Abstract:
With hundreds of millions of Android phone users in around 190 countries, the global smartphone market has witnessed extraordinary and explosive growth of Android phone sales in recent years, which is escorted with the huge number of its applications. It has an open source code platform that encourages app developers to develop android applications and introduce them free of cost in the market. Applications are considered as the heart of Android phone that drive innovation, leisure, ease of availability and compatibility with the mobile devices. Embedded adware or mobile advertising is rapidly finding its ways into android applications in the form of banner ads, rich media or interstitial ads. The fluidity of application markets and the embedded adware thwart Android phone security. Availability of applications (apps) comes in two versions i.e. free or paid. Mostly in free version apps, developers embed advertisement libraries in his application code to generate the revenue. This practice may cause in-application advertisement attacks to steal unauthorized data of the user. One of the major reasons is the correlation model or permission-based model running between advertisements and the mobile applications, where permissions of app and ad-libraries are not separated. So eventually they can misuse each other’s permissions and become the privacy compromise source for the Android users. Using the quantitative research technique in the current study, the research has found that there is a significant impact of embedded adware on Android user’s security by causing advertisement attacks. However, certain limitations of the existing solutions can be highlighted by exploring the permissions of ad-blockers and the techniques used for the separation of ad-libraries and app permissions to reduce the permission bloat. To fulfill the requirements to protect Android users from in-application advertisement attacks, a recommendation model is provided for Security professionals and general public. Meanwhile, areas for future research have also been provided in this research thesis.
