Android Security: A Review
Smartphones are used by billions of people that means the applications of the smartphone is increasing, it is out of control for applications marketplaces to completely validate if an application is malicious or legitimate. Therefore, it is up to users to choose for themselves whether an application is safe to use or not. It is important to say that there are differences between mobile devices and PC machines in resource management mechanism, the security solutions for computer malware are not compatible with mobile devices. Consequently, the anti-malware organizations and academic researchers have produced and proposed many security methods and mechanisms in order to recognize and classify the security threat of the Android operating system. By means of the proposed methods are different from one to another, they can be arranged into various classifications. In this review paper, the present Android security threats is discussed and present security proposed solutions and attempt to classify the proposed solutions and evaluate them.
Appbrain. (2017). Number of android applications. Retrieved July 28, 2017, from
Brähler, S. (2010). Analysis of the Android Architecture. Karlsruhe Institute for Technology, 52. Retrieved from http://os.ibds.kit.edu/downloads/sa_2010_braehler-stefan_android-architecture.pdf
Burguera, I., Zurutuza, U., & Nadjm-Tehrani, S. (2011). Crowdroid: Behavior-Based Malware Detection System for Android. Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices - SPSM ’11, 15.
Faruki, P., Bharmal, A., Laxmi, V., Ganmoor, V., Gaur, M. S., Conti, M., & Rajarajan, M. (2015). Android security: A survey of issues, malware penetration, and defenses. IEEE Communications Surveys and Tutorials, 17(2), 998–1022.
Faruki, P., Ganmoor, V., Laxmi, V., Gaur, M. S., & Bharmal, A. (2013). AndroSimilar : Robust Statistical Feature Signature for Android Malware Detection. Proceedings of the 6th International Conference on Security of Information and Networks, (September 2015), 152–159. https://doi.org/10.1145/2523514.2523539
Grace, M., Zhou, Y., Zhang, Q., Zou, S., & Jiang, X. (2012). RiskRanker: Scalable and Accurate Zero-day Android Malware Detection. 10th International Conference on Mobile Systems, Applications, and Services, 281–294. https://doi.org/10.1145/2307636.2307663
Jing, Y., Ahn, G.-J., Zhao, Z., & Hu, H. (2014). RiskMon : Continuous and Automated Risk Assessment of Mobile Applications. Proceedings of the 4th ACM Conference on Data and Application Security and Privacy - CODASPY ’14, 99–110.
Rashidi, B., Fung, C., & Vu, T. (2014). On lightweight mobile phone application certification. Proceedings of the ACM MobiCom Workshop on Security and Privacy in Mobile Environments, 235–245.
Rashidi, B., Fung, C., & Vu, T. (2014). RecDroid: A resource access permission control portal and recommendation service for smartphone users. 2014 ACM MobiCom Workshop on Security and Privacy in Mobile Environments, SPME 2014, 13–17. https://doi.org/10.1145/2646584.2646586
Russello, G., Jimenez, A. B., Naderi, H., & van der Mark, W. (2013). FireDroid: hardening security in almost-stock Android. Proceedings of the 29th Annual Computer Security Applications Conference, 319–328. https://doi.org/10.1145/2523649.2523678
Xu, R., Saïdi, H., & Anderson, R. (2012). Aurasium: Practical Policy Enforcement for Android Applications. Proceedings of the 21st USENIX Conference, 27. Retrieved from https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final60.pdf%5Cnhttp://dl.acm.org/citation.cfm?id=2362793.2362820
Yan, L. K., & Yin, H. (2012). DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis. In USENIX Security Symposium. https://doi.org/10.1145/2420950.2420980
Zhou, W., Zhou, Y., Jiang, X., & Ning, P. (2012). Detecting repackaged smartphone applications in third-party android marketplaces. Proceedings of the Second ACM Conference on Data and Application Security and Privacy - CODASKY ’12, 317–326.
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License [CC BY-NC-ND 4.0] that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
AJNU is committed to protecting the privacy of the users of this journal website. The names, personal particulars and e-mail addresses entered in this website will be used only for the stated purposes of this journal and will not be made available to third parties without the user's permission or due process. Users consent to receive communication from the AJNU for the stated purposes of the journal. Queries with regard to privacy may be directed to firstname.lastname@example.org.