Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Introduction to Android Security, Study Guides, Projects, Research of Computer Security

A beginners guide into android security and how to protect against android hacking.

Typology: Study Guides, Projects, Research

2020/2021

Available from 12/19/2021

abdurraheem-abdulfattah
abdurraheem-abdulfattah 🇳🇬

2 documents

1 / 3

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
AIRFORCE INSTITUTE OF TECNOLOGY
CYBER SECURITY
INTRODCUTION TO ANDROID SECURITY STUDY MATERIAL, DECEMBER 2021
We often use our android devices today without bothering about our information and privacy being
compromised by attackers or hackers. As we speak, some of us don’t even have an antivirus software
installed on our phones. It is very possible for our phones to get hacked through our social media
accounts most especially WhatsApp and even Instagram and sometimes email.
Our phones can be attacked through so many ways. Some of them include,
1. Shoulder Surfing
2. Social Engineering
3. Phishing
4. Use of malware (Backdoors and key loggers)
1. Shoulder Surfing
Shoulder surfing is a way of spying on a person to obtain information. Shoulder surfing is the
easiest form of android hacking. It involves the hacker spying on the user by standing behind and looking
over the shoulder of the person using the phone, for the purpose of gathering login credentials,
passwords and other sensitive information. Shoulder surfing is not only applied in phones. It can also be
applied at the ATM where the attacker uses the same spying process to look at the pin of the user.
NOTE: Anyone can be an attacker.
2. Social Engineering
Social Engineering is the ability of an attacker to manipulate a person to perform certain acts as
a means to trick a user into giving out information. The attacker tries to trick sensitive information out of
the victim by exploiting his or her weakness in their life, home and even their jobs. One of the methods
of perpetrating social engineering in a company or organization is through Human Foot printing
Human Foot printing involves gathering information about an employee. And that can be done
by searching the internet, getting website information about the organization, gathering information
about the employees, dumpster diving and so on
After the attacker gathers enough info about the organization. He finds a vulnerable target or person.
Particularly one that is emotionally disturbed or angry or even mentally fragile. A target with these
qualities can give out sensitive information so easily. After finding the target, the attacker establishes a
pleasurable interpersonal relationship between him and the target in order to facilitate trust between
them. And once that is done, the attacker can effortlessly gain information from the target.
pf3

Partial preview of the text

Download Introduction to Android Security and more Study Guides, Projects, Research Computer Security in PDF only on Docsity!

AIRFORCE INSTITUTE OF TECNOLOGY

CYBER SECURITY

INTRODCUTION TO ANDROID SECURITY – STUDY MATERIAL, DECEMBER 2021

We often use our android devices today without bothering about our information and privacy being compromised by attackers or hackers. As we speak, some of us don’t even have an antivirus software installed on our phones. It is very possible for our phones to get hacked through our social media accounts most especially WhatsApp and even Instagram and sometimes email. Our phones can be attacked through so many ways. Some of them include,

  1. Shoulder Surfing
  2. Social Engineering
  3. Phishing
  4. Use of malware (Backdoors and key loggers)
  5. Shoulder Surfing Shoulder surfing is a way of spying on a person to obtain information. Shoulder surfing is the easiest form of android hacking. It involves the hacker spying on the user by standing behind and looking over the shoulder of the person using the phone, for the purpose of gathering login credentials, passwords and other sensitive information. Shoulder surfing is not only applied in phones. It can also be applied at the ATM where the attacker uses the same spying process to look at the pin of the user. NOTE: Anyone can be an attacker.
  6. Social Engineering Social Engineering is the ability of an attacker to manipulate a person to perform certain acts as a means to trick a user into giving out information. The attacker tries to trick sensitive information out of the victim by exploiting his or her weakness in their life, home and even their jobs. One of the methods of perpetrating social engineering in a company or organization is through Human Foot printing Human Foot printing involves gathering information about an employee. And that can be done by searching the internet, getting website information about the organization, gathering information about the employees, dumpster diving and so on After the attacker gathers enough info about the organization. He finds a vulnerable target or person. Particularly one that is emotionally disturbed or angry or even mentally fragile. A target with these qualities can give out sensitive information so easily. After finding the target, the attacker establishes a pleasurable interpersonal relationship between him and the target in order to facilitate trust between them. And once that is done, the attacker can effortlessly gain information from the target.
  1. Phishing This is quite similar to fishing, where a fisherman uses a hook and line with a bait attached to attract and capture fish. In phishing, the attacker is the fisherman, the victim is the fish and the bait is the malware. Phishing is another form of social engineering attack where by the attacker sends a malicious link to the user so that when the user clicks on the link, more information is being sent back to the attacker. The malware sent by the attacker often contains an advert relating to a point of interest of the user, luring the user into the trap.
  2. Use of malware (Backdoors and Key loggers) A backdoor is a malicious program that gives the attacker full control over the victim’s phone. A key logger however is a malicious program that records every key strike entered by the victim. When the victim types an email, or a password or a message or a conversation, the report is being sent back to the attacker. Through some social engineering techniques like phishing, the attacker is able to send these malicious files to the victim and find ways to get the victim to open the file in order for the malicious code to execute.

Other Android Hacking Techniques

  1. One, Man in The Middle Attack In a man in the middle attack, the network is being tricked, and it mostly happens in a situation where the victim Is connected to a router. To understand this, when we connect to a router to browse the internet, any request we make like if we want to go to google.com for example, the request is being sent to the router and the router takes the request and sends it to the internet, where the internet sends the response back to the router and back to the user, so he or she is able to browse the web. In a man in the middle attack, the hacker tricks the user to think that the hacker is the router so that whatever request that is being sent, the information can be harvested by the hacker before the request is received by the internet. So in this phase, the hacker is able to modify the data and harvest login credentials like passwords, usernames and emails.
  2. Denial of Service Attack A denial of service attack is a situation whereby the attacker, using some hacking tools and programs, is able to deny a user service on his or her phone by overloading its processor and CPU remotely. The attacker sends numerous number of requests to the victims phone thereby overwhelming the device to a point where the phone is unusable.