Assessment of the Susceptibility to Data Manipulation of Android Games with In-app Purchases

Abstract : This paper describes a study for assessing how many free Android games with in-app purchases were susceptible to data manipulation via the backup utility. To perform this study, a data set with more than 800 games available in the Google Play store was defined. The backup utility, provided by the Android Operating System (OS), was used to backup the app files into a Personal Computer (PC) in order to find and manipulate sensitive data. In the cases where sensitive data was found, the applications were restored and the games tested to assess if the manipulation was successful and if it could be used to the benefit of the user. The results included show that a significant percentage of the analyzed games save the user and app information in plaintext and do not include mechanisms to detect or prevent data from being modified.
Type de document :
Communication dans un congrès
Hannes Federrath; Dieter Gollmann. 30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. IFIP Advances in Information and Communication Technology, AICT-455, pp.528-541, 2015, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-319-18467-8_35〉
Liste complète des métadonnées

Littérature citée [11 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01345144
Contributeur : Hal Ifip <>
Soumis le : mercredi 13 juillet 2016 - 11:14:35
Dernière modification le : mercredi 13 juillet 2016 - 11:18:40

Fichier

337885_1_En_35_Chapter.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Francisco Vigário, Miguel Neto, Diogo Fonseca, Mário Freire, Pedro Inácio. Assessment of the Susceptibility to Data Manipulation of Android Games with In-app Purchases. Hannes Federrath; Dieter Gollmann. 30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. IFIP Advances in Information and Communication Technology, AICT-455, pp.528-541, 2015, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-319-18467-8_35〉. 〈hal-01345144〉

Partager

Métriques

Consultations de la notice

46

Téléchargements de fichiers

13