This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Google Android: A Comprehensive Security Assessment
March/April 2010 (vol. 8 no. 2)
pp. 35-44
Asaf Shabtai, Deutsche Telekom Laboratories at Ben-Gurion University Ben-Gurion University, Beer-Sheva Beer-Sheva
Yuval Fledel, Deutsche Telekom Laboratories at Ben-Gurion University, Beer-Sheva
Uri Kanonov, Deutsche Telekom Laboratories at Ben-Gurion University, Beer-Sheva
Yuval Elovici, Deutsche Telekom Laboratories at Ben-Gurion University Ben-Gurion University, Beer-Sheva Beer-Sheva
Shlomi Dolev, Ben-Gurion University, Beer-Sheva
Chanan Glezer, Deutsche Telekom Laboratories at Ben-Gurion University, Beer-Sheva
The Android framework, Google's new software stack for mobile devices, includes an operating system, middleware, and key applications. This research provides a comprehensive security assessment of this framework and its security mechanisms The authors conducted a methodological qualitative risk analysis that identifies high-risk threats to the framework and any potential danger to information or to the system resulting from vulnerabilities attackers have uncovered and exploited. They propose several security solutions for mitigating these risks.

1. C. Dagon, T. Martin, and T. Starner, "Mobile Phones as Computing Devices: the Viruses Are Coming," IEEE Pervasive Computing, vol. 3, no. 4, 2004, pp. 11–15.
2. J. Cheng et al., "SmartSiren: Virus Detection and Alert for Smartphones," Proc. 5th Int'l Conf. Mobile Systems, Applications and Services (MobiSys 07), ACM Press, 2007, pp. 258–271.
3. A. Gostev, "Mobile Malware Evolution: An Overview," Viruslist.com, 2006; www.viruslist.com/enanalysis?pubid=200119916 .
4. D. Muthukumaran et al., "Measuring Integrity on Mobile Phone Systems," Proc. 13th ACM Symp. Access Control Models and Technologies, ACM Press, 2008, pp. 155–164.
5. D. Emm, "Mobile Malware—New Avenues," Network Security, vol. 2006, no. 11, 2006, pp. 4–6.
6. E.E. Schultz, "Where Have the Worms and Viruses Gone? New Trends in Malware," Computer Fraud and Security, vol. 2006, no. 7, 2006, pp. 4–8.
7. N. Leavitt, "Mobile Phones: The Next Frontier for Hackers?" Computer, vol. 38, no. 4, 2005, pp. 20–23.
8. M. Pelino, Predictions 2010: Enterprise Mobility Accelerates Again, Forrester, 2009.
9. W. Enck, M. Ongtang, and P. McDaniel, "Understanding Android Security," IEEE Security & Privacy, vol. 7, no. 1, 2009, pp. 50–57.
10. A. Shabtai, Y. Fledel, and Y. Elovici, "Securing Android-Powered Mobile Devices Using SELinux," IEEE Security & Privacy, to appear, 2010.

Index Terms:
security, mobile devices, Google, Android, risk analysis, security solutions for mobile devices
Citation:
Asaf Shabtai, Yuval Fledel, Uri Kanonov, Yuval Elovici, Shlomi Dolev, Chanan Glezer, "Google Android: A Comprehensive Security Assessment," IEEE Security & Privacy, vol. 8, no. 2, pp. 35-44, March-April 2010, doi:10.1109/MSP.2010.2
Usage of this product signifies your acceptance of the Terms of Use.