Survey on Security in Android
Keywords:
Android operating system, smartphone mobile devices, android App, cyber- criminals, TOCTOUAbstract
Android OS has become one of the most famous mobile phone OS which is continuously deployed by many smartphone mobile devices assemble for a range of platforms.in this world after the internet and computers smartphones is the third revolution, On the downside, Android is also very fast becoming platform for security attacks. Android security have been based upon a privilege-based mechanism that prohibit access of third-party Android apps to demanding assets on an Android smartphone device. Android apps runs over permission-based structure in which each app`s access is managed according to the permission that it achieves during installation. However, present research shows that android privilege framework is inherently by design are weak and privileged permissions can be got by malicious operation by fire privilege escalation attacks. by these attacks, an application may get privilege to perform a privileged task which it is not authorized. In this review paper, we examine the arising concern in Android OS security, covers Excess Privilege Attacks, conflict attacks, inefficient permission administration, overclaim of privilege, privilege escalation attacks, and TOCTOU (Time of Check to Time of Use) attack, spyware etc. We also discuss ways to detect it.
References
Fred Guyton. A survey of Android security threats and machine learning techniques used for detection. Android Malware Detection. 2018. [Online]. Available from: https://www.researchgate.net/publication/326247336_A_survey_of_Android_security_threats_and_machine_learning_techniques_used_for_detection
Bahman Rashidi and Carol Fung. A Survey of Android Security Threats and Defenses. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications. 6(3):3-35
L. Whitney (2 Feb, 2016). Almost no one is using Android marshmallow, still [Online]. Available from https://www.cnet.com/tech/services-and-software/almost-no-one-is-using-android-marshmallow-still/
J Rahul, Anirudh R Bharadwaj, et al. ASurvey on Android Security, Vulnerabilities,Attacks and Defense. IJISET - International Journal of Innovative Science, Engineering & Technology. 2015;2(9):572-577.
Lucas Davi, A. Dmitrienko, et al. Privilege Escalation Attacks on Android. International Conference on Information Security. 2010.
MA Rahim Khan, RC Tripathi, Ajit Kumar. A Malicious Attacks and Defense Techniques on Android-Based Smartphone Platform. International Journal of Innovative Technology and Exploring Engineering (IJITEE). 2019;8(8S3):361-369.
Ashmeet Kaur and Divya Upadhyay. PeMo: Modifying application's permissions and preventing information stealing on smartphones. 2014 5th International Conference - Confluence The Next Generation Information Technology Summit (Confluence). 25-26 Sept. 2014; Noida, India, 2014.
Statista. Number of smartphone users from 2016 to 2021. Technology & Telecommunications. Smartphone users worldwide 2016-2021 [Online]. Available from https://www.statista.com/statistics/330695/number-of-smartphone-users-worldwide.
Mohd Shahdi Ahmad, Nur Emyra Musa, et al. Comparison between android and iOS Operating System in terms of security. 2013 8th International Conference on Information Technology in Asia (CITA). 1-4 July 2013; Kota Samarahan, Malaysia, IEEE; 2013.
Luyi Xing, Xiaorui Pan, et al. Upgrading Your Android, Elevating My Malware: Privilege Escalation through Mobile OS Updating. 18-21 May 2014; Berkeley, CA, USA, IEEE; 2014.
Yajin Zhou and Xuxian Jiang. Dissecting Android malware: Characterization and evolution. 2012 IEEE Symposium on Security and Privacy. 20-23 May 2012; San Francisco, CA, USA, IEEE; 2012.
V. Savov (4 May, 2016). Only 7.5 percent of Android phones are running marshmallow [Online]. Available from https://www.theverge.com/circuitbreaker/2016/5/4/11589630/android-6-marshmallow-os-distribution-statistics
Developers. Permissions on Android [Online]. Available from https://developer.android.com/guide/topics/permissions/overview#normal-dangerous
Wikipedia. Facebook Messenger [Online]. Available from https://simple.wikipedia.org/wiki/Facebook_Messenger
SAMAA (8 Oct, 2018). Uber App can secretly record everything on your iPhone’s screen. https://www.samaa.tv/uncategorized/2017/10/uber-app-can-secretly-record-everything-iphones-screen-researchers-find/
Ben Martini, et al. Enhancing User Privacy on Android Mobile Devices via Permissions Removal. 2014 47th Hawaii International Conference on System Sciences. 6-9 Jan. 2014; Waikoloa, HI, USA, IEEE; 2014.
