Abstract
Among the most significant smartphone operating systems that have arisen recently is Google’s Android framework. Google’s Android is a software framework for mobile communication devices. The Android framework includes an operating system, middleware and a set of key applications. Designed as open, programmable, networked devices, Android is vulnerable to various types of threats. This paper provides a security assessment of the Android framework and the security mechanisms incorporated into it. In addition, a review of recent academic and commercial solutions in the area of smartphone security in general and Android in particular is presented.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Piercy, C.: Embedded devices next on the virus target list. Electronic Systems and Software 2(6), 42–43 (2005)
Frost, Sullivan: World mobile anti-malware products markets. Frost and Sullivan Report # M154-74 (2007)
Papathanasiou, C., Percoco, N.J.: This is not the droid you’re looking for. In: DEF CON 18 (2010)
Pelino, M.: Predictions 2010: Enterprise Mobility Accelerates Again. Forrester (2009)
Lawton, G.: Is It Finally Time to Worry about Mobile Malware? Computer 41(5), 12–14 (2008)
Enck, W., Ongtang, M., McDaniel, P.: Understanding Android Security. IEEE Security and Privacy 7(1), 50–57 (2009)
Burns, J.: Developing Secure Mobile Applications for Android. Technical Report, iSEC (2008)
Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S., Glezer, C.: Google Android: A Comprehensive Security Assessment. IEEE Security and Privacy 8(2), 5–44 (2010)
Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S.: Google Android: A State-of-the-Art Review of Security Mechanisms. CoRR abs/0912.5101 (2009)
Vennon, T., Stroop, D.: Threat Analysis of Android Market (2010), http://threatcenter.smobilesystems.com/wp-content/uploads/2010/06/Android-Market-Threat-Analysis-6-22-10-v1.pdf
Emm, D.: Mobile Malware – New Avenues. Network Security 2006(11), 4–6 (2006)
Schmidt, A.D., et al.: Enhancing Security of Linux-based Android Devices. In: 15th International Linux Kongress, Germany (2008)
Shabtai, A., Kanonov, U., Elovici, Y.: Intrusion Detection on Mobile Devices Using the Knowledge Based Temporal-Abstraction Method. Journal of Systems and Software 83(8), 1524–1537 (2010)
Shabtai, A., Elovici, Y.: Applying Behavioral Detection on Android-Based Devices. In: Cai, Y., Magedanz, T., Li, M., Xia, J., Giannelli, C. (eds.) Mobilware 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol. 48, pp. 235–249. Springer, Heidelberg (2010)
Shabtai, A., Fledel, Y., Elovici, Y.: Securing Android-Powered Mobile Devices Using SELinux. IEEE Security and Privacy 8(3), 36–44 (2010)
Ni, X., Yang, Z., Bai, X., Champion, A.C., Xuan, D.: DiffUser: Differentiated User Access Control on Smartphones. In: Proceedings of the 5th IEEE International Workshop on Wireless and Sensor Networks Security (2009)
Nauman, M., Khan, S.: Design and Implementation of a Fine-grained Resource Usage Model for the Android Platform. To appear in International Arab Journal of Information Technology (2010)
Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: Proceedings of Computer and Communications Security Conference, pp. 235–245 (2009)
Ongtang, M., McLaughlin, S., Enck, W., McDaniel, P.: Semantically Rich Application-Centric Security in Android. In: Proceedings of the 25th Annual Computer Security Applications Conference, Honolulu, Hawaii (2009)
Shabtai, A., Fledel, Y., Elovici, Y.: Automated Static Code Analysis for Classifying Android Applications Using Machine Learning. In: International Conference on Computational Intelligence and Security, Nanning, China (2010)
Chaudhuri, A.: Language-Based Security on Android. In: Proceesings of the ACM Workshop on Programming Languages and Analysis for Security, pp. 1–7 (2009)
Mulliner, C., Miller, C.: Fuzzing the Phone in your Phone, Black Hat USA (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Fledel, Y., Shabtai, A., Potashnik, D., Elovici, Y. (2012). Google Android: An Updated Security Review. In: Gris, M., Yang, G. (eds) Mobile Computing, Applications, and Services. MobiCASE 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 76. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29336-8_29
Download citation
DOI: https://doi.org/10.1007/978-3-642-29336-8_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29335-1
Online ISBN: 978-3-642-29336-8
eBook Packages: Computer ScienceComputer Science (R0)