Skip to main content
SpringerLink
Log in

Android Operating System

  • Chapter
  • First Online:
Understanding Cybersecurity on Smartphones

Part of the book series: Progress in IS ((PROIS))

  • 157 Accesses

Abstract

This chapter presents an overview of the Android operating system, focusing on its history, vulnerabilities, adversarial techniques, malware types, mitigating attacks, and the utilization of Android services. The chapter begins by exploring the basics of Android history, highlighting its evolution (version names) and key milestones. It then delves into cybersecurity concerns, discussing the vulnerabilities and risks associated with the Android platform. Adversarial techniques employed in exploiting Android vulnerabilities are examined, shedding light on the strategies used by attackers. The chapter proceeds to dissect various types of Android malware, emphasizing the diversity and potential impact of these threats. Current solutions for mitigating attacks on Android devices are explored, outlining the measures implemented to enhance security. Lastly, the trend of utilizing Android services is discussed, providing insights into the latest developments in this area. Overall, this chapter provides a comprehensive understanding of Android security concerns and countermeasures.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
eBook
USD 16.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 79.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://nodered.org/

  2. 2.

    https://www.openhab.org/

  3. 3.

    https://www.riot-os.org/

  4. 4.

    https://iot.eclipse.org/

References

  1. Desai, S. (2020). TikTok Spyware, A detailed analysis of spyware masquerading as TikTok. https://www.zscaler.com/blogs/security-research/tiktok-spyware

  2. Shishkova, T., & Pikman, L. (2018). The Rotexy mobile Trojan – banker and ransomware. https://securelist.com/the-rotexy-mobile-trojan-banker-and-ransomware/88893/

  3. Lashkari, A. H., Kadir, A. F., Taheri, L., & Ghorbani, A. A. (2018). Toward developing a systematic approach to generate benchmark Android malware datasets and classification. In 2018 International Carnahan Conference on Security Technology (ICCST) (pp. 1–7).

    Google Scholar 

  4. Lookout, M. (2019). The Mobile Surveillance Tooling of the Special Technology Center, Security research report. https://www.lookout.com/documents/threat-reports/lookout-discovers-monokle-threat-report.pdf

  5. Yuan, Z., Lu, Y., & Xue, Y. (2016). Droiddetector: Android malware characterization and detection using deep learning. Tsinghua Science and Technology, 21(1), 114–123.

    Article  Google Scholar 

  6. Wei, F., Li, Y., Roy, S., Ou, X., & Zhou, W. (2017). Deep ground truth analysis of current Android malware. In Detection of intrusions and malware, and vulnerability assessment: 14th international conference, DIMVA 2017, Bonn, July 6–7, 2017, Proceedings 14 (pp. 252–276). Springer International Publishing.

    Google Scholar 

  7. Li, J., Sun, L., Yan, Q., Li, Z., Srisa-An, W., & Ye, H. (2018). Significant permission identification for machine-learning-based Android malware detection. IEEE Transactions on Industrial Informatics, 14(7), 3216–3225.

    Article  Google Scholar 

  8. Chakkaravarthy, S. S., Sangeetha, D., & Vaidehi, V. (2019). A survey on malware analysis and mitigation techniques. Computer Science Review, 32, 1–23.

    Article  Google Scholar 

  9. Alzaylaee, M. K., Yerima, S. Y., & Sezer, S. (2020). DL-Droid: Deep learning-based Android malware detection using real devices. Computers and Security, 89, 101663.

    Article  Google Scholar 

  10. Rahali, A., Lashkari, A. H., Kaur, G., Taheri, L., Gagnon, F., & Massicotte, F. (2020). DIDroid: Android malware classification and characterization using deep image learning. In 2020 The 10th international conference on communication and network security (pp. 70–82).

    Google Scholar 

  11. Imtiaz, S. I., ur Rehman, S., Javed, A. R., Jalil, Z., Liu, X., & Alnumay, W. S. (2021). DeepAMD: Detection and identification of Android malware using high-efficient Deep Artificial Neural Network. Future Generation Computer Systems, 115, 844–856.

    Article  Google Scholar 

  12. Amin, M., Shah, B., Sharif, A., Ali, T., Kim, K. I., & Anwar, S. (2022). Android malware detection through generative adversarial networks. Transactions on Emerging Telecommunications Technologies, 33(2), e3675.

    Article  Google Scholar 

  13. Lookout, Dendroid malware taking over camera, record audio (2014) https://www.lookout.com/blog/dendroid

  14. MITRE Att@ck, Android Matrix. (2022). Android Matrix.

  15. Lookout, Stealth Mango & Tangelo. (2018). Selling your fruits to nation-state actors, Security research report. Stealth Mango & Tangelo.

  16. Hiroaki, H., Wu, L., Wu, L. (2019). XLoader Disguises as Android Apps, Has FakeSpy Links.

    Google Scholar 

  17. Feller, M. Infostealer, Keylogger, and Ransomware in One: Anubis targets more than 250 android applications. https://cofense.com/blog/infostealer-keylogger-ransomware-one-anubis-targets-250-android-applications/

  18. Guertin, A., & Kotov, V. (2020). PHA Family Highlights: Bread (and Friends), Android Security & Privacy Team, Google Security Blog. https://security.googleblog.com/2020/01/pha-family-highlights-bread-and-friends.html

  19. Hinchliffe, A., Harbison, M., Miller-Osborn, J., & Lancaster, T. (2018). HenBox: The chickens come home to roost, Unit 42. https://unit42.paloaltonetworks.com/unit42-henbox-chickens-come-home-roost/

  20. Threat Fabric. (2019). Ginp - A malware patchwork borrowing from Anubis. https://www.threatfabric.com/blogs/ginp_a_malware_patchwork_borrowing_from_anubis.html

  21. Pisarev, I. (2019). Gustuff: Weapon of mass infection, Group-IB. https://blog.group-ib.com/gustuff

  22. Hazum, A., He, F., Marom, I., Melnykov, B., Polkovnichenko, A. (2019). Agent Smith: A new species of mobile malware. Check Point Research. https://research.checkpoint.com/2019/agent-smith-a-new-species-of-mobile-malware/

  23. More than 1 million Google accounts breached by Gooligan, Check Point Research Team (2016). https://blog.checkpoint.com/research/1-million-google-accounts-breached-gooligan/

  24. Siewierski, L., PHA family highlights: Zen and its cousins, Google Security Blog, https://security.googleblog.com/2019/01/pha-family-highlights-zen-and-its.html

  25. Unuchek, R. (2017). Dvmap: the first Android malware with code injection. https://securelist.com/dvmap-the-first-android-malware-with-code-injection/78648/

  26. Firsh, A. (2018). BusyGasper – The unfriendly spy. https://securelist.com/busygasper-the-unfriendly-spy/87627/

  27. Trendmicro. (2015). 7 things you need to know about the Hacking Team’s leaked mobile malware suite. https://www.trendmicro.com/vinfo/us/security/news/mobile-safety/7-things-about-hacking-team-leaked-mobile-malware-suite

  28. Fratantonio, Y., Bianchi, A., Robertson, W., Kirda, E., Kruegel, C., & Vigna, G. (2016). Triggerscope: Towards detecting logic bombs in android applications. In 2016 IEEE Symposium on Security and Privacy (SP) (pp. 377–396).

    Google Scholar 

  29. Xu, E., & Guo, G. (2019). Mobile Campaign ‘Bouncing Golf’ affects Middle East, Trendmicro. https://www.trendmicro.com/en_us/research/19/f/mobile-cyberespionage-campaign-bouncing-golf-affects-middle-east.html

  30. Lookout. (2020). Mobile APT surveillance campaigns targeting Uyghurs. https://www.lookout.com/documents/threat-reports/us/lookout-uyghur-malwaretr-us.pdf

  31. Iarchy, R., & Rynkowski, E. (2018). GoldenCup: New cyber threat targeting world cup fans. https://symantec-enterprise-blogs.security.com/blogs/expert-perspectives/goldencup-new-cyber-threat-targeting-world-cup-fans

  32. Xu, E. & Guo, G. (2019). Mobile Campaign ‘Bouncing Golf’ Affects Middle East. https://www.trendmicro.com/en_us/research/19/f/mobile-cyberespionage-campaign-bouncing-golf-affects-middle-east.html

  33. Flossman, M. (2017). FrozenCell: Multi-platform surveillance campaign against Palestinians. https://www.lookout.com/blog/frozencell-mobile-threat

  34. Baumgartner, K., & Maslennikov, D. (2013). Android Trojan found in targeted attack. https://securelist.com/android-trojan-found-in-targeted-attack-58/35552/

  35. Ventura, V. (2018). GPlayed Trojan - .Net playing with Google Market. Talos. https://blog.talosintelligence.com/gplayedtrojan/

    Google Scholar 

  36. Zheng, C., Xiao, C., & Xu, Z. (2016). New Android Trojan “Xbot” phishes credit cards and bank accounts, encrypts devices for ransom. Security Research Report. https://unit42.paloaltonetworks.com/new-android-trojan-xbot-phishes-credit-cards-and-bank-accounts-encrypts-devices-for-ransom/

  37. Threat Fabric. (2017). Exobot (Marcher) - Android banking Trojan on the rise. https://www.threatfabric.com/blogs/exobot_android_banking_trojan_on_the_rise.html

    Google Scholar 

  38. Vijay, A., Portillo-Dominguez, A. O., & Ayala-Rivera, V. (2022). Android-based smartphone malware exploit prevention using a machine learning-based runtime detection system. In 2022 10th International Conference in Software Engineering Research and Innovation (CONISOFT).

    Google Scholar 

  39. Kiss, N., Lalande, J.F., Leslous, M., & Tong, V.V.T., 2016. Kharon dataset: Android malware under a microscope. In The LASER workshop: Learning from Authoritative Security Experiment Results (LASER 2016) (pp. 1–12).

    Google Scholar 

  40. Tong, F., & Yan, Z. (2017). A hybrid approach of mobile malware detection in Android. Journal of Parallel and Distributed Computing, 103(2017), 22–31.

    Article  Google Scholar 

  41. Zhou, Y., & Jiang, X. (2012, May). Dissecting android malware: Characterization and evolution. In 2012 IEEE symposium on security and privacy (pp. 95–109). IEEE.

    Google Scholar 

  42. Razgallah, A., Khoury, R., Hallé, S., & Khanmohammadi, K. (2021). A survey of malware detection in Android apps: Recommendations and perspectives for future research. Computer Science Review, 39, 100358.

    Article  Google Scholar 

  43. Burguera, I., Zurutuza, U., & Nadjm-Tehrani, S. (2011, October). Crowdroid: behavior-based malware detection system for Android. In Proceedings of the 1st ACM workshop on security and privacy in smartphones and mobile devices (pp. 15–26).

    Google Scholar 

  44. Peiravian, N., & Zhu, X. (2013, November). Machine learning for Android malware detection using permission and API calls. In 2013 IEEE 25th international conference on tools with artificial intelligence (pp. 300–305). IEEE.

    Google Scholar 

  45. Faruki, P., Bharmal, A., Laxmi, V., Ganmoor, V., Gaur, M. S., Conti, M., & Rajarajan, M. (2014). Android security: A survey of issues, malware penetration, and defenses. IEEE Communications Surveys and Tutorials, 17(2), 998–1022.

    Article  Google Scholar 

  46. Tam, K., Fattori, A., Khan, S., & Cavallaro, L. (2015, February). Copperdroid: Automatic reconstruction of Android malware behaviors. In NDSS Symposium 2015 (pp. 1–15).

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Centre of Excellence for Cybersecurity (CoExCyS), International Islamic University Malaysia, Wilayah Persekutuan, Kuala Lumpur, Malaysia

    Andi Fitriah Abdul Kadir

  2. Behaviour-Centric Cybersecurity Center (BCCC), School of Information Technology, York University, Toronto, ON, Canada

    Arash Habibi Lashkari

  3. MacEwan University, Edmonton, AB, Canada

    Mahdi Daghmehchi Firoozjaei

Authors
  1. Andi Fitriah Abdul Kadir
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Arash Habibi Lashkari
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mahdi Daghmehchi Firoozjaei
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Abdul Kadir, A.F., Habibi Lashkari, A., Daghmehchi Firoozjaei, M. (2024). Android Operating System. In: Understanding Cybersecurity on Smartphones. Progress in IS. Springer, Cham. https://doi.org/10.1007/978-3-031-48865-8_2

Download citation

Publish with us

Policies and ethics

Search

Navigation