Review on Android and Smartphone Security
Currently, Android controls the largest market share among operating systems for smartphones. Smartphone users have woken up to the realization that security is an issue that must be kept in mind all the time. The enhancement of performance and increase in features also multiply in tandem with risk such as virus attacks. It is possible that Android could be the most secure operating system, compared to others, currently. There are limited restrictions for developers, however. Such a blank check allows for multiple security concerns for the end-user. This paper explores Android’s security model; it is the level of application and the security concerns with the operating system for smartphones.
There is no doubt that Android has exhibited truly modern smartphone features and tweaks. It is a typical open-source program. Applications from Android can use a broad range of software programs, including server and local data, networks, and other applications (Mohini, et al., 2013). To successfully run an open-source platform such as Android, one needs a highly sophisticated and anticipative approach and infrastructure. Android Operating System works with multi-layers of security precautions. It is an ideal platform for an open-source channel. Android incorporates a stack of software, with an Operating System, core application, and middleware in complete form (Kaur & Kaur, 2013).
Millions of mobile gadgets in over 190 countries across the globe use the Android Operating System. Android has been designed with architectural acumen that gives room for continuous improvement from developers from elsewhere. Indeed, the security elements have been designed to remain accommodative to developers. The developers have the window to use the versatile security buffers. There is a lack of familiarity by developers about security that applies by default. The end user’s interest drives the design of the Android Operating System and the device itself. It allows users to view how applications work and manage the same applications (Mohini, et al., 2013).
Figure 1 below compiles the security aspects of Android, including what is considered at various levels. Every element assumes that the one below it is appropriately secured. If an Android OS code running as root, with the exception, any process running over the Kernel for Linux is controlled by the Application Sandbox (Mohini, et al., 2013)
Figure 1: Architecture of Android (Mohini, et al., 2013)
i. Android is open source, thus, allows developers to enhance it (AOSP, 2013)
ii. The software for Android is for multitasking. Consequently, no software can gain serious access to OS components (AOSP, 2013)
iii. So far, UNIX is the most secure Operating System, and it is what Android uses (AOSP, 2013)
iv. If a developer wishes to publish their application on the open market, they require a unique signature to do so (AOSP, 2013).
v. iv. The developers need a unique signature to publish their application on the market (AOSP, 2013).
vi. Users have an avenue to report suspected security flaws through their Google accounts
vii. For application installation, all must seek clearance from the end-user
Security Concerns that Android Has Faced
Well, Android is not as secure as it appears, the layers of security measures notwithstanding. Some security concerns are apparent:
i. There is no security scan for Android for applications being uploaded on its customer stalls
ii. Some apps have been noted to carry the capacity to exploit the services of other apps installed on the Android system with no prior permission granted
iii. Android’s permission security model offers the user the power to decide whether an app is trustworthy or not. The latter model opens many worms because there will be lapses with lay security checks by end-users.
iv. While the open-source is available for trustworthy developers, hackers can access it just as well and easily. Consequently, Android renders itself illegitimate when one wishes to install critical systems.
v. Lastly, the Android system developers give a disclaimer that they cannot be held responsible for security lapses emanating from external storage. In other words, any app on the device can access the data on other apps and the device data in a similar fashion as GSM and IDs for SIM marketers with no permission from the end-user (Mohini, et al., 2013)
Applications function as processes for Linux using their IDs. Therefore they are separated. This means that the vulnerability of one App should not necessarily affect another. Because Android offers IPC mechanisms, which must be secured, there is a second line of enforcement that materializes. Android uses a monitor for reference used to mediate access to the components of applications anchored on user permissions. If an app attempts to access a different component, it must be cleared by the end-user through the end-user permission security gateway. Such permissions must be granted at the time of installation (AOSP, 2013).
Requests for plain text provide leakage of phone identifiers. Phone identifiers function as the fingerprints of the user phones. IMEI is specifically used to track individual phone users. IMEI is embedded in the PII, which is personally identifiable information. Some phone identifiers do not use leads to screen users. It is common for phone users to send phone identifiers to analytic advertiser servers.
Applying advanced tools to find bugs may not reveal the logical security issues such as unwelcome interactions between the phone elements. Given the ever-complex nature of emerging software, it is important for software companies to the security risks related to their code and the tools. They should, therefore, seek to understand the functionality of the program comprehensively to handle the task effectively (Berger, Bunke&Sohr, 2011)
Android Application Security Finding
Android application analysis and the finding are similar to an earlier finding of phone identifiers and location. The framework analysis allows for the observation of risky functionalities in its complex occurrences with the application context. Nevertheless, integrating the technologies into the certification process of an application process calls for overcoming logistical and technical obstacles (Enck, Octeau, McDaniel, and Chaudhuri, 2011). Improving Android devices’ security based on Linux algorithms and Open Source APIs could lead to malicious and benign research that could lead to a perfect and secure smartphone platform (Schmidt et al., 2008).
L4Android: This is a generic OS framework for secure smartphones. The title was the signature when they presented a generic OS framework that allows for creating a security system for smartphones. There are three primary elements in the framework. There is a micro-kernel to provide a safe foundation. A user-time runtime platform accompanies it. VMs constitute the third component that encapsulates the current smartphone operating system. They applied the primary elements of their framework on a cellphone X86 and ARM dais. They did a framework evaluation by demonstrating how it works with the available and as an Open source L4 to handle four challenges in the security of smartphones such as secure smartcards and unified corporate and private smartphones (Lackorzynski, Lange, Warg, Liebergeld, Peter, 2011).
Researches identified two fundamental causes of the attacks in WebView: TCB and sandbox weakening. They have demonstrated that the requirement for launching attacks on smartphone software is mature already. They also show that the potential victims are in great numbers. They are growing solutions in their current work. They create solutions to secure WEbView (Luo, Hao, Du, Wang, & Yin, 2011). The users of Android phones need to find a way to establish if the applications are releasing private information to unauthorized recipients. They developed a mapping between API calls and access rights they must be granted to execute. The App, Android Leaks, can analyze 24,350 within 30 hours. The App reduces the application numbers drastically, even the traces that an auditor has t confirm manually (Gibler, Crussell, Erickson & Chen, 2012).
The Open Source software of Android and the programmable framework behavior exposes it to virus attack possibilities. The title considers the fact that Smartphones are battery, memory, and speed constrained, thus, maximizing the use of the cloud to run the reputation index computation of a specific app. The model will alert users on the application risk before its installation by referring to the computed matrix of reputation inbuilt via a specified app. Applications can be grouped as extremely risky, of medium risk, less risk, and genuine. These ratings will all be based on the cloud reputation they have built. The experimental outcomes indicate that some applications should be viewed as highly risky. Thus, users should be warned to avoid installing such applications before improving their security standing by going past the threshold set by the reputation-based model for security (Mohini, et al., 2013).
Threats from privilege escalation are used taking advantage of kernel vulnerabilities of Android that are freely accessible gain higher or complete access to user or application that is a typically protected resource. Such a threat can result from unauthorized events from applications given extra privileges than intended. These can easily trigger sensitive information leakages. To gain access to critical privileges and permissions, the exported components of Android can be exploited (Ahmed & Sallow, 2019).
The threat collision is occurring from the user side. Users use a range of applications bearing the same certificate and grant a wide range of permissions that could be sensitive or not. The applications can access all resources after they have been installed. They can get permissions by utilizing an IUD that is shared (Ahmed & Sallow, 2019)..
The danger of malware for smartphones
Android gadgets are complicated, attractive, and vulnerable attacker targets due to their domain that accommodates broad application. The need to strongly protect Android is clear, preferably by using multiple and diverse invasion detection mechanisms. The security model presented runs detection of attacks on servers that are remote and in the cloud location where the phone software is reflected on a virtual machine (Mohini, et al., 2013).
There is also the malware danger facing Smartphones. APIs available publicly can generate fresh malware that extracts a range of private data, including executing an action that is harmful to devices infected. The first and most important data on Smartphones is private data and other cellphones. Thus, if it is lost or modified, it will harm the person that is infected. However, as fewer critical malware show up, considerations of security appear to lose their importance. However, such a stance is a grave mistake. It is wrong to underestimate Smartphone malware because it can cause irreparable damage and loss, not just relating to privacy matters but in a general sense and on security grounds (Schmidt et al., 2008.
SmartSiren: virus detection and alert for smartphones
Just as it is the era of Smartphones, so is the era of viruses. The vulnerability of Smartphones cannot be overemphasized. These devices are vulnerable since they are versatile in their communication options. They are also hard to harness because of their constraints in resources and intermittent connectivity on the network. Consequently, the viruses can spread and cripple smartphone users and cell phone users (Mohini, et al., 2013).
SmartSiren calls for limited assistance from the infrastructure of cellular phones. It comes with a limited cellular Smartphone overhead. Although users can be served well with targeted virus alert service, their privacy is protected too. The SmartSiren effectiveness and feasibility have been confirmed by real implementation and simulations that are driven (Mohini, et al., 2013).
This framework facilitates the detection of intrusion early. It tracks the malicious activity of malware on the Android platform. The MADAM framework strategy exploits a multilevel methodology, i.e., combining the features at kernel-level and the level at which it is applied. Machine learning techniques drive it. Thus, the initial prototype for Android Smartphone has detected all the 10 real malware that was monitored. It has an effect on the experience of the user owing to the few false generated every day. To our knowledge, the results are a clear improvement to the solutions generated in the previous work; both for enhancing the rate of detection of real malware on android smartphones and also false-positive occurrences (Dini, Martinelli,Saracino&Sgandurra, 2012).
Billions of people are now using smartphones. This means that its usage is growing, and so it is not easy to validate if an application is legitimate or malicious. Therefore, the user must choose whether it is safe to use the application. Note that there are different types of PCs and mobile devices in the resource management mechanism, so not all solutions could be compatible with all the devices (Ahmed & Sallow, 2019). As a result, academic research and anti-malware organizations have many security methods that could help recognize and classify threats that may affect the Android operating system. Going by this proposal, methods differ and could be arranged into several classifications. This is why this paper has looked at many security methods and threats and possible solutions classification.
Note that more than a million Android devices are activated (Mohini, et al., 2013). This is because there are fewer restrictions for the developer, which increases the risk to end-users. This paper has therefore reviewed security issues in Android smartphone OS. Thus integrating technologies in the application certification process may need that you overcome technical and logical challenges. Android avails more security than any other platform could provide. Kirin is working hard to transform Android into an OS that is secure than other platforms for computing platforms for the next generation.
Other than expanding Android smartphones, the number of malware, and the quantity of Android applications, continues to grow every day. However, the malware still exploits the existing security system weakness to access the resources. Therefore, several proposals have been presented to help prevent and control vulnerabilities in the Android platform.
Ahmed, O. & Sallow, A. B., 2019. Android Security: A Review. Academic Journal of Nawroz University.
Android Open Source Project. 2013. Android Security Overview. http://source.android.com/devices/tech/security/index.html.
Android Open Source Project. Security and permissions. 2013. http://developer.android.com/guide/topics/security/permissi ons.html.
Android Open Source Project. 2013. Publishing on GooglePlay. http://developer.android.com/distribute/googleplay/publish/ preparing.html.
Android Open Source Project. 2013. What is Android? http://developer.android.com/about/index.html
Berger B.J., Bunke M., and Sohr K., 2011. An Android Security Case Study with Bauhaus, Working Conference on Reverse Engineering, 179â€“183.
Dini G., Martinelli F., Saracino A. and Sgandurra D., 2012. MADAM: a multi-level anomaly detector for android malware, http://www.iet.unipi.it/g.dini/research/papers/2012-MMMANCS.pdf
Enck W., Octeau D., McDaniel P., and Chaudhuri S., 2011. A Study of Android Application Security, The 20th USENIX Conference on Security, 21-21.
Gibler, C., Crussell J., Erickson J., and Chen H., 2012. Android Leaks: Automatically Detecting Potential Privacy Leaks In Android Applications on a Large Scale, 5th international conference on Trust and Trustworthy Computing, 291-307.
Kaur, S., and Kaur, M., 2013. Review Paper on Implementing Security on Android Application, Journal of Environmental Sciences, Computer Science and Engineering & Technology, 2(3).
Lackorzynski, A., Lange M., Warg A., Liebergeld S., Peter M., 2011. L4Android: A Generic Operating System Framework for Secure Smartphones, 18th ACM Conference on Computer and Communications Security, 39-50.
Luo, T., Hao H., Du W., Wang Y., and Yin H., 2011. Attacks on WebView in the Android System, 27th Annual Computer Security Applications Conference, 343-352.
Mohini, T., Kumar, S. A. & Nitesh, G., 2013. Review on Android and Smartphone Security. Research Journal of Computer and Information Technology Sciences, 1(6), pp. 12-19.
Schmidt A.D., Schmidt H.G., Clausen J., Camtepe A., Albayrak S., and Yuksel K. Ali and Kiraz O., 2008. Enhancing Security of Linux-based Android Devices, http://www.dailabor.de/fileadmin/files/publications/lk2008-android_security. pdf
Get Professional Assignment Help Cheaply
Are you busy and do not have time to handle your assignment? Are you scared that your paper will not make the grade? Do you have responsibilities that may hinder you from turning in your assignment on time? Are you tired and can barely handle your assignment? Are your grades inconsistent?
Whichever your reason is, it is valid! You can get professional academic help from our service at affordable rates. We have a team of professional academic writers who can handle all your assignments.
Why Choose Our Academic Writing Service?
- Plagiarism free papers
- Timely delivery
- Any deadline
- Skilled, Experienced Native English Writers
- Subject-relevant academic writer
- Adherence to paper instructions
- Ability to tackle bulk assignments
- Reasonable prices
- 24/7 Customer Support
- Get superb grades consistently
Online Academic Help With Different Subjects
Students barely have time to read. We got you! Have your literature essay or book review written without having the hassle of reading the book. You can get your literature paper custom-written for you by our literature specialists.
Do you struggle with finance? No need to torture yourself if finance is not your cup of tea. You can order your finance paper from our academic writing service and get 100% original work from competent finance experts.
While psychology may be an interesting subject, you may lack sufficient time to handle your assignments. Don’t despair; by using our academic writing service, you can be assured of perfect grades. Moreover, your grades will be consistent.
Engineering is quite a demanding subject. Students face a lot of pressure and barely have enough time to do what they love to do. Our academic writing service got you covered! Our engineering specialists follow the paper instructions and ensure timely delivery of the paper.
In the nursing course, you may have difficulties with literature reviews, annotated bibliographies, critical essays, and other assignments. Our nursing assignment writers will offer you professional nursing paper help at low prices.
Truth be told, sociology papers can be quite exhausting. Our academic writing service relieves you of fatigue, pressure, and stress. You can relax and have peace of mind as our academic writers handle your sociology assignment.
We take pride in having some of the best business writers in the industry. Our business writers have a lot of experience in the field. They are reliable, and you can be assured of a high-grade paper. They are able to handle business papers of any subject, length, deadline, and difficulty!
We boast of having some of the most experienced statistics experts in the industry. Our statistics experts have diverse skills, expertise, and knowledge to handle any kind of assignment. They have access to all kinds of software to get your assignment done.
Writing a law essay may prove to be an insurmountable obstacle, especially when you need to know the peculiarities of the legislative framework. Take advantage of our top-notch law specialists and get superb grades and 100% satisfaction.
What discipline/subjects do you deal in?
We have highlighted some of the most popular subjects we handle above. Those are just a tip of the iceberg. We deal in all academic disciplines since our writers are as diverse. They have been drawn from across all disciplines, and orders are assigned to those writers believed to be the best in the field. In a nutshell, there is no task we cannot handle; all you need to do is place your order with us. As long as your instructions are clear, just trust we shall deliver irrespective of the discipline.
Are your writers competent enough to handle my paper?
Our essay writers are graduates with bachelor's, masters, Ph.D., and doctorate degrees in various subjects. The minimum requirement to be an essay writer with our essay writing service is to have a college degree. All our academic writers have a minimum of two years of academic writing. We have a stringent recruitment process to ensure that we get only the most competent essay writers in the industry. We also ensure that the writers are handsomely compensated for their value. The majority of our writers are native English speakers. As such, the fluency of language and grammar is impeccable.
What if I don’t like the paper?
There is a very low likelihood that you won’t like the paper.
- When assigning your order, we match the paper’s discipline with the writer’s field/specialization. Since all our writers are graduates, we match the paper’s subject with the field the writer studied. For instance, if it’s a nursing paper, only a nursing graduate and writer will handle it. Furthermore, all our writers have academic writing experience and top-notch research skills.
- We have a quality assurance that reviews the paper before it gets to you. As such, we ensure that you get a paper that meets the required standard and will most definitely make the grade.
In the event that you don’t like your paper:
- The writer will revise the paper up to your pleasing. You have unlimited revisions. You simply need to highlight what specifically you don’t like about the paper, and the writer will make the amendments. The paper will be revised until you are satisfied. Revisions are free of charge
- We will have a different writer write the paper from scratch.
- Last resort, if the above does not work, we will refund your money.
Will the professor find out I didn’t write the paper myself?
Not at all. All papers are written from scratch. There is no way your tutor or instructor will realize that you did not write the paper yourself. In fact, we recommend using our assignment help services for consistent results.
What if the paper is plagiarized?
We check all papers for plagiarism before we submit them. We use powerful plagiarism checking software such as SafeAssign, LopesWrite, and Turnitin. We also upload the plagiarism report so that you can review it. We understand that plagiarism is academic suicide. We would not take the risk of submitting plagiarized work and jeopardize your academic journey. Furthermore, we do not sell or use prewritten papers, and each paper is written from scratch.
When will I get my paper?
You determine when you get the paper by setting the deadline when placing the order. All papers are delivered within the deadline. We are well aware that we operate in a time-sensitive industry. As such, we have laid out strategies to ensure that the client receives the paper on time and they never miss the deadline. We understand that papers that are submitted late have some points deducted. We do not want you to miss any points due to late submission. We work on beating deadlines by huge margins in order to ensure that you have ample time to review the paper before you submit it.
Will anyone find out that I used your services?
We have a privacy and confidentiality policy that guides our work. We NEVER share any customer information with third parties. Noone will ever know that you used our assignment help services. It’s only between you and us. We are bound by our policies to protect the customer’s identity and information. All your information, such as your names, phone number, email, order information, and so on, are protected. We have robust security systems that ensure that your data is protected. Hacking our systems is close to impossible, and it has never happened.
How our Assignment Help Service Works
1. Place an order
You fill all the paper instructions in the order form. Make sure you include all the helpful materials so that our academic writers can deliver the perfect paper. It will also help to eliminate unnecessary revisions.
2. Pay for the order
Proceed to pay for the paper so that it can be assigned to one of our expert academic writers. The paper subject is matched with the writer’s area of specialization.
3. Track the progress
You communicate with the writer and know about the progress of the paper. The client can ask the writer for drafts of the paper. The client can upload extra material and include additional instructions from the lecturer. Receive a paper.
4. Download the paper
The paper is sent to your email and uploaded to your personal account. You also get a plagiarism report attached to your paper.
PLACE THIS ORDER OR A SIMILAR ORDER WITH US TODAY AND GET A PERFECT SCORE!!!