Android Security: A Review
Keywords:Android, Security, Smartphone
Smartphones are used by billions of people that means the applications of the smartphone is increasing, it is out of control for applications marketplaces to completely validate if an application is malicious or legitimate. Therefore, it is up to users to choose for themselves whether an application is safe to use or not. It is important to say that there are differences between mobile devices and PC machines in resource management mechanism, the security solutions for computer malware are not compatible with mobile devices. Consequently, the anti-malware organizations and academic researchers have produced and proposed many security methods and mechanisms in order to recognize and classify the security threat of the Android operating system. By means of the proposed methods are different from one to another, they can be arranged into various classifications. In this review paper, the present Android security threats is discussed and present security proposed solutions and attempt to classify the proposed solutions and evaluate them.
Appbrain. (2017). Number of android applications. Retrieved July 28, 2017, from
Brähler, S. (2010). Analysis of the Android Architecture. Karlsruhe Institute for Technology, 52. Retrieved from http://os.ibds.kit.edu/downloads/sa_2010_braehler-stefan_android-architecture.pdf
Burguera, I., Zurutuza, U., & Nadjm-Tehrani, S. (2011). Crowdroid: Behavior-Based Malware Detection System for Android. Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices - SPSM ’11, 15.
Faruki, P., Bharmal, A., Laxmi, V., Ganmoor, V., Gaur, M. S., Conti, M., & Rajarajan, M. (2015). Android security: A survey of issues, malware penetration, and defenses. IEEE Communications Surveys and Tutorials, 17(2), 998–1022.
Faruki, P., Ganmoor, V., Laxmi, V., Gaur, M. S., & Bharmal, A. (2013). AndroSimilar : Robust Statistical Feature Signature for Android Malware Detection. Proceedings of the 6th International Conference on Security of Information and Networks, (September 2015), 152–159. https://doi.org/10.1145/2523514.2523539
Grace, M., Zhou, Y., Zhang, Q., Zou, S., & Jiang, X. (2012). RiskRanker: Scalable and Accurate Zero-day Android Malware Detection. 10th International Conference on Mobile Systems, Applications, and Services, 281–294. https://doi.org/10.1145/2307636.2307663
Jing, Y., Ahn, G.-J., Zhao, Z., & Hu, H. (2014). RiskMon : Continuous and Automated Risk Assessment of Mobile Applications. Proceedings of the 4th ACM Conference on Data and Application Security and Privacy - CODASPY ’14, 99–110.
Rashidi, B., Fung, C., & Vu, T. (2014). On lightweight mobile phone application certification. Proceedings of the ACM MobiCom Workshop on Security and Privacy in Mobile Environments, 235–245.
Rashidi, B., Fung, C., & Vu, T. (2014). RecDroid: A resource access permission control portal and recommendation service for smartphone users. 2014 ACM MobiCom Workshop on Security and Privacy in Mobile Environments, SPME 2014, 13–17. https://doi.org/10.1145/2646584.2646586
Russello, G., Jimenez, A. B., Naderi, H., & van der Mark, W. (2013). FireDroid: hardening security in almost-stock Android. Proceedings of the 29th Annual Computer Security Applications Conference, 319–328. https://doi.org/10.1145/2523649.2523678
Xu, R., Saïdi, H., & Anderson, R. (2012). Aurasium: Practical Policy Enforcement for Android Applications. Proceedings of the 21st USENIX Conference, 27. Retrieved from https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final60.pdf%5Cnhttp://dl.acm.org/citation.cfm?id=2362793.2362820
Yan, L. K., & Yin, H. (2012). DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis. In USENIX Security Symposium. https://doi.org/10.1145/2420950.2420980
Zhou, W., Zhou, Y., Jiang, X., & Ning, P. (2012). Detecting repackaged smartphone applications in third-party android marketplaces. Proceedings of the Second ACM Conference on Data and Application Security and Privacy - CODASKY ’12, 317–326.
How to Cite
Authors retain copyright
The use of a Creative Commons License enables authors/editors to retain copyright to their work. Publications can be reused and redistributed as long as the original author is correctly attributed.
- The researcher(s), whether a single or joint research paper, must sell and transfer to the publisher (the Academic Journal of Nawroz University) through all the duration of the publication which starts from the date of entering this Agreement into force, the exclusive rights of the research paper/article. These rights include the translation, reuse of papers/articles, transmit or distribute, or use the material or parts(s) contained therein to be published in scientific, academic, technical, professional journals or any other periodicals including any other works derived from them, all over the world, in English and Arabic, whether in print or in electronic edition of such journals and periodicals in all types of media or formats now or that may exist in the future. Rights also include giving license (or granting permission) to a third party to use the materials and any other works derived from them and publish them in such journals and periodicals all over the world. Transfer right under this Agreement includes the right to modify such materials to be used with computer systems and software, or to reproduce or publish it in e-formats and also to incorporate them into retrieval systems.
- Reproduction, reference, transmission, distribution or any other use of the content, or any parts of the subjects included in that content in any manner permitted by this Agreement, must be accompanied by mentioning the source which is (the Academic Journal of Nawroz University) and the publisher in addition to the title of the article, the name of the author (or co-authors), journal’s name, volume or issue, publisher's copyright, and publication year.
- The Academic Journal of Nawroz University reserves all rights to publish research papers/articles issued under a “Creative Commons License (CC BY-NC-ND 4.0) which permits unrestricted use, distribution, and reproduction of the paper/article by any means, provided that the original work is correctly cited.
- Reservation of Rights
The researcher(s) preserves all intellectual property rights (except for the one transferred to the publisher under this Agreement).
- Researcher’s guarantee
The researcher(s) hereby guarantees that the content of the paper/article is original. It has been submitted only to the Academic Journal of Nawroz University and has not been previously published by any other party.
In the event that the paper/article is written jointly with other researchers, the researcher guarantees that he/she has informed the other co-authors about the terms of this agreement, as well as obtaining their signature or written permission to sign on their behalf.
The author further guarantees:
- The research paper/article does not contain any defamatory statements or illegal comments.
- The research paper/article does not violate other's rights (including but not limited to copyright, patent, and trademark rights).
This research paper/article does not contain any facts or instructions that could cause damages or harm to others, and publishing it does not lead to disclosure of any confidential information.