Security Metrics for the Android Ecosystem

@article{Thomas2015SecurityMF,
  title={Security Metrics for the Android Ecosystem},
  author={Daniel R. Thomas and Alastair R. Beresford and Andrew C. Rice},
  journal={Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices},
  year={2015},
  url={https://api.semanticscholar.org/CorpusID:14832327}
}
  • Daniel R. ThomasA. BeresfordA. Rice
  • Published in SPSM@CCS 12 October 2015
  • Computer Science, Engineering
  • Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices
The complex network of players in the Android ecosystem who must collaborate to provide updates is mapped, and it is determined that inaction by some manufacturers and network operators means many handsets are vulnerable to critical vulnerabilities.
View on ACM
strathprints.strath.ac.uk
86 Citations
Highly Influential Citations
8
Background Citations
49
Methods Citations
7
Results Citations
1

86 Citations

An Empirical Study of Android Security Bulletins in Different Vendors

A comprehensive study of 3,171 Android-related vulnerabilities is performed and it is found that the studied vendors in the Android ecosystem have adopted different structures for vulnerability reporting, and vendors are less likely to react with delay for CVEs with Android Git repository references.

Honey, I Shrunk Your App Security: The State of Android App Hardening

This paper assesses the RASP market for Android by providing an overview of the available products and their features, and describes an in-depth case study for a leading RasP product—namely Promon Shield—which is being used by approximately 100 companies to protect over 100 million end users worldwide.

The Android OS stack and its vulnerabilities: an empirical study

The largest study so far aimed at analyzing software vulnerabilities in the Android OS is presented, which analyzes a total of 1,235 vulnerabilities from four different perspectives: vulnerability types and their evolution, CVSS vectors that describe the vulnerabilities, impacted Android OS layers, and their survivability across the AndroidOS history.

LaChouTi: kernel vulnerability responding framework for the fragmented Android devices

The results show that: (1) the security risk of unpatched vulnerabilities caused by fragmentation is serious; and (2) the proposed LaChouTi is effective in responding to such security risk.

The Android Platform Security Model

This article aims to both document the abstract model of the Android security model and discuss its implications, and analyze how the different security measures in past and current Android implementations work together to mitigate these threats.

A Data-Driven Evaluation of the Current Security State of Android Devices

A method is created that derives attribute weights from the importance of attributes for mitigating threats on the Android platform and suggests possible examples for more specialized weights for groups of confidentiality/privacy-sensitive users and integrity-sensitive users.

Security in Android Applications Master

To promote secure programming practices, a lightweight static analysis tool is developed and identified avoidable vulnerabilities in Android-run devices and the security code smells that indicate their presence.

Deploying Android Security Updates: an Extensive Study Involving Manufacturers, Carriers, and End Users

This paper performs an extensive quantitative study to measure the Android security updates and OS upgrades rollout process, and delves into the effectiveness of current Android projects.

Studying TLS Usage in Android Apps

This paper uses data collected by Lumen, a mobile measurement platform, to analyze how 7,258 Android apps use TLS in the wild and analyzes and fingerprint handshake messages to characterize the TLS APIs and libraries that apps use, and evaluates weaknesses.

An Economic Study of the Effect of Android Platform Fragmentation on Security Updates

A model of the Android ecosystem utilizing the concepts of game theory and product differentiation to capture the competition involving two vendors customizing the AOSP platform and shows how product prices will decrease for the same cost of customization in the presence of a fine, or a higher level of regulator-imposed minimum security.
...

38 References

Security Enhanced (SE) Android: Bringing Flexible MAC to Android

The work to bring flexible mandatory access control (MAC) to Android is motivated and described by enabling the effective use of Security Enhanced Linux (SELinux) for kernel-level MAC and by developing a set of middleware MAC extensions to the Android permissions model.

Upgrading Your Android, Elevating My Malware: Privilege Escalation through Mobile OS Updating

This research brought to light a new type of security-critical vulnerabilities, called Pileup flaws, through which a malicious app can strategically declare a set of privileges and attributes on a low-version operating system (OS) and wait until it is upgraded to escalate its privileges on the new system.

The Attack of the Clones: A Study of the Impact of Shared Code on Vulnerability Patching

This first systematic study of patch deployment in client-side vulnerabilities from 10 popular client applications is presented, and several new threats presented by multiple installations of the same program and by shared libraries distributed with several applications are identified.

Critical Vulnerability in Browser Security Metrics

It is argued that patch deployment matters vastly more than patch frequency, that bug count fails to take into account differences in severity and vendor reporting methodologies, and that the security features that matter most are ignored by negative news articles.

Jekyll on iOS: When Benign Apps Become Evil

A novel attack method is presented that allows attackers to reliably hide malicious behavior that would otherwise get their app rejected by the Apple review process, and to introduce malicious control flows by rearranging signed code.

DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket

DREBIN is proposed, a lightweight method for detection of Android malware that enables identifying malicious applications directly on the smartphone and outperforms several related approaches and detects 94% of the malware with few false alarms.

Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets

A permissionbased behavioral footprinting scheme to detect new samples of known Android malware families and a heuristics-based filtering scheme to identify certain inherent behaviors of unknown malicious families are proposed.

DroidChameleon: evaluating Android anti-malware against transformation attacks

This paper evaluates the state-of-the-art commercial mobile antimalware products for Android and test how resistant they are against various common obfuscation techniques and proposes possible remedies for improving the current state of malware detection on mobile devices.

Secure Software Updates: Disappointments and New Challenges

This analysis of several popular software update mechanisms shows that deployed systems often rely on trusted networks to distribute critical software updates-despite the research progress in secure content distribution.

ANDRUBIS -- 1,000,000 Apps Later: A View on Current Android Malware Behaviors

This paper presents ANDRUBIS, a fully automated, publicly available and comprehensive analysis system for Android apps that combines static analysis with dynamic analysis on both Dalvik VM and system level, as well as several stimulation techniques to increase code coverage.

Related Papers

Showing 1 through 3 of 0 Related Papers