survey

Public Access

Toward Engineering a Secure Android Ecosystem: A Survey of Existing Techniques

Authors:
Meng Xu

Georgia Institute of Technology, Atlanta GA, United States

Georgia Institute of Technology, Atlanta GA, United States
View Profile

,
Chengyu Song

Georgia Institute of Technology, Atlanta GA, United States

Georgia Institute of Technology, Atlanta GA, United States
View Profile

,
Yang Ji

Georgia Institute of Technology, Atlanta GA, United States

Georgia Institute of Technology, Atlanta GA, United States
View Profile

,
Ming-Wei Shih

Georgia Institute of Technology, Atlanta GA, United States

Georgia Institute of Technology, Atlanta GA, United States
View Profile

,
Kangjie Lu

Georgia Institute of Technology, Atlanta GA, United States

Georgia Institute of Technology, Atlanta GA, United States
View Profile

,
Cong Zheng

Georgia Institute of Technology, Atlanta GA, United States

Georgia Institute of Technology, Atlanta GA, United States
View Profile

,
Ruian Duan

Georgia Institute of Technology, Atlanta GA, United States

Georgia Institute of Technology, Atlanta GA, United States
View Profile

,
Yeongjin Jang

Georgia Institute of Technology, Atlanta GA, United States

Georgia Institute of Technology, Atlanta GA, United States
View Profile

,
Byoungyoung Lee

Georgia Institute of Technology, Atlanta GA, United States

Georgia Institute of Technology, Atlanta GA, United States
View Profile

,
Chenxiong Qian

Georgia Institute of Technology, Atlanta GA, United States

Georgia Institute of Technology, Atlanta GA, United States
View Profile

,
Sangho Lee

Georgia Institute of Technology, Atlanta GA, United States

Georgia Institute of Technology, Atlanta GA, United States
View Profile

,
Taesoo Kim

Georgia Institute of Technology, Atlanta GA, United States

Georgia Institute of Technology, Atlanta GA, United States
View Profile

Authors Info & Claims

ACM Computing Surveys Volume 49 Issue 2Article No.: 38pp 1–47https://doi.org/10.1145/2963145

Published:13 August 2016Publication History

ACM Computing Surveys

Abstract

The openness and extensibility of Android have made it a popular platform for mobile devices and a strong candidate to drive the Internet-of-Things. Unfortunately, these properties also leave Android vulnerable, attracting attacks for profit or fun. To mitigate these threats, numerous issue-specific solutions have been proposed. With the increasing number and complexity of security problems and solutions, we believe this is the right moment to step back and systematically re-evaluate the Android security architecture and security practices in the ecosystem. We organize the most recent security research on the Android platform into two categories: the software stack and the ecosystem. For each category, we provide a comprehensive narrative of the problem space, highlight the limitations of the proposed solutions, and identify open problems for future research. Based on our collection of knowledge, we envision a blueprint for engineering a secure, next-generation Android ecosystem.

References

Yousra Aafer, Wenliang Du, and Heng Yin. 2013. DroidAPIMiner: Mining API-level features for robust malware detection in android. In Proceedings of the 9th International Conference on Security and Privacy in Communication Networks (SecureComm). Springer, Sydney, NSW, Australia, 163--182.Google ScholarCross Ref
Yousra Aafer, Nan Zhang, Zhongwen Zhang, Xiao Zhang, Kai Chen, XiaoFeng Wang, Xiaoyong Zhou, Wenliang Du, and Michael Grace. 2015. Hare hunting in the wild android: A study on the threat of hanging attribute references. In Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS). ACM Press, Denver, Colorado, 1248--1259. Google ScholarDigital Library
Martín Abadi, Mihai Budiu, Ulfar Erlingsson, and Jay Ligatti. 2005. Control-flow integrity. In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS). ACM, 340--353. Google ScholarDigital Library
Adobe Systems, Inc. 2016. PhoneGap. (Feb. 2016). http://phonegap.com.Google Scholar
Vitor Afonso, Antonio Bianchi, Yanick Fratantonio, Adam Douṕe, Mario Polino, Paulo de Geus, Christopher Kruegel, and Giovanni Vigna. 2016. Going native: Using a large-scale analysis of android apps to create a practical native-code sandboxing policy. In Proceedings of the 2016 Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 51:1--51:15.Google ScholarCross Ref
Ahmed Al-Haiqi, Mahamod Ismail, and Rosdiadee Nordin. 2013. On the best sensor for keystrokes inference attack on android. Procedia Technology 8 (2013), 947--953.Google Scholar
Kevin Allix, Tegawendé François D. Assise Bissyande, Jacques Klein, and Yves Le Traon. 2014. Machine Learning-Based Malware Detection for Android Applications: History Matters&excl; Technical Report. University of Luxembourg.Google Scholar
Domenico Amalfitano, Anna Rita Fasolino, Porfirio Tramontana, Bryan Dzung Ta, and Atif M. Memon. 2015. MobiGUITAR: Automated model-based testing of mobile apps. IEEE Software 32, 5 (Sept. 2015), 53--59.Google ScholarDigital Library
Android Developers. 2016a. Android—AccessibilityService. (Feb. 2016). http://developer.android.com/reference/android/accessibilityservice/AccessibilityService.html.Google Scholar
Android Developers. 2016b. Android Security Overview. (Feb. 2016). https://source.android.com/security.Google Scholar
Android Developers. 2016c. WebView. (Feb. 2016). http://developer.android.com/reference/android/webkit/WebView.html.Google Scholar
Jeremy Andrus, Christoffer Dall, Alexander Van't Hof, Oren Laadan, and Jason Nieh. 2011. Cells: A virtual mobile smartphone architecture. In Proceedings of the 23rd ACM Symposium on Operating Systems Principles (SOSP). ACM, 173--187. Google ScholarDigital Library
Appcelerator Inc. 2016. Appcelerator Titanium SDK. (Feb. 2016). http://www.appcelerator.com/titanium/titanium-sdk.Google Scholar
Axelle Apvrille. 2014. New Drive-By Download Android Malware. (Oct. 2014). http://blog.fortinet.com/xbrk post/new-drive-by-download-Android-malware.Google Scholar
Machiry Aravind, Tahiliani Rohan, and Mayur Naik. 2013. Dynodroid: An input generation system for android apps. In Proceedings of the 18th European Software Engineering Conference (ESEC)/21st ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE). ACM, 224--234. Google ScholarDigital Library
Jeff Arnold and M. Frans Kaashoek. 2009. Ksplice: Automatic rebootless kernel updates. In Proceedings of the 4th European Conference on Computer Systems (EuroSys). ACM, 187--198. Google ScholarDigital Library
Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, and Konrad Rieck. 2014. Drebin: Efficient and explainable detection of android malware in your pocket. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 49:1--49:12.Google ScholarCross Ref
Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. 2014. FlowDroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In Proceedings of the 2014 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI). ACM, 259--269. Google ScholarDigital Library
Kathy Wain Yee Au, Yi Fan Zhou, Zhen Huang, and David Lie. 2012. Pscout: Analyzing the android permission specification. In Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS). ACM Press, Raleigh, NC, 217--228. Google ScholarDigital Library
Vitalii Avdiienko, Konstantin Kuznetsov, Alessandra Gorla, Andreas Zeller, Steven Arzt, Siegfried Rasthofer, and Eric Bodden. 2015. Mining apps for abnormal usage of sensitive data. In Proceedings of the 37th International Conference on Software Engineering (ICSE). IEEE Computer Society, Austin, TX, 426--436. Google ScholarDigital Library
Adam J. Aviv, Benjamin Sapp, Matt Blaze, and Jonathan M. Smith. 2013. Practicality of accelerometer side channels on smartphones. In Proceedings of the 29th Annual Computer Security Applications Conference (ACSAC). ACM, 41--50. Google ScholarDigital Library
AVO. 2011. KillingInTheNameOf ashmem. (Jan. 2011). http://androidvulnerabilities.org/vulnerabilities/KillingInTheNameOf&percnt;5Fpsneuter&percnt;5Fashmem.Google Scholar
Ahmed Azab, Peng Ning, Jitesh Shah, Quan Chen, Rohan Bhutkar, Guruprasad Ganesh, Jia Ma, and Wenbo Shen. 2014. Hypervision across worlds: Real-time kernel protection from the ARM TrustZone secure world. In Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS). ACM Press, Scottsdale, Arizona, 90--102. Google ScholarDigital Library
Michael Backes, Sven Bugiel, Sebastian Gerling, and Philipp von Styp-Rekowsky. Android security framework: Extensible multi-layered access control on android. In Proceedings of the 30th Annual Computer Security Applications Conference (ACSAC'14). ACM, 46--55. Google ScholarDigital Library
Michael Backes, Sven Bugiel, Christian Hammer, Oliver Schranz, and Philipp von Styp-Rekowsky. 2015. Boxify: Full-fledged app sandboxing for stock android. In Proceedings of the 24th USENIX Security Symposium (Security). USENIX Association, 691--706. Google ScholarDigital Library
Endre Bangerter, David Gullasch, and Stephan Krenn. 2011. Cache games: Bringing access-based cache attacks on AES to practice. In Proceedings of the 32nd IEEE Symposium on Security and Privacy (Oakland). IEEE Computer Society, 490--505. Google ScholarDigital Library
Anestis Bechtsoudis. 2015. Fuzzing Objects d'ART—Digging Into the New Android L Runtime Internals. (2015). https://census-labs.com/media/Fuzzing&percnt;5FObjects&percnt;5Fd&percnt;5FART &percnt;5Fhitbsecconf2015ams&percnt;5FWP.pdf.Google Scholar
Ravi Bhoraskar, Seungyeop Han, Jinseong Jeon, Tanzirul Azim, Shuo Chen, Jaeyeon Jung, Suman Nath, Rui Wang, and David Wetherall. 2014. Brahmastra: Driving apps to test the security of third-party components. In Proceedings of the 23rd USENIX Security Symposium (Security). USENIX Association, San Diego, CA, 1021--1036. Google ScholarDigital Library
Antonio Bianchi, Yanick Fratantonio, Christopher Kruegel, and Giovanni Vigna. 2015. NJAS: Sandboxing unmodified applications in non-rooted devices running stock android. In Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM). ACM, 27--38. Google ScholarDigital Library
Sven Bugiel, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer, and Ahmad-Reza Sadeghi. 2011. XmAndroid: A New ANdroid Evolution to Mitigate Privilege Escalation Attacks. Technical Report TR-2011-04. Technische Universität Darmstadt.Google Scholar
Sven Bugiel, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer, Ahmad-Reza Sadeghi, and Bhargava Shastry. 2012. Towards taming privilege-escalation attacks on android. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 19:1--19:18.Google Scholar
Sven Bugiel, Stephan Heuser, and Ahmad-Reza Sadeghi. 2013. Flexible and fine-grained mandatory access control on android for diverse security and privacy policies. In Proceedings of the 22th USENIX Security Symposium (Security). USENIX Association, Washington, DC, 131--146. Google ScholarDigital Library
Yinzhi Cao, Yanick Fratantonio, Antonio Bianchi, Manuel Egele, Christopher Kruegel, Giovanni Vigna, and Yan Chen. 2015. EdgeMiner: Automatically detecting implicit control flow transitions through the android framework. In Proceedings of the 2015 Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 8:1--8:15.Google ScholarCross Ref
Gopinath K. N. Hemant Chaskar. 2009. All You Wanted to Know About WiFi Rogue Access Points. (2009). http://www.rogueap.com/rogue-ap-docs/RogueAP-FAQ.pdf.Google Scholar
Eric Chen, Yutong Pei, Shuo Chen, Yuan Tian, Robert Kotcher, and Patrick Tague. 2014a. OAuth demystified for mobile application developers. In Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS). ACM Press, Scottsdale, Arizona, 892--903. Google ScholarDigital Library
Kevin Zhijie Chen, Noah Johnson, Vijay D'Silva, Shuaifu Dai, Kyle MacNamara, Tom Magrino, Edward XueJun Wu, Martin Rinard, and Dawn Song. 2013. Contextual policy enforcement in android applications with permission event graphs. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 28:1--28:19.Google Scholar
Qi Alfred Chen, Zhiyun Qian, and Z. Morley Mao. 2014b. Peeking into your app without actually seeing it: UI state inference and novel android attacks. In Proceedings of the 23rd USENIX Security Symposium (Security). USENIX Association, San Diego, CA, 1037--1052. Google ScholarDigital Library
Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravishankar K. Iyer. 2005. Non-control-data attacks are realistic threats. In Proceedings of the 14th USENIX Security Symposium (Security). USENIX Association, 12--26. Google ScholarDigital Library
Eric Chien. 2011. Motivations of Recent Android Malware. Technical Report. Symantec Corporation.Google Scholar
Erika Chin and David Wagner. 2013. Bifocals: Analyzing webview vulnerabilities in android applications. In Proceedings of the 14th International Workshop on Information Security Applications (WISA). Springer, 138--159. Google ScholarDigital Library
Allen Choong. 2012. Rooting Android Manually. (March 2012). https://allencch.wordpress.com/2012/03/14/rooting-android-manually/.Google Scholar
Chromium Dev Community. 2012. Issue 166704: Security: Use a seccomp-bpf Sandbox on Android. (Dec. 2012). https://code.google.com/p/chromium/issues/detail?id=166704.Google Scholar
Lucian Constantin. 2016. Malvertising Attack Silently Infects Old Android Devices with Ransomware. (2016). http://www.itworld.com/article/3060191/malvertising-attack-silently-infects-old-android-devices-with-ransomware.html.Google Scholar
Mauro Conti, Vu Thien Nga Nguyen, and Bruno Crispo. 2010. CRePE: Context-related policy enforcement for android. In Proceedings of the 13th Information Security Conference (ISC). Springer, 331--345. Google ScholarDigital Library
Corelan Team. 2014. State of the ART: Exploring the New Android KitKat Runtime. (2014). https://www.corelan.be/index.php/2014/05/29/hitb2014ams-day-1-state-of-the-art-exploring-the-new-android-kitkat-runtime/.Google Scholar
Valerio Costamagna and Cong Zheng. 2016. ARTDroid: A virtual-method hooking framework on android ART runtime. In Proceedings of the 2016 Innovations in Mobile Privacy and Security (IMPS). Springer, 24--32.Google Scholar
Jonathan Crussell, Clint Gibler, and Hao Chen. 2012. Attack of the clones: Detecting cloned applications on android markets. In Proceedings of the 17th European Symposium on Research in Computer Security (ESORICS). Springer, 37--54.Google ScholarCross Ref
Jonathan Crussell, Clint Gibler, and Hao Chen. 2013a. AnDarwin: Scalable detection of semantically similar android applications. In Proceedings of the 18th European Symposium on Research in Computer Security (ESORICS). Springer, Egham, UK, 182--199.Google ScholarCross Ref
Jonathan Crussell, Clint Gibler, and Hao Chen. 2013b. Scalable semantics-based detection of similar android applications. In Proceedings of the 18th European Symposium on Research in Computer Security (ESORICS). Springer, Egham, UK, 182--199.Google ScholarCross Ref
Andrew Cunningham. 2014. Android's Update Woes. (Aug. 2014). http://arstechnica.com/gadgets/2014/08/to-solve-androids-update-woes-google-should-look-to-the-pc/.Google Scholar
CyanogenMod Team. 2016. Cyanogenmod. (Feb. 2016). http://www.cyanogenmod.org.Google Scholar
Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thomas Fischer, Thorsten Holz, Ralf Hund, Stefan Nürnberger, and Ahmad-Reza Sadeghi. 2012. MoCFI: A framework to mitigate control-flow attacks on smartphones. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 18:1--18:17.Google Scholar
Lucas Davi, Ahmad-Reza Sadeghi, Daniel Lehmann, and Fabian Monrose. Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection. In Proceedings of the 23rd USENIX Conference on Security Symposium. USENIX Association, 401--416. Google ScholarDigital Library
Guillaume Delugre. 2011. Reverse Engineering a Qualcomm Baseband. (2011). http://events.ccc.de/congress/2011/Fahrplan/attachments/2022&percnt;5F11-ccc-qcombbdbg.pdf.Google Scholar
Soteris Demetriou, Xiaoyong Zhou, Muhammad Naveed, Yeonjoon Lee, Kan Yuan, XiaoFeng Wang, and Carl A. Gunter. 2015. What's in your dongle and bank account? Mandatory and discretionary protection of android external resources. In Proceedings of the 2015 Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 7:1--7:15.Google Scholar
Luke Deshotels. 2014. Inaudible sound as a covert channel in mobile devices. In Proceedings of the 2014 USENIX Workshop on Offensive Technologies (WOOT). USENIX Association, 16:1--16:9. Google ScholarDigital Library
Anthony Desnos. 2012. Android: Static analysis using similarity distance. In Proceedings of the 45th Hawaii International Conference on System Science (HICSS). IEEE Computer Society, 5394--5403. Google ScholarDigital Library
Anthony Desnos and Geoffroy Gueguen. 2012. New “Open Source” Step in Android Application Analysis. (Nov. 2012). https://androguard.googlecode.com/files/pacsec2012.pdf.Google Scholar
Michael Dietz, Shashi Shekhar, Yuliy Pisetsky, Anhei Shu, and Dan S. Wallach. QUIRE: Lightweight provenance for smart phone operating systems. In Proceedings of the 20th USENIX Conference on Security (SEC'11) USENIX Association, 23:1--23:16. Google ScholarDigital Library
Jason A. Donenfeld. 2012. Linux Local Privilege Escalation via SUID /proc/pid/mem Write. (Jan. 2012). https://git.zx2c4.com/CVE-2012-0056/about/.Google Scholar
Joshua Drake. 2015. Stagefright: Scary Code in the Heart of Android. (Aug. 2015).Google Scholar
William Enck, Peter Gilbert, Byung gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. 2010. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI). USENIX Association, Vancouver, Canada, 393--407. Google ScholarDigital Library
Raoul Estourgie and Erik Poll. 2013. Analysis of Android Authenticators. B.S. thesis. Radboud Universiteit Nijmegen.Google Scholar
F-Secure. 2011a. Exploit Description Exploit:Android/GingerBreak. (April 2011). https://www.f-secure.com/v-descs/exploit&percnt;5Fandroid&percnt;5Fgingerbreak.shtml.Google Scholar
F-Secure. 2011b. Exploit Description Exploit:Android/Zergrush. (Oct. 2011). https://www.f-secure.com/v-descs/exploit&percnt;5Fandroid&percnt;5Fzergrush.shtml.Google Scholar
Sascha Fahl, Marian Harbach, Thomas Muders, Lars Baumgärtner, Bernd Freisleben, and Matthew Smith. 2012. Why eve and mallory love android: An analysis of android SSL (in)security. In Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS). ACM Press, Raleigh, NC, 50--61. Google ScholarDigital Library
Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, and David Wagner. 2011a. Android permission demystified. In Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS). ACM Press, Chicago, Illinois, 627--638. Google ScholarDigital Library
Adrienne Porter Felt, Serge Egelman, Matthew Finifter, Devdatta Akhawe, David Wagner, and others. 2012a. How to ask for permission. In Proceedings of the 7th USENIX Conference on Hot Topics in Security (HotSec). USENIX Association, 7:1--7:6. Google ScholarDigital Library
Adrienne Porter Felt, Kate Greenwood, and David Wagner. 2011b. The effectiveness of application permissions. In Proceedings of the 2nd USENIX Conference on Web Application Development (WebApps). USENIX Association, 7:1--7:12. Google ScholarDigital Library
Adrienne Porter Felt, Elizabeth Ha, Serge Egelman, Ariel Haney, Erika Chin, and David Wagner. 2012b. Android permissions: User attention, comprehension, and behavior. In Proceedings of the 8th ACM Symposium on Usable Privacy and Security (SOUPS). ACM, 3:1--3:12. Google ScholarDigital Library
Adrienne Porter Felt, Helen J. Wang, Alexander Moshchuk, Steve Hanna, and Erika Chin. 2011c. Permission re-delegation: Attacks and defenses. In Proceedings of the 20th USENIX Security Symposium (Security). USENIX Association, 22:1--22:16. Google ScholarDigital Library
Dennis Fisher. 2015. Google Fixes Sandbox Escape in Chrome. (May 2015). https://threatpost.com/google-fixes-sandbox-escape-in-chrome/112899/.Google Scholar
Jay Freeman. 2012. mempodroid Details. (Aug. 2012). https://github.com/saurik/mempodroid.Google Scholar
Wade Gasior and Li Yang. 2012. Exploring covert channel in android platform. In 2012 International Conference on Cyber Security (CyberSecurity). IEEE Computer Society, 173--177. Google ScholarDigital Library
geohot. 2014. towelroot by geohot. (June 2014). https://towelroot.com/.Google Scholar
Enes Goktas, Elias Athanasopoulos, Herbert Bos, and Gerogios Portokalidis. 2014. Out of control: Overcoming control-flow integrity. In Proceedings of the 35th IEEE Symposium on Security and Privacy (Oakland). IEEE Computer Society, San Jose, CA, 575--589. Google ScholarDigital Library
Google Inc. 2016c. ART and Dalvik. (Feb. 2016). https://source.android.com/devices/tech/dalvik.Google Scholar
Google Inc. 2016a. Brillo. (Feb. 2016). https://developers.google.com/brillo.Google Scholar
Google Inc. 2016b. Chrome Extension—Declare Permissions. (Feb. 2016). https://developer.chrome.com/extensions/declare&percnt;5Fpermissions.Google Scholar
Google Inc. 2016d. Codenames, Tags, and Build Numbers. (Feb. 2016). https://source.android.com/source/build-numbers.html.Google Scholar
Google Inc. 2016e. Put Android to work. (Feb. 2016). https://www.android.com/work.Google Scholar
Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard. 2015. Information-flow analysis of android applications in DroidSafe. In Proceedings of the 2015 Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 6:1--6:16.Google ScholarCross Ref
Alessandra Gorla, Ilaria Tavecchia, Florian Gross, and Andreas Zeller. 2014. Checking app behavior against app descriptions. In Proceedings of the 36th International Conference on Software Engineering (ICSE). ACM Press, Hyderabad, India, 1025--1035. Google ScholarDigital Library
Michael Grace, Yajin Zhou, Zhi Wang, and Xuxian Jiang. 2012. Systematic detection of capability leaks in stock android smartphones. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 20:1--20:15.Google Scholar
Lion Gu. 2014. The Mobile Cybercriminal Underground Market in China. Technical Report. Trend Micro.Google Scholar
Steve Hanna, Ling Huang, Edward Wu, Saung Li, Charles Chen, and Dawn Song. 2012. Juxtapp: A scalable system for detecting code reuse among android applications. In Proceedings of the 9th Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA). Springer, 62--61. Google ScholarDigital Library
Peng Hao, Gates Chris, Sarma Bhaskar, Li Ninghui, Qi Yuan, Rahul Potharaju, Nita-Rotaru Chrisina, and Molloy Ian. 2012. Using probabilistic generative models for ranking risks of android apps. In Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS). ACM Press, Raleigh, NC, 241--252. Google ScholarDigital Library
Stephan Heuser, Adwait Nadkarni, William Enck, and Ahmad-Reza Sadeghi. 2014. ASM: A programmable interface for extending android security. In Proceedings of the 23rd USENIX Security Symposium (Security). USENIX Association, San Diego, CA, 1005--1019. Google ScholarDigital Library
Andrei Homescu, Stefan Brunthaler, Per Larsen, and Michael Franz. 2012. Librando: Transparent code randomization for just-in-time compilers. In Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS). ACM Press, Raleigh, NC, 993--1004. Google ScholarDigital Library
Peter Hornyack, Seungyeop Han, Jaeyeon Jung, Stuart Schechter, and David Wetherall. 2011. These aren't the droids you're looking for: Retrofitting android to protect data from imperious applications. In Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS). ACM Press, Chicago, Illinois, 639--652. Google ScholarDigital Library
HTC Corporation. 2016. HTCDev Unlock Bootloader. (Feb. 2016). http://www.htcdev.com/bootloader.Google Scholar
Jianjun Huang, Xiangyu Zhang, Lin Tan, Peng Wang, and Bin Liang. 2014. AsDroid: Detecting stealthy behaviors in android applications by user interface and program behavior contradiction. In Proceedings of the 36th International Conference on Software Engineering (ICSE). ACM Press, Hyderabad, India, 1036--1046. Google ScholarDigital Library
Ralf Hund, Carsten Willems, and Thorsten Holz. 2013. Practical timing side channel attacks against kernel space ASLR. In Proceedings of the 34th IEEE Symposium on Security and Privacy (Oakland). IEEE Computer Society, 191--205. Google ScholarDigital Library
Intel Corporation. 2016. Intel Identity Protection Technology. (Feb. 2016). http://ipt.intel.com.Google Scholar
Yeongjin Jang, Chengyu Song, Simon P. Chung, Tielei Wang, and Wenke Lee. 2014. A11y attacks: Exploiting accessibility in operating systems. In Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS). ACM Press, Scottsdale, Arizona, 103--115. Google ScholarDigital Library
Jinseong Jeon, Kristopher K. Micinski, Jeffrey A. Vaughan, Ari Fogel, Nikhilesh Reddy, Jeffrey S. Foster, and Todd Millstein. 2012. Dr. Android and Mr. Hide: Fine-grained permissions in android applications. In Proceedings of the 2nd Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM). ACM Press, Raleigh, NC, 3--14. Google ScholarDigital Library
Limin Jia, Jassim Aljuraidan, Elli Fragkaki, Lujo Bauer, Michael Stroucken, Kazuhide Fukushima, Shinsaku Kiyomoto, and Yutaka Miyake. 2013. Run-time enforcement of information-flow properties on android. In Proceedings of the 18th European Symposium on Research in Computer Security (ESORICS). Springer, Egham, UK, 775--792.Google ScholarCross Ref
Michael Kassner. 2014. Droidpak: A Sneak Attack on Android Devices via PC Malware. (Feb. 2014). http://www.techrepublic.com/blog/it-security/droidpak-a-sneak-attack-on-android-devices-via-pc-malware/.Google Scholar
Eunice Kim. 2015. Creating Better User Experiences on Google Play. (March 2015). http://android-developers.blogspot.com/2015/03/creating-better-user-experiences-on.html.Google Scholar
Tam Kimberly, J. Khan Salahuddin, Fattori Aristide, and Cavallaro Lorenzo. 2015. CopperDroid: Automatic reconstruction of android malware behaviors. In Proceedings of the 2015 Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 9:1--9:15.Google Scholar
Dhilung Kirat, Giovanni Vigna, and Christopher Kruegel. 2014. BareCloud: Bare-metal analysis-based evasive malware detection. In Proceedings of the 23rd USENIX Security Symposium (Security). USENIX Association, San Diego, CA, 287--301. Google ScholarDigital Library
Krishan Kumar and Prabhpreet Kaur. 2015. Vulnerability detection of international mobile equipment identity number of smartphone and automated reporting of changed IMEI number. International Journal of Computer Science and Mobile Computing 4 (May 2015), 527--533.Google Scholar
Nate Kushman and Dina Katabi. 2010. Enabling configuration-independent automation by non-expert users. In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI). USENIX Association, Vancouver, Canada, 223--236. Google ScholarDigital Library
Volodymyr Kuznetsov, László Szekeres, Mathias Payer, George Candea, R. Sekar, and Dawn Song. 2014. Code pointer integrity. In Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI). USENIX Association, 147--163. Google ScholarDigital Library
Stephen Kyle, Hugh Leather, Björn Franke, Dave Butcher, and Stuart Monteith. 2015. Application of domain-aware binary fuzzing to aid android virtual machine testing. In Proceedings of the 2015 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE). ACM, 121--132. Google ScholarDigital Library
Lingguang Lei, Yuewu Wang, Jian Zhou, Daren Zha, and Zhongwen Zhang. 2013. A threat to mobile cyber-physical systems: Sensor-based privacy theft attacks on android smartphones. In Proceedings of the 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE Computer Society, 126--133. Google ScholarDigital Library
Li Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick McDaniel. 2015. IccTA: Detecting inter-component privacy leaks in android apps. In Proceedings of the 37th International Conference on Software Engineering (ICSE). IEEE Computer Society, Austin, TX, 280--291. Google ScholarDigital Library
Martina Lindorfer, Stamatis Volanis, Alessandro Sisto Matthias Neugschwandtner, Elias Athanasopoulos, Federico Maggi, Christian Platzer, Stefano Zanero, and Sotiris Ioannidis. 2014. AndRadar: Fast discovery of android applications in alternative markets. In Proceedings of the 11th Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA). Springer, 51--71.Google ScholarCross Ref
Benjamin Livshits and Jaeyeon Jung. 2013. Automatic mediation of privacy-sensitive resource access in smartphone applications. In Proceedings of the 22th USENIX Security Symposium (Security). USENIX Association, Washington, DC, 113--130. Google ScholarDigital Library
Lookout, Inc. 2012a. Security Alert: Hacked Websites Serve Suspicious Android Apps (NotCompatible). (May 2012). https://blog.lookout.com/blog/2012/05/02/security-alert-hacked-websites-serve-suspicious-Android-apps-noncompatible.Google Scholar
Lookout, Inc. 2012b. State of Mobile Security 2012. Technical Report. Lookout, Inc.Google Scholar
Kangjie Lu, Zhichun Li, Vasileios Kemerlis, Zhenyu Wu, Long Lu, Cong Zheng, Zhiyun Qian, Wenke Lee, and Guofei Jiang. 2015. Checking more and alerting less: Detecting privacy leakages via enhanced data-flow analysis and peer voting. In Proceedings of the 2015 Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 19:1--19:15.Google ScholarCross Ref
Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, and Guofei Jiang. 2012. CHEX: Statically vetting android apps for component hijacking vulnerabilities. In Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS). ACM Press, Raleigh, NC, 229--240. Google ScholarDigital Library
Long Lu, Roberto Perdisci, and Wenke Lee. 2011. SURF: Detecting and measuring search poisoning. In Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS). ACM Press, Chicago, Illinois, 467--476. Google ScholarDigital Library
Adrian Ludwig. 2013. Android: Practical Security from the Ground Up. (Oct. 2013). https://docs.google.com/presentation/d/1YDYUrD22Xq12nKkhBfwoJBfw2Q-OReMr0BrDfHyfyPw.Google Scholar
Tongbo Luo, Hao Hao, Wenliang Du, Yifei Wang, and Heng Yin. 2011. Attacks on WebView in the android system. In Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC). ACM, 343--352. Google ScholarDigital Library
Tongbo Luo, Xing Jin, Ajai Ananthanarayanan, and Wenliang Du. 2012. Touchjacking attacks on web in android, iOS, and windows phone. In Proceedings of the 5th International Symposium on Foundations and Practice of Security (FPS). Springer, 227--243. Google ScholarDigital Library
Riyadh Mahmood, Nariman Mirzaei, and Sam Malek. 2014. Evodroid: Segmented evolutionary testing of android apps. In Proceedings of the 22nd ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE). ACM, 599--609. Google ScholarDigital Library
Claudio Marforio, Aurélien Francillon, Srdjan Capkun. 2011. Application Collusion Attack on the Permission-Based Security Model and Its Implications for Modern Smartphone Systems. Technical Report. ETH Zurich.Google Scholar
Claudio Marforio, Hubert Ritzdorf, A. Francillon, and Srdjan Capkun. 2012. Analysis of the communication between colluding applications on modern smartphones. In Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC). ACM, 51--60. Google ScholarDigital Library
Charlie Miller. 2012. Exploring the NFC attack surface. (Aug. 2012).Google Scholar
Emiliano Miluzzo, Alexander Varshavsky, Suhrid Balakrishnan, and Romit Roy Choudhury. 2012. TapPrints: Your finger taps have fingerprints. In Proceedings of the 10th ACM International Conference on Mobile Computing Systems (MobiSys). ACM, 323--336. Google ScholarDigital Library
Bill Morrow. 2012. BYOD security challenges: Control and protect your most sensitive data. Network Security 2012, 12 (Dec. 2012), 5--8.Google ScholarCross Ref
Adwait Pravin Nadkarni. 2012. Workflow Based Information Flow Control (IFC) in Modern Operating Systems. (2012).Google Scholar
Ryan Naraine. 2012. Android Drive-by Download Attack via Phishing SMS. (Feb. 2012). http://www.zdnet.com/blog/security/Android-drive-by-download-attack-via-phishing-sms/10422.Google Scholar
Mohammad Nauman, Sohail Khan, and Xinwen Zhang. 2010. Apex: Extending android permission model and enforcement with user-defined runtime constraints. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS). ACM, 328--332. Google ScholarDigital Library
Muhammad Naveed, Xiaoyong Zhou, Soteris Demetriou, XiaoFeng Wang, and Carl A. Gunter. 2014. Inside job: Understanding and mitigating the threat of external device mis-bonding on android. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 15:1--15:14.Google Scholar
Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, Eric Bodden, Jacques Klein, and Yves Le Traon. 2013. Effective inter-component communication mapping in android with epicc: An essential step towards holistic security analysis. In Proceedings of the 22th USENIX Security Symposium (Security). USENIX Association, Washington, DC, 543--558. Google ScholarDigital Library
Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel. 2009. Semantically rich application-centric security in android. In Proceedings of the Annual Computer Security Applications Conference (ACSAC). IEEE Computer Society, 340--349. Google ScholarDigital Library
Open Source Security, Inc. 2016. grsecurity features. (Feb. 2016). https://grsecurity.net/features.php.Google Scholar
OpenSignal Inc. 2015. Android Fragmentation Report. (Aug. 2015). http://opensignal.com/reports/2015/08/android-fragmentation.Google Scholar
Dan Page. 2005. Partitioned Cache Architecture as a Side-Channel Defence Mechanism. (2005). http://eprint.iacr.org/2005/280.Google Scholar
Rahul Pandita, Xusheng Xiao, Wei Yang, William Enck, and Tao Xie. 2013. WHYPER: Towards automating risk assessment of mobile applications. In Proceedings of the 22th USENIX Security Symposium (Security). USENIX Association, Washington, DC, 527--542. Google ScholarDigital Library
Adrienne Porter Felt Paul Pearce, Gabriel Nunez, and David Wagner. 2012. AdDroid: Privilege separation for applications and advertisers in android. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security (ASIACCS). ACM, 71--72. Google ScholarDigital Library
Andre Pereir, Manuel Eduardo Correia, and Pedro Branda. 2014. USB connection vulnerabilities on android smartphones: Default and vendors' customizations. In Proceedings of the 15th International Conference on Communications and Multimedia Security (CMS). Springer, 19--32.Google ScholarCross Ref
Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna. 2014. Execute this&excl; Analyzing unsafe and malicious dynamic code loading in android applications. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 46:1--46:16.Google Scholar
Rahul Potharaju, Andrew Newell, Cristina Nita-Rotaru, and Xiangyu Zhang. 2012. Plagiarizing smartphone applications: Attack strategies and defense techniques. In Proceedings of the 2012 International Symposium on Engineering Secure Software and Systems (ESSoS). Springer, 106--120. Google ScholarDigital Library
Chenxiong Qian, Xiapu Luo, Yuru Shao, and Alvin T. S. Chan. 2014. On tracking information flows through JNI in android applications. In Proceedings of the 44th International Conference on Dependable Systems and Networks (DSN). IEEE Computer Society, 180--191. Google ScholarDigital Library
Zhengyang Qu, Vaibhav Rastogi, Xinyi Zhang, Yan Chen, Tiantian Zhu, and Zhong Chen. 2014. AutoCog: Measuring the description-to-permission fidelity in android applications. In Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS). ACM Press, Scottsdale, Arizona, 1354--1365. Google ScholarDigital Library
Moheeb Abu Rajab, Lucas Ballard, Noé Lutz, Panayiotis Mavrommatis, and Niels Provos. 2013. CAMP: Content-agnostic malware protection. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 24:1--24:17.Google Scholar
Siegfried Rasthofer, Steven Arzt, and Eric Bodden. 2014. A machine-learning approach for classifying and categorizing android sources and sinks. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 42:1--42:15.Google ScholarCross Ref
Siegfried Rasthofer, Steven Arzt, Marc Miltenberger, and Eric Bodden. 2016. Harvesting runtime values in android applications that feature anti-analysis techniques. In Proceedings of the 2016 Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 55:1--55:15.Google ScholarCross Ref
Vaibhav Rastogi, Yan Chen, and William Enck. 2013. AppsPlayground: Automatic security analysis of smartphone applications. In Proceedings of the ACM Conference on Data and Applications Security and Privacy (CODASPY). ACM Press, San Antonio, 209--220. Google ScholarDigital Library
Paul Ratazzi, Yousra Aafer, Amit Ahlawat, Hao Hao, Yifei Wang, and Wenliang Du. 2014. A systematic security evaluation of android's multi-user framework. In Proceedings of the Mobile Security Technologies (MoST). IEEE Computer Society, 9:1--9:10.Google Scholar
Simon Rockman. 2014. Google Nest, ARM, Samsung Pull Out Thread to Strangle ZigBee. (July 2014). http://www.theregister.co.uk/2014/07/15/google&percnt;5Fnest&percnt;5Fthread&percnt;5Fprotocol/.Google Scholar
Franziska Roesner and Tadayoshi Kohno. 2013. Securing embedded user interfaces: Android and beyond. In Proceedings of the 22th USENIX Security Symposium (Security). USENIX Association, Washington, DC, 97--112. Google ScholarDigital Library
Franziska Roesner, Tadayoshi Kohno, Alexander Moshchuk, Bryan Parno, Helen J. Wang, and Crispin Cowan. 2012. User-driven access control: Rethinking permission granting in modern operating systems. In Proceedings of the 33rd IEEE Symposium on Security and Privacy (Oakland). IEEE Computer Society, San Francisco, CA, 224--238. Google ScholarDigital Library
Sankardas Roy, Jordan DeLoach, Yuping Li, Nic Herndon, Doina Caragea, and Xinming Ou. Experimental study with real-world data for android app security analysis using machine learning. ACM, 81--90.Google Scholar
Paul Sabanal. 2015. Hiding Behind ART. (Aug. 2015).Google Scholar
Samsung Electronics. 2014. White Paper: An Overview of Samsung KNOX 2.0. (March 2014). http://www.samsung.com/ca/business-images/resource/white-paper/2014/03/Samsung&percnt;5FKNOX &percnt;5Ftech&percnt;5Fwhitepaper&percnt;5FFinal&percnt;5F140220-0.pdf.Google Scholar
Golam Sarwar, Olivier Mehani, Roksana Boreli, and Dali Kaafar. 2013. On the Effectiveness of Dynamic Taint Analysis for Protecting Against Private Information Leaks on Android-based Devices. Technical Report. NICTA.Google Scholar
Anand Saswat, Naik Mayur, Jean Harrold Mary, and Yang Hongseok. 2012. Automated concolic testing of smartphone apps. In Proceedings of the 20th ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE). ACM, 59:1--59:15. Google ScholarDigital Library
Roman Schlegel, Kehuan Zhang, Xiaoyong Zhou, Mehool Intwala, Apu Kapadia, and XiaoFeng Wang. 2011. Soundcomber: A stealthy and context-aware sound trojan for smartphones. In Proceedings of the 18th Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, 1:1--1:17.Google Scholar
Daniel Schreckling, Joachim Posegga, and Daniel Hausknecht. 2012. Constroid: Data-centric access control for android. In Proceedings of the 27th ACM Symposium on Applied Computing (SAC). ACM, 1478--1485. Google ScholarDigital Library
Sebastian. 2011. Zimperlich Sources. (Feb. 2011). http://c-skills.blogspot.com/2011/02/zimperlich-sources.html.Google Scholar
Jaeback Seo, Daehyeok Kim, Donghyun Cho, Taesoo Kim, and Insik Shin. 2016. FlexDroid: Enforcing in-app privilege separation in android. In Proceedings of the 2016 Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 53:1--53:15.Google ScholarCross Ref
Yuru Shao, Xiapu Luo, and Chenxiong Qian. 2014a. RootGuard: Protecting rooted android phones. Computer 47 (June 2014), 32--40. Google ScholarDigital Library
Yuru Shao, Xiapu Luo, Chenxiong Qian, Pengfei Zhu, and Lei Zhang. 2014b. Towards a scalable resource-driven approach for detecting repackaged android applications. In Proceedings of the 30th Annual Computer Security Applications Conference (ACSAC). ACM, 56--65. Google ScholarDigital Library
Roy Choudhary Shauvik, Gorla Alessandra, and Alessandro (Alex) Orso. 2015. Automated test input generation for android: Are we there yet? In Proceedings of the 30th IEEE/ACM International Conference on Automated Software Engineering (ASE). IEEE Computer Society, 429--440.Google Scholar
Shashi Shekhar, Michael Dietz, and Dan S. Wallach. AdSplit: Separating smartphone advertising from applications. In Proceedings of the 21st USENIX Conference on Security Symposium (Security'12) USENIX Association, 553--567. Google ScholarDigital Library
Dongwan Shin, Huiping Yao, and Une Rosi. 2013. Supporting visual security cues for webview-based android apps. In Proceedings of the 28th ACM Symposium on Applied Computing (SAC). ACM, 1867--1876. Google ScholarDigital Library
Hao Shuai, Liu Bin, Nath Suman, G. J. Halfond William, and Ramesh Govindan. 2014. PUMA: Programmable UI-automation for large-scale dynamic analysis of mobile apps. In Proceedings of the 12th ACM International Conference on Mobile Computing Systems (MobiSys). ACM, 204--217. Google ScholarDigital Library
Silent Circle. 2016. Blackphone 2 and Silent OS. (Feb. 2016). https://www.silentcircle.com.Google Scholar
David Silver, Suman Jana, Dan Boneh, Eric Chen, and Collin Jackson. 2014. Password managers: Attacks and defenses. In Proceedings of the 23rd USENIX Security Symposium (Security). USENIX Association, San Diego, CA, 449--464. Google ScholarDigital Library
Stephen Smalley and Robert Craig. 2013. Security enhanced (SE) android: Bringing flexible MAC to android. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 9:1--9:18.Google Scholar
Carlos A. Soto. 2005. A Menu of Bluetooth Attacks. (July 2005). http://gcn.com/articles/2005/07/20/a-menu-of-bluetooth-attacks.aspx.Google Scholar
Mengtao Sun and Gang Tan. 2014. NativeGuard: Protecting android applications from third-party native libraries. In Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec). ACM Press, Oxford, UK, 165--176. Google ScholarDigital Library
Xin Sun, Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie. 2014. Detecting code reuse in android applications using component-based control flow graph. In Proceedings of the 29th International Conference on Systems Security and Privacy Protection (IFIPSEC). Springer, 142--155.Google ScholarCross Ref
SUSE. 2016. Live Kernel Patching with kGraft. (Feb. 2016). https://www.suse.com/promo/kgraft.html.Google Scholar
Vanja Svajcer. 2014. Sophos Mobile Security Threat Report 2014. Technical Report. Sophos, Ltd.Google Scholar
Azim Tanzirul and Neamtiu Iulian. 2013. Targeted and depth-first exploration for systematic testing of android apps. In Proceedings of the 24th Annual ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA). ACM Press, Indianapolis, IN, 641--660. Google ScholarDigital Library
Chengkai Tao. 2014. Android App Update Flaw Affects China-Based Users. Technical Report. Trendmicro.Google Scholar
Root Genius Team. 2016. Root Genius. (Feb. 2016). http://www.shuame.com/en/root.Google Scholar
The Apache Software Foundation. 2016. Apache Cordova. (Feb. 2016). http://cordova.apache.org.Google Scholar
thesnkchrmr. 2011. RageAgainstTheCage. (March 2011). https://thesnkchrmr.wordpress.com/2011/03/24/rageagainstthecage/.Google Scholar
Cody Toombs. 2014. {Lollipop Feature Spotlight} WebView Is Now Unbundled From Android And Free To Auto-Update From Google Play. (Oct. 2014). http://www.androidpolice.com/2014/10/19/lollipop-feature-spotlight-webview-now-unbundled-android-free-auto-update-google-play.Google Scholar
Eran Tromer, Dag Arne Osvik, and Adi Shamir. 2010. Efficient cache attacks on AES, and countermeasures. Journal of Cryptology 23, 1 (2010), 37--71. Google ScholarCross Ref
Ashee Vance. 2013. Behind the'Internet of Things' Is Android and It's Everywhere. (2013). http://www.businessweek.com/articles/2013-05-29/behind-the-internet-of-things-is-Android-and-its-everywhere.Google Scholar
Timothy Vidas and Nicolas Christin. 2013. Sweetening android lemon markets: Measuring and combating malware in application marketplaces. In Proceedings of the ACM Conference on Data and Applications Security and Privacy (CODASPY). ACM Press, San Antonio, TX, 197--208. Google ScholarDigital Library
Nicolas Viennot, Edward Garcia, and Jason Nieh. 2014. A measurement study of google play. In Proceedings of the 2014 ACM International Conference on Measurement and Modeling of Computer Systems (SIGMETRICS). ACM, 221--233. Google ScholarDigital Library
VirusTotal Team. 2012. VirusTotal. (Sept. 2012). https://www.virustotal.com/en/documentation/.Google Scholar
vuldb.com. 2013. Google Android 4.0 debug mode /data/local.prop privilege escalation. (June 2013). https://vuldb.com/?id.9059.Google Scholar
Ruowen Wang, William Enck, Douglas Reeves, Xinwen Zhang, Peng Ning, Dingbang Xu, Wu Zhou, and Ahmed M. Azab. 2014a. EASEAndroid: Automatic policy analysis and refinement for security enhanced android via large-scale semi-supervised learning. In Proceedings of the 23rd USENIX Security Symposium (Security). USENIX Association, San Diego, CA, 351--366. Google ScholarDigital Library
Yifei Wang, Srinivas Hariharan, Chenxi Zhao, Jiaming Liu, and Wenliang Du. 2014b. Compac: Enforce component-level access control in android. In Proceedings of the ACM Conference on Data and Applications Security and Privacy (CODASPY). ACM Press, San Antonio, TX, 25--36. Google ScholarDigital Library
Takuya Watanabe, Mitsuaki Akiyama, Tetsuya Sakai, and Tatsuya Mori. 2015. Understanding the inconsistencies between text descriptions and the use of privacy-sensitive resources of mobile apps. In Proceedings of the 11th ACM Symposium on Usable Privacy and Security (SOUPS). USENIX Association, 241--255.Google Scholar
Fengguo Wei, Sankardas Roy, Xinming Ou, and Robby. 2014. Amandroid: A precise and general inter-component data flow analysis framework for security vetting of android apps. In Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS). ACM Press, Scottsdale, Arizona, 1329--1341. Google ScholarDigital Library
Yang Wei, Xiao Xusheng, Andow Benjamin, Li Sihan, Xie Tao, and Enck William. 2015. AppContext: Differentiating malicious and benign mobile app behaviors using context. In Proceedings of the 37th International Conference on Software Engineering (ICSE). IEEE Computer Society, Austin, TX, 303--313. Google ScholarDigital Library
Ralf-Philipp Weinmann. 2012. Baseband attacks: Remote exploitation of memory corruptions in cellular protocol stacks. In Proceedings of the 2012 USENIX Workshop on Offensive Technologies (WOOT). USENIX Association, 12--21. Google ScholarDigital Library
Nathan Willis. 2013. Tizen Content Scanning and App Obfuscation. (June 2013). http://lwn.net/Articles/553676.Google Scholar
Michelle Y. Wong and David Lie. 2016. IntelliDroid: A targeted input generator for the dynamic analysis of android malware In Proceedings of the 2016 Annual Network and Distributed System Security Symposium (NDSS). The Internet Society, San Diego, CA, 54:1--54:15.Google Scholar
Choi Wontae, Necula George, and Sen Koushik. 2013. Guided GUI testing of android apps with minimal restart and approximate learning. In Proceedings of the 24th Annual ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA). ACM Press, Indianapolis, IN, 623--640. Google ScholarDigital Library
Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, and Xuxian Jiang. 2013. The impact of vendor customizations on android security. In Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS). ACM Press, Berlin, Germany, 623--634. Google ScholarDigital Library
Zhen Xie and Sencun Zhu. 2015. AppWatcher: Unveiling the underground market of trading mobile app reviews. In Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec). ACM, 10:1--10:11. Google ScholarDigital Library
Luyi Xing, Xiaorui Pan, Rui Wang, Kan Yuan, and XiaoFeng Wang. 2014. Upgrading your android, elevating my malware: Privilege escalation through mobile OS updating. In Proceedings of the 35th IEEE Symposium on Security and Privacy (Oakland). IEEE Computer Society, San Jose, CA, 393--408. Google ScholarDigital Library
Nan Xu, Fan Zhang, Yisha Luo, Weijia Jia, Dong Xuan, and Jin Teng. 2009. Stealthy video capturer: A new video-based spyware in 3G smartphones. In Proceedings of the 2nd ACM Conference on Wireless Network Security (WiSec'09). ACM, 69--78. Google ScholarDigital Library
Rubin Xu, Hassen Saïdi, and Ross Anderson. 2012. Aurasium: Practical policy enforcement for android applications. In Proceedings of the 21st USENIX Security Symposium (Security). USENIX Association, Bellevue, WA, 539--552. Google ScholarDigital Library
Yuanzhong Xu and Emmett Witchel. 2015. Maxoid: Transparently confining mobile applications with custom views of state. In Proceedings of the 10th European Conference on Computer Systems (EuroSys). ACM, 26:1--26:16. Google ScholarDigital Library
Lok Kwong Yan and Heng Yin. 2012. DroidScope: Seamlessly reconstructing the OS and dalvik semantic views for dynamic android malware analysis. In Proceedings of the 21st USENIX Security Symposium (Security). USENIX Association, Bellevue, WA, 569--584. Google ScholarDigital Library
Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, and X. Sean Wang. 2013. AppIntent: Analyzing sensitive data transmission in android for privacy leakage detection. In Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS). ACM Press, Berlin, Germany, 1043--1054. Google ScholarDigital Library
Jing Yu and Toshihiro Yamauchi. 2013. Access control to prevent attacks exploiting vulnerabilities of webview in android OS. In Proceedings of the 11th IEEE International Conference on Embedded and Ubiquitous Computing. IEEE Computer Society, 1628--1633.Google ScholarCross Ref
Fangfang Zhang, Heqing Huang, Sencun Zhu, Dinghao Wu, and Peng Liu. 2014a. ViewDroid: Towards obfuscation-resilient mobile application repackaging detection. In Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec). ACM Press, Oxford, UK, 25--36. Google ScholarDigital Library
Hang Zhang, Dongdong She, and Zhiyun Qian. 2015. Android root and its providers: A double-edged sword. In Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS). ACM Press, Denver, Colorado, 1093--1104. Google ScholarDigital Library
Mu Zhang and Heng Yin. 2014. Efficient, context-aware privacy leakage confinement for android applications without firmware modding. In Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS). ACM Press, 259--270. Google ScholarDigital Library
Yingqian Zhang, Michael K. Reiter, Ari Juels, and Thomas Ristenpart. 2012. Cross-VM side channels and their use to extract private keys. In Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS). ACM Press, Raleigh, NC, 305--316. Google ScholarDigital Library
Yuan Zhang, Min Yang, Bingquan Xu, Zhemin Yang, Guofei Gu, Peng Ning, X. Sean Wang, and Binyu Zang. 2013. Vetting undesirable behaviors in android apps with permission use analysis. In Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS). ACM Press, Berlin, Germany, 611--622. Google ScholarDigital Library
Zhongwen Zhang, Yuewu Wang, Jiwu Jing, Qiongxiao Wang, and Lingguang Lei. 2014b. Once root always a threat: Analyzing the security threats of android permission system. In Proceedings of the 19th Australasian Conference on Information Security and Privacy (ACISP). Springer, 354--369.Google ScholarCross Ref
Mu Zhang, Yue Duan, Heng Yin, and Zhiruo Zhao. 2014c. Semantics-aware android malware classification using weighted contextual API dependency graphs. In Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS). ACM Press, Scottsdale, Arizona, 1105--1116. Google ScholarDigital Library
Cong Zheng, Shixiong Zhu, Shuaifu Dai, Guofei Gu, Xiaorui Gong, Xinhui Han, and Wei Zou. 2012. SmartDroid: An automatic system for revealing UI-based trigger conditions in android applications. In Proceedings of the 2nd Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM). The Internet Society, Raleigh, NC, 93--104. Google ScholarDigital Library
Wu Zhou, Zhi Wang, Yajin Zhou, and Xuxian Jiang. 2014b. DIVILAR: Diversifying intermediate language for anti-repackaging on android platform. In Proceedings of the ACM Conference on Data and Applications Security and Privacy (CODASPY). ACM Press, San Antonio, TX, 199--210. Google ScholarDigital Library
Wu Zhou, Xinwen Zhang, and Xuxian Jiang. 2013a. AppInk: Watermarking android apps for repackaging deterrence. In Proceedings of the 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS). ACM Press, Hangzhou, China, 1--12. Google ScholarDigital Library
Wu Zhou, Yajin Zhou, Michael Grace, Xuxian Jiang, and Shihong Zou. 2013b. Fast, scalable detection of piggybacked mobile applications. In Proceedings of the ACM Conference on Data and Applications Security and Privacy (CODASPY). ACM Press, San Antonio, TX, 185--196. Google ScholarDigital Library
Wu Zhou, Yajin Zhou, Xuxian Jiang, and Peng Ning. 2012. Detecting repackaged smartphone applications in third-party android marketplaces. In Proceedings of the ACM Conference on Data and Applications Security and Privacy (CODASPY). ACM, 317--326. Google ScholarDigital Library
Xiaoyong Zhou, Soteris Demetriou, Dongjing He, Muhammad Naveed, Xiaorui Pan, XiaoFeng Wang, Carl A. Gunter, and Klara Nahrstedt. 2013. Identity, location, disease and more: Inferring your secrets from android public resources. In Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS). ACM Press, Berlin, Germany, 1017--1028. Google ScholarDigital Library
Xiaoyong Zhou, Yeonjoon Lee, Nan Zhang, Muhammad Naveed, and XiaoFeng Wang. 2014a. The peril of fragmentation: Security hazards in android device driver customizations. In Proceedings of the 35th IEEE Symposium on Security and Privacy (Oakland). IEEE Computer Society, San Jose, CA, 409--423. Google ScholarDigital Library
Yajin Zhou and Xuxian Jiang. 2012. Dissecting android malware: Characterization and evolution. In Proceedings of the 33rd IEEE Symposium on Security and Privacy (Oakland). IEEE Computer Society, San Francisco, CA, 95--109. Google ScholarDigital Library

Index Terms

Toward Engineering a Secure Android Ecosystem: A Survey of Existing Techniques
1. Security and privacy

Recommendations

Enforcing fine-grained security and privacy policies in an ecosystem within an ecosystem
MobileDeLi 2015: Proceedings of the 3rd International Workshop on Mobile Development Lifecycle

Smart home automation and IoT promise to bring many advantages but they also expose their users to certain security and privacy vulnerabilities. For example, leaking the information about the absence of a person from home or the medicine somebody is ...
Read More
Android: Changing the Mobile Landscape

The mobile phone landscape changed last year with the introduction of smart phones running Android, a platform marketed by Google. Android phones are the first credible threat to the iPhone market. Not only did Google target the same consumers as iPhone,...
Read More
Secure Containers in Android: The Samsung KNOX Case Study
SPSM '16: Proceedings of the 6th Workshop on Security and Privacy in Smartphones and Mobile Devices

Bring Your Own Device (BYOD) is a growing trend among enterprises, aiming to improve workers' mobility and productivity via their smartphones. The threats and dangers posed by the smartphones to the enterprise are also ever-growing. Such dangers can be ...
Read More

Reviews

Reviewer: Phoram Mehta

Android has clearly surpassed every other mobile operating system in terms of popularity, adoption rates, and alternative uses (Internet of Things, IoT). With mobile malware increasing faster than mobile commerce (mCommerce), it is worth understanding the security landscape of Android. The architecture, the vulnerabilities, and the defenses have all come a long way, and this survey is by far one of the most comprehensive records of key issues and solutions offered. After covering key architecture topics from a security perspective, the authors cover offensive and defensive techniques. Throughout, they also offer their views on issues, future research areas, and ideas for next-gen Android that will support better privacy, anti-malware solutions, and be extensively used in IoT-based advancements. Next, the key topics of Android platform security architecture are broken into operating system, application framework, and application layers. These form the structure for four following sections, where offensive and defensive works across multiple versions of Android are recounted. Similarly, the security practices in the Android ecosystem are grouped by core participants (users, developers, app stores, and open handset alliance) and malware defense practices. Four following sections cover solutions and issues with defensive approaches like behavior detection, repackaging detection, controlled distribution, and malware monetization schemes. The final sections present a security outlook for Android in its use for home automation and other cyber-physical systems, Android's role in potential large-scale attacks, privacy considerations, and some new features for Android security and ideas on elevating overall protection offered in what seems to be the platform of choice for years to come. For security researchers, industry partners, and organizations interested in understanding or developing defensive solutions, this is a quick and easy reference that covers key issues for Android security. Online Computing Reviews Service

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Computing Surveys Volume 49, Issue 2
June 2017
747 pages
ISSN:0360-0300
EISSN:1557-7341
DOI:10.1145/2966278
Editor:
Sartaj Sahni
Department of Computer and Information Science and Engineering / University of Florida / Gainesville, FL 32611
Issue’s Table of Contents
Copyright © 2016 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 13 August 2016
- Accepted: 1 June 2016
- Revised: 1 May 2016
- Received: 1 April 2015
Published in csur Volume 49, Issue 2

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Android
ecosystem
mobile malware
survey
Qualifiers
- survey
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 63
  Total Citations
  View Citations
- 2,476
  Total Downloads
- Downloads (Last 12 months)311
- Downloads (Last 6 weeks)41
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Toward Engineering a Secure Android Ecosystem: A Survey of Existing Techniques

ACM Computing Surveys

Abstract

References

Cited By

Index Terms

Recommendations

Enforcing fine-grained security and privacy policies in an ecosystem within an ecosystem

Android: Changing the Mobile Landscape

Secure Containers in Android: The Samsung KNOX Case Study

Reviews

Access critical reviews of Computing literature here