Understanding and Improving App Installation Security Mechanisms Through Empirical Analysis of Android

The authors provide a detailed analysis of two largely unexplored aspects of the security decisions made by the Android operating system during the app installation process: update integrity and UID assignment. To inform their analysis, they collect a dataset of Android application metadata and ex-tract features from these binaries to gain a better under-standing of how developers interact with the security mechanisms invoked during installation. Using the dataset, they find empirical evidence that Android's current signing architecture does not encourage best security practices. They also find that limitations of Android's UID sharing method force developers to write custom code rather than rely on OS-level mechanisms for secure data transfer between apps.

Provided by: Association for Computing Machinery Topic: Security Date Added: Oct 2012 Format: PDF

Find By Topic