Google Android: A Comprehensive Security Assessment

Authors:
Asaf Shabtai;Yuval Fledel;Uri Kanonov;Yuval Elovici;Shlomi Dolev;Chanan Glezer
Affiliations:
Deutsche Telekom Laboratories at Ben-Gurion University Ben-Gurion University, Beer-Sheva Beer-Sheva;Deutsche Telekom Laboratories at Ben-Gurion University, Beer-Sheva;Deutsche Telekom Laboratories at Ben-Gurion University, Beer-Sheva;Deutsche Telekom Laboratories at Ben-Gurion University Ben-Gurion University, Beer-Sheva Beer-Sheva;Ben-Gurion University, Beer-Sheva;Deutsche Telekom Laboratories at Ben-Gurion University, Beer-Sheva
Venue:
IEEE Security and Privacy
Year:
2010

Citing 0
Cited 32

The VMware mobile virtualization platform: is that a hypervisor in your pocket?

ACM SIGOPS Operating Systems Review
Exploiting smart-phone USB connectivity for fun and profit

Proceedings of the 26th Annual Computer Security Applications Conference
Managing smart phone security risks

2010 Information Security Curriculum Development Conference
CRePE: context-related policy enforcement for android

ISC'10 Proceedings of the 13th international conference on Information security
Privilege escalation attacks on android

ISC'10 Proceedings of the 13th international conference on Information security
Taming information-stealing smartphone applications (on Android)

TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
All your droid are belong to us: a survey of current android attacks

WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies
Crowdroid: behavior-based malware detection system for Android

Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Smartphone security limitations: conflicting traditions

Proceedings of the 2011 Workshop on Governance of Technology, Information, and Policies
Performance analysis of security enforcement on Android operating system

Proceedings of the 2011 ACM Symposium on Research in Applied Computation
"Andromaly": a behavioral malware detection framework for android devices

Journal of Intelligent Information Systems
Biometric-rich gestures: a novel approach to authentication on multi-touch devices

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A survey of cyber crimes

Security and Communication Networks
MOSES: supporting operation modes on smartphones

Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Using architecture for multiple levels of access to an ecosystem platform

Proceedings of the 8th international ACM SIGSOFT conference on Quality of Software Architectures
Jasmin: an alternative for secure modularity inside the digital home

Proceedings of the 15th ACM SIGSOFT symposium on Component Based Software Engineering
Modular anomaly detection for smartphone ad hoc communication

NordSec'11 Proceedings of the 16th Nordic conference on Information Security Technology for Applications
Rooting android --- extending the ADB by an auto-connecting wifi-accessible service

NordSec'11 Proceedings of the 16th Nordic conference on Information Security Technology for Applications
Quality factors in development best practices for mobile applications

ICCSA'12 Proceedings of the 12th international conference on Computational Science and Its Applications - Volume Part IV
Why eve and mallory love android: an analysis of android SSL (in)security

Proceedings of the 2012 ACM conference on Computer and communications security
Review: An intrusion detection and prevention system in cloud computing: A systematic review

Journal of Network and Computer Applications
Security add-ons for mobile platforms

NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems
Taxonomy and proposed architecture of intrusion detection and prevention systems for cloud computing

CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
Towards a high-level trusted computing API for Android software stack

Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication
Bring your own device, securely

Proceedings of the 28th Annual ACM Symposium on Applied Computing
FireDroid: hardening security in almost-stock Android

Proceedings of the 29th Annual Computer Security Applications Conference
Modelling context-aware RBAC models for mobile business processes

International Journal of Wireless and Mobile Computing
Revisiting prior empirical findings for mobile apps: an empirical case study on the 15 most popular open-source Android apps

CASCON '13 Proceedings of the 2013 Conference of the Center for Advanced Studies on Collaborative Research
DroidLegacy: Automated Familial Classification of Android Malware

Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014
Repackaging Attack on Android Banking Applications and Its Countermeasures

Wireless Personal Communications: An International Journal
The disclosure of an Android smartphone's digital footprint respecting the Instant Messaging utilizing Skype and MSN

Electronic Commerce Research
A taxonomy of privilege escalation attacks in Android applications

International Journal of Security and Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

The Android framework, Google's new software stack for mobile devices, includes an operating system, middleware, and key applications. This research provides a comprehensive security assessment of this framework and its security mechanisms The authors conducted a methodological qualitative risk analysis that identifies high-risk threats to the framework and any potential danger to information or to the system resulting from vulnerabilities attackers have uncovered and exploited. They propose several security solutions for mitigating these risks.