Understanding and Improving Security of the Android Operating System

Ratazzi, Edward P.

Understanding and Improving Security of the Android Operating System

Active / Technical Report | Accession Number: AD1052836 |

Open PDF

Abstract:

Realization of practical computer security improvements requires an insight into the systems security architecture, combined with a consideration of end-users needs as well as the systems design tenets. In spite of Androids open source philosophy, the system is extremely large and complex, documentation and reference materials are scarce, and the code base is rapidly evolving with new features and fixes. To make matters worse, the vast majority of Android devices in use do not run the open source code, but rather proprietary versions that have been heavily customized by vendors for product differentiation.

Author(s):

Ratazzi, Edward P.

Author Organization(s):

Syracuse University Syracuse United States

Descriptive Note:

Technical Report,01 Sep 2012,31 Dec 2016

Pagination:

0285

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

Distribution Statement:

Approved For Public Release;

RECORD

Collection: TR

Identifying Numbers

Report Number(s):

AFRL-RI-RS-TP-2018-001

Task Number(s):

R1GI

Project Number(s):

G2TS

Monitor Series:

AFRL-RI-RS-TP-2018-001

Subject Terms

Joint Capability Areas:

JCA_6.4.1_Secure Information Exchange; JCA_6_Net Centric; JCA_5_Command and Control; JCA_4.7.2_Installation Services; JCA_4.7_Base and Installations Support; JCA_6.4.2_Protect Data and Networks; JCA_6.4_Information Assurance; JCA_5.3_Planning; JCA_4.6_Engineering; JCA_4.6.1_General Engineering; JCA_5.3.2_Apply Situational Understanding; JCA_6.1.3_Switching and Routing; JCA_6.1.2_Wireless Transmission; JCA_6.1_Information Transport; JCA_5.2_Understand; JCA_5.2.3_Share Knowledge and Situational Awareness; JCA_6.2.1_Information Sharing; JCA_6.2.2_Computing Services; JCA_6.2.3_Core Enterprise Services; JCA_1_Force Support; JCA_6.2_Enterprise Services

Communities of Interest:

Cyber

Descriptor(s):

THESES, mobile operating systems, smart phones, virtualization, electronic security, computer security techniques, vulnerability, malware, application programming interface

Field(s)/Group(s):

Computer Systems, Computer Systems Management and Standards, Radio Communications

Keyword(s):

Android OPERATING SYSTEM, static analysis, access controls, automated modeling and analysis, vendor customizations, differential analysis methodology

Report Date:

2016 Dec 01

Creation Date:

2018 Jun 05