Information Management Security Vulnerabilities in Smartphones Used by University Students: A Case Study in the Southwest of Colombia

Authors

DOI:

https://doi.org/10.19053/01211129.v31.n59.2022.13957

Keywords:

Vulnerabilities, Mobile devices, Android, Phising, nformation leak

Abstract

Currently, students who use smartphones are affected by theft and information leakage, to address this problem, this research aims to identify security vulnerabilities in these devices. In addition, an application to prevent phishing and information leakage was implemented. Effectiveness and performance tests were carried out to identify vulnerabilities and to alert users about them. The threats identified in Android smartphones used by university students in the southwest of Colombia were based on various techniques (phishing, DNS poisoning, identity theft, Man in the middle, foot-printing, spyware). To reach this result, we defined the problem, then we made a literature review, after that we defined the study population, methods, and instruments; finally, we collected the information and analyzed the results. An application was launched to show the security vulnerabilities of malicious software installation, which extracts information from student’s devices and makes the security of our mobile phones a priority nowadays; and to achieve greater security on Android smartphones. However, it is essential to be aware of the importance of self-care.

Downloads

Download data is not yet available.

Author Biographies

Cristian-Camilo Ordoñez-Quintero, Fundación Universitaria de Popayán

Roles: Research, exploratory data analysis, model definition and refinement, implementation, model validation.

Hugo-Armando Ordoñez-Eraso, Universidad del Cauca

Roles: Research, Methodology, validation, Writing - review and editing.

Jose-Armando Ordoñez-Córdoba, Universidad del Cauca

Roles: Research, supervision, methodology, validation, writing - review and editing.

References

N. Valero, Consumo móvil en Colombia, Deloitte, 2018

W. C. Álzate, C. S. Romaña, Y. Q. Barco, “Factores y causas de la fuga de información sensibles en el sector empresarial,” Cuaderno Activa, vol. 7, no. 1, pp. 67-73, 2016

R. Maya, “El cibercrimen y sus efectos en la teoría de la tipicidad: de una realidad física a una realidad virtual,” Nuevo Foro Penal, vol. 13, pp. 72–112, 2017. https://doi.org/10.17230/nfp.13.88.3

A. C. Silva Calpa, D. G. Martínez Delgado, “Influencia del Smartphone en los procesos de aprendizaje y enseñanza,” Suma Negocios, vol. 8, no. 17, pp. 11–18, 2017. https://doi.org/10.1016/j.sumneg.2017.01.001

A. Razgallah, R. Khoury, S. Hallé, K. Khanmohammadi, “A survey of malware detection in Android apps: Recommendations and perspectives for future research,” Computer Science Review, vol. 39, e100358, 2021. https://doi.org/10.1016/j.cosrev.2020.100358

H. Gao, S. Cheng, W. Zhang, “GDroid: Android malware detection and classification with graph convolutional network,” Computers & Security, vol. 106, e102264, 2021. https://doi.org/10.1016/j.cose.2021.102264

N. Zhang, Y. Tan, C. Yang, Y. Li, “Deep learning feature exploration for Android malware detection,” Applied Soft Computing, vol. 102, p. 107069, 2021. https://doi.org/10.1016/j.asoc.2020.107069

M. Kinkead, S. Millar, N. McLaughlin, P. O’Kane, “Towards Explainable CNNs for Android Malware Detection,” Procedia Computer Science, vol. 184, pp. 959–965, 2021. https://doi.org/10.1016/j.procs.2021.03.118

Y. Igarashi, “DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket,” The Journal of Japanese Studies, vol. 36, no. 1, pp. 165–169, 2009. https://doi.org/10.1353/jjs.0.0130

Y. Wang, G. Xu, X. Liu, W. Mao, C. Si, W. Pedrycz, W. Wang, “Identifying vulnerabilities of SSL/TLS certificate verification in Android apps with static and dynamic analysis,” Journal of Systems and Software, vol. 167, e110609, 2020. https://doi.org/10.1016/j.jss.2020.110609

P. Runeson, M. Höst, “Guidelines for conducting and reporting case study research in software engineering,” Empirical Software Engineering, vol. 14, no. 2, e131, 2009. https://doi.org/10.1007/s10664-008-9102-8

NIST, Marco de Ciberseguridad del NIST, pp. 1–9, 2019

R. Al-quraan, A. Hadi, J. Atoum, M. Al-Zewairi, “Ultrasurf Traffic Classification: Detection and Prevention,” International Journal of Communications, Network and System Sciences, vol. 8, pp. 304–311, 2015. https://doi.org/10.4236/ijcns.2015.88030

D. Howe, H. Nissenbaum, Engineering Privacy and Protest: A Case Study of AdNauseam, 2017

A. Skendzic, B. Kovačić, “Open source system OpenVPN in a function of Virtual Private Network,” IOP Conference Series: Materials Science and Engineering, vol. 200, e12065, 2017. https://doi.org/10.1088/1757-899X/200/1/012065

J. Dai, C. Chen, Y. Li, “A Backdoor Attack Against LSTM-Based Text Classification Systems,” IEEE Access, vol. 7, pp. 138872–138878, 2019. https://doi.org/10.1109/ACCESS.2019.2941376

Downloads

Published

2022-03-14

How to Cite

Ordoñez-Quintero, C.-C., Ordoñez-Eraso, H.-A., & Ordoñez-Córdoba, J.-A. (2022). Information Management Security Vulnerabilities in Smartphones Used by University Students: A Case Study in the Southwest of Colombia. Revista Facultad De Ingeniería, 31(59), e13957. https://doi.org/10.19053/01211129.v31.n59.2022.13957

Issue

Vol. 31 No. 59 (2022): January-March 2022 (Continuous Publication)

Section

Papers

License

Copyright (c) 2022 Cristian-Camilo Ordoñez-Quintero, Hugo-Armando Ordoñez-Eraso, Jose-Armando Ordoñez-Córdoba

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

All articles included in the Revista Facultad de Ingeniería are published under the Creative Commons (BY) license.

Authors must complete, sign, and submit the Review and Publication Authorization Form of the manuscript provided by the Journal; this form should contain all the originality and copyright information of the manuscript.

The authors who publish in this Journal accept the following conditions:

a. The authors retain the copyright and transfer the right of the first publication to the journal, with the work registered under the Creative Commons attribution license, which allows third parties to use what is published as long as they mention the authorship of the work and the first publication in this Journal.

b. Authors can make other independent and additional contractual agreements for the non-exclusive distribution of the version of the article published in this journal (eg, include it in an institutional repository or publish it in a book) provided they clearly indicate that the work It was first published in this Journal.

c. Authors are allowed and recommended to publish their work on the Internet (for example on institutional or personal pages) before and during the process.
review and publication, as it can lead to productive exchanges and a greater and faster dissemination of published work.

d. The Journal authorizes the total or partial reproduction of the content of the publication, as long as the source is cited, that is, the name of the Journal, name of the author (s), year, volume, publication number and pages of the article.

e. The ideas and statements issued by the authors are their responsibility and in no case bind the Journal.

Crossref
Scopus
Google Scholar
Europe PMC

Most read articles by the same author(s)