Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Toward engineering a secure Android ecosystem: a survey of existing techniques
Xu M., Song C., Ji Y., Shih M., Lu K., Zheng C., Duan R., Jang Y., Lee B., Qian C., Lee S., Kim T. ACM Computing Surveys49 (2):1-47,2016.Type:Article
Date Reviewed: Mar 9 2017

Android has clearly surpassed every other mobile operating system in terms of popularity, adoption rates, and alternative uses (Internet of Things, IoT). With mobile malware increasing faster than mobile commerce (mCommerce), it is worth understanding the security landscape of Android. The architecture, the vulnerabilities, and the defenses have all come a long way, and this survey is by far one of the most comprehensive records of key issues and solutions offered.

After covering key architecture topics from a security perspective, the authors cover offensive and defensive techniques. Throughout, they also offer their views on issues, future research areas, and ideas for next-gen Android that will support better privacy, anti-malware solutions, and be extensively used in IoT-based advancements. Next, the key topics of Android platform security architecture are broken into operating system, application framework, and application layers. These form the structure for four following sections, where offensive and defensive works across multiple versions of Android are recounted. Similarly, the security practices in the Android ecosystem are grouped by core participants (users, developers, app stores, and open handset alliance) and malware defense practices. Four following sections cover solutions and issues with defensive approaches like behavior detection, repackaging detection, controlled distribution, and malware monetization schemes. The final sections present a security outlook for Android in its use for home automation and other cyber-physical systems, Android’s role in potential large-scale attacks, privacy considerations, and some new features for Android security and ideas on elevating overall protection offered in what seems to be the platform of choice for years to come.

For security researchers, industry partners, and organizations interested in understanding or developing defensive solutions, this is a quick and easy reference that covers key issues for Android security.

Reviewer:  Phoram Mehta Review #: CR145108 (1705-0279)
Bookmark and Share
  Reviewer Selected
Featured Reviewer
 
 
Security and Protection (D.4.6 )
 
 
Security and Protection (K.6.5 )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
Practical UNIX security
Garfinkel S., Spafford G., O’Reilly & Associates, Inc., Sebastopol, CA, 1991. Type: Book (9780937175729)
Jun 1 1992
Trusted products evaluation
Chokhani S. Communications of the ACM 35(7): 64-76, 1992. Type: Article
Oct 1 1993
An experience using two covert channel analysis techniques on a real system design
Haigh J., Kemmerer R., McHugh J., Young W. IEEE Transactions on Software Engineering SE-13(2): 157-168, 1987. Type: Article
Nov 1 1987
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy