standing behind and looking over the shoulder of the person using the phone, for the purpose of gathering login credentials, passwords and other sensitive information. Shoulder surfing is not only applied in phones. It can also be applied at the ATM where the attacker uses the same spying process to look at the pin of the user. NOTE: Anyone can be an attacker.
  6. Social Engineering Social Engineering is the ability of an attacker to manipulate a person to perform certain acts as a means to trick a user into giving out information. The attacker tries to trick sensitive information out of the victim by exploiting his or her weakness in their life, home and even their jobs. One of the methods of perpetrating social engineering in a company or organization is through Human Foot printing Human Foot printing involves gathering information about an employee. And that can be done by searching the internet, getting website information about the organization, gathering information about the employees, dumpster diving and so on After the attacker gathers enough info about the organization. He finds a vulnerable target or person. Particularly one that is emotionally disturbed or angry or even mentally fragile. A target with these qualities can give out sensitive information so easily. After finding the target, the attacker establishes a pleasurable interpersonal relationship between him and the target in order to facilitate trust between them. And once that is done, the attacker can effortlessly gain information from the target.
  1. Phishing This is quite similar to fishing, where a fisherman uses a hook and line with a bait attached to attract and capture fish. In phishing, the attacker is the fisherman, the victim is the fish and the bait is the malware. Phishing is another form of social engineering attack where by the attacker sends a malicious link to the user so that when the user clicks on the link, more information is being sent back to the attacker. The malware sent by the attacker often contains an advert relating to a point of interest of the user, luring the user into the trap.
  2. Use of malware (Backdoors and Key loggers) A backdoor is a malicious program that gives the attacker full control over the victim’s phone. A key logger however is a malicious program that records every key strike entered by the victim. When the victim types an email, or a password or a message or a conversation, the report is being sent back to the attacker. Through some social engineering techniques like phishing, the attacker is able to send these malicious files to the victim and find ways to get the victim to open the file in order for the malicious code to execute.

Other Android Hacking Techniques

  1. One, Man in The Middle Attack In a man in the middle attack, the network is being tricked, and it mostly happens in a situation where the victim Is connected to a router. To understand this, when we connect to a router to browse the internet, any request we make like if we want to go to google.com for example, the request is being sent to the router and the router takes the request and sends it to the internet, where the internet sends the response back to the router and back to the user, so he or she is able to browse the web. In a man in the middle attack, the hacker tricks the user to think that the hacker is the router so that whatever request that is being sent, the information can be harvested by the hacker before the request is received by the internet. So in this phase, the hacker is able to modify the data and harvest login credentials like passwords, usernames and emails.
  2. Denial of Service Attack A denial of service attack is a situation whereby the attacker, using some hacking tools and programs, is able to deny a user service on his or her phone by overloading its processor and CPU remotely. The attacker sends numerous number of requests to the victims phone thereby overwhelming the device to a point where the phone is unusable.