Android Security Issues A Comprehensive Solution Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Kernel: The kernel is a program that constitutes the central core of a computer operating system. It has complete control over everything that occurs in the system. Android uses Linux kernel [1] .

Malware - Software that gets installed on your machine and performs unwanted tasks, often for some third party's benefit [2] .

Adware - Software that is financially supported (or financially supports another program) by displaying ads when you're connected to the Internet2.

Spyware - Software that surreptitiously gathers information and transmits it to interested parties. Types of information that is gathered includes the Websites visited, browser and system information, and your computer IP address2.

Virus - Software that can replicate itself and spread to other computers or are programmed to damage a computer by deleting files, reformatting the hard disk, or using up computer memory2.

Background

A smartphone redefined the meaning of a phone. A phone used to be a device which could just make and receive calls. Since the beginning of the smartphone era, the difference between a phone and a computer started to vanish. As a matter of fact, the most recent smartphone is way better than the desktop computer we used to use five years ago in terms of performance, resolution, touch screen controls etc. Smartphones are being used for many tasks than for just calling and texting. There are applications for almost everything such as Mobile banking, email, social networking, games, and many more. This increased utilization means that more personal and secure information is available on the phones. Furthermore, the concept of BYOD (Bring Your Own Device) is becoming increasingly popular with the companies. All these make smartphones make them vulnerable and hence, hot targets for the bad guys.

The core of any smartphone is the mobile operating system (OS). There are many mobile operating systems available in the market today and the most popular are Android from Google, iOS from Apple, bada from Samsung, Blackberry OS from RIM, Symbian from Nokia etc. The table below released by comScore shows the top mobile platforms.[1] As it can be seen, out of 121.3 million smartphone users in the U.S., 53.6% use Android, while Apple's iOS occupies 34.3% of the market share. With a market share of over 87% combined, it is so obvious that these two platforms are attacked more often than the rest.

Mobile OS

Share (%) of Smartphone Subscribers

Google

53.6%

Apple

34.3%

RIM

7.8%

Microsoft

3.2%

Nokia

0.6%

Fig 1: Top Smartphone Platforms by Oct'12 [1]

There are 3 reasons why I chose Android over iOS:

Android is an open source platform: This means that the applications that are available on the Internet are not monitored for vulnerabilities. Hackers make use of this loophole to build app containing malicious functions which are difficult to detect. It is up to the users to decide if the app they want to download is malicious or not. Here is the graph that shows the number of malware targeting Android OS in Q2 2012 as per the report by Kaspersky [2]. As it is evident below, the malware levels rose almost threefold in Q2 2012.

http://www.securelist.com/en/images/vlill/q2malware2012_pic01_all.png

Fig 2: The number of malware modifications targeting Android OS [2]

Android has all the tools in place: Google's flexible rules allow any developer or researcher to easily test the apps, root the devices, install the apps and scan the apps for malicious content. However, Apple has strict guidelines and the visibility into the phone or the apps is very limited.

Android is the most popular OS: With over 75% of the market share worldwide [1], Android is the most attacked platform to infiltrate huge information available.

Literature Review

There have been many researchers and security firms working on fixing the flaws in Android operating system. However, none of them prevented the rise in malware and viruses.

Many organizations are actively involved in the Android security research, however, a very limited research have been done by the Universities. Virginia Tech has a number of research projects underway, aimed at securing all levels of the Android operating system [3]. Here are the projects [3]:

Secure Multimode Android: This project focuses on bringing advanced security countermeasures to the Android operating system, and being able to run an Android device with multiple simultaneous modes.

Android Application Security: Virginia Tech has work underway to anti-malware tools that exist within the Android kernel and at the interface points between apps and the operating system.

Detecting Malware with Power Fingerprinting: This project seeks to conduct completely external analysis to identify the presence of malware [3].

Although the objectives of these projects are very interesting and may reduce the malware significantly, all these are work in progress and will have to wait till the results are published.

Security firms like Lookout, Norton etc., have their own commercial apps like Lookout security, Norton Antivirus etc. All these applications play a significant role in blocking most of the significant threats. They have features like Anti-Malware, Anti-Theft, Web Protection etc. But, most of the features are available as part of the premium plan and a user has to pay around $50 an year to use these premium services. Furthermore, there are a few more vulnerabilities, which cannot be detected by these Antivirus agents such as rootkit vulnerabilities, Web Vulnerability scanner, Kernel vulnerability scanner etc. that are the core components of Android security architecture [4]. A user will end up installing all these 10-15 apps shown below to stay protected to a significant extent.G:\Fall'12\Capstone-I\Final PPR\Screenshot_2012-12-13-14-07-32.png

Fig 3. Screenshot from my own Android phone

Google, with the latest Android version, released a malware scanner codenamed "Bouncer" to automatically scan and detect the malicious apps in the market without disrupting user experience [4]. However, researchers probed the vulnerabilities in the software and proved that it could not detect many of the trojans, spyware, and malware [5].

Research Methodology

As has been explained above, most of the research done to reduce Android security issues have been have been effective only to a certain extent. There is no "one app for all" solution to prevent attacks on the vulnerabilities. In my research, I will address this issue by build an app that would perform all the functions as shown in the figure below.

Fig 4: App to solve the above security issues in Android

This project is different from the other security solutions available in the following ways:

The application is free for all the android users and will be made open source after the project. This helps the developers and researchers to contribute and customize as per their needs.

This app will perform all the functions as the premium antivirus apps do. In addition to that, this app looks for vulnerabilities in Kernel, spyware, adware, malicious activities from the apps installed, and most importantly this would look for web vulnerabilities such as SQL injection, cross-site scripting etc., in the browser. Later, it alerts the user to take an action [delete, ignore, quarantine etc.].

The app will procure data form from various sources especially from Android Malware Genome Project, started by researchers of North Carolina State University [6]. This project characterizes the existing malware collected from many parts of the world [6]. These signatures will be used by the app to remove the malware.

Since this is a real-time application, my research methodology would involve creating a laboratory setup with a laptop installed with Android sdk and a phone. Then, I would understand the Security Architecture of Android OS and how applications work based on user input [7]. The next would be to analyze the existing apps and their functionalities. Based on the analysis, I would prepare a plan about the areas where these apps can't scan. The next phase in my research would be to gather all the existing vulnerabilities that affected smartphones and also computers like SQLi etc., from various open source threat intelligence sources available. All the sources, stored in a database saved in the cloud, will then be used to develop the app which communicates with the database that contains the gathered threat intelligence content. I will measure the app by testing the app over multiple Android phones and analyzing the performance based on battery usage, detection rate, notifications and bandwidth usage. Based on the feedback, I would make necessary changes to get a refined end product.