Android security issues and solutions

Android operating system uses the permission-based model which allows Android applications to access user information, system information, device information and external resources of Smartphone. The developer needs to declare the permissions for the Android application. The user needs to accept these permissions for successful installation of an Android application. These permissions are declarations. At the time of installation, if the permissions are allowed by the user, the app can access resources and information anytime. It need not re-request for permissions again. Android OS is susceptible to various security attacks due to its weakness in security. This paper tells about the misuse of app permissions using Shared User ID, how two-factor authentications fail due to inappropriate and improper usage of app permissions using spyware, data theft in Android applications, security breaches or attacks in Android and analysis of Android, iOS and Windows operating system regarding its security.

[1]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[2]  Yingjiu Li,et al.  Permission based Android security: Issues and countermeasures , 2014, Comput. Secur..

[3]  XiaoFeng Wang,et al.  Upgrading Your Android, Elevating My Malware: Privilege Escalation through Mobile OS Updating , 2014, 2014 IEEE Symposium on Security and Privacy.

[4]  Joachim Gebauer Code Signing , 2012, Datenschutz und Datensicherheit - DuD.

[5]  Rosilah Hassan,et al.  Comparison between android and iOS Operating System in terms of security , 2013, 2013 8th International Conference on Information Technology in Asia (CITA).

[6]  Jae-Kyung Park,et al.  Studying Security Weaknesses of Android System , 2015 .

[7]  Divya Upadhyay,et al.  PeMo: Modifying application's permissions and preventing information stealing on smartphones , 2014, 2014 5th International Conference - Confluence The Next Generation Information Technology Summit (Confluence).