Lars Jacobs, profile picture
Uploaded byLars Jacobs
PDF, PPTX4,127 views

Android Security

The document discusses Android security, covering topics such as system and kernel level security, user security features, and application security. It highlights vulnerabilities like malware threats, recent security breaches, and the role of permissions in app security. The presentation emphasizes the importance of securing users' sensitive data and improving security features in Android operating systems.

Embed presentation

Download as PDF, PPTX
ANDROID SECURITY Robin De Croon Lars Jacobs |H05D9a| Cryptografie en netwerkbeveiliging: hoorcollege prof. dr. Ir. Bart Preneel
Content • Introduction • System and Kernel Level Security • User Security Features • AndroidApplication Security • Recent Security Problems • Demo May 8, 2013 2 http://blog.thoughtpick.com/wp-content/uploads/2011/01/web_design_services.11-18.web_content.jpg
INTRODUCTION Introduction System and Kernel Level Security User Security Features Android Application Security Recent Security Problems Demo May 8, 2013 3
Introduction • All data located on your smartphone • Passwords • Photos • (Text) messages • Medical records • … • Smartphone cannot trust anyone • Android secure? • Open Source  Safer (Hoepman et al.) May 8, 2013 4
Distribution of mobile malware by platform in 2012 May 8, 2013 5
Mobile threats motivated by profit by year May 8, 2013 6
AndroidVersions May 8, 2013 7
Android Software Stack May 8, 2013 8
SYSTEM AND KERNEL LEVEL SECURITY Introduction System and Kernel Level Security User Security Features Android Application Security Recent Security Problems Demo May 8, 2013 9
Apps & Processes • Own Linux Process + user ID  Sandbox! •Data is protected from other apps •Secure IPC • API calls are authorized according to permissions • Hardware access is authorized by Group Membership • Java, Native,WebKit May 8, 2013 10
Bootloader • Bootloader is locked by default • Boot process • Signature check May 8, 2013 11
Memory management • A lot of memory corruption bugs  Attacker can control the program • Improvements •No eXecute (NX) (since Android 2.3) •Address Space Layout Randomization (since Android 4.0) •Position Independent Executables (since Android 4.1) •FORTIFY_SOURCE (since Android 4.2) May 8, 2013 12
Randomization in Android 2.3 May 8, 2013 13
Randomization in Android 4.0 May 8, 2013 14
Randomization in Android 4.1 May 8, 2013 15
Rooting •Default no root access •Possible through ‘su’ binary Bootloader unsafe Root apps can do ANYTHING Latest versions of Android May 8, 2013 16 http://1.bp.blogspot.com/-_DBO12vjaWM/Tu-bRCULR-I/AAAAAAAAA74/fZc-hszZarE/s1600/thumbs-up.jpg
USER SECURITY FEATURES Introduction System and Kernel Level Security User Security Features Android Application Security Recent Security Problems Demo May 8, 2013 17
Device protection • Screen lock •Face unlock, Pattern, PIN, Passcode, … • File Encryption • 128AES with CBC and ESSIV:SHA256 • Master key encrypted with 128 bit AES via openssl library May 8, 2013 18
Passwords are hashed •Salt saved on device •/data/data/com.android.providers.settings.databases •/data/system/locksettings.db •‘Easily’ brute forced with salt •Keys are stored in software! May 8, 2013 20
Android source code May 8, 2013 21
ANDROID APPLICATION SECURITY Introduction System and Kernel Level Security User Security Features Android Application Security Recent Security Problems Demo May 8, 2013 22
Android Permissions • Accessing protected APIs •Location (GPS), Camera, Bluetooth,Telephony, SMS/MMS, Network/data • Defined in AndroidManifest.xml May 8, 2013 23
Play Store security • App is self signed • Bouncer •Online version •Local version (since Android 4.2) • App encryption •Introduced in Android 4.1 •Shutdown due to bugs May 8, 2013 24
Cryptographic APIs • Primitives •AES, DSA, RSA, SHA • Higher level •SSL, HTTPS • Virtual Private Network •IPsec May 8, 2013 25
RECENT SECURITY PROBLEMS Introduction System and Kernel Level Security User Security Features Android Application Security Recent Security Problems Demo May 8, 2013 26
SMS problems • Smishing •http://www.youtube.com/watch?v=baWeMbGatfs • SMS to premium services •F-secure MobileThreat Report Q4 2012 •Kaspersky Security Bulletin 2012 May 8, 2013 27
Exynos Exploit • Exynos 4210 and 4412 processor •Sprint Galaxy S II, Galaxy S II, Galaxy S3, Galaxy Note, Galaxy Note 2, GalaxyTab 2, Galaxy Note 10.1, Galaxy Camera •Kernel: /dev/exynos-mem  R/W by all users  access to all physical memory • ExynosAbuse.apk May 8, 2013 28
DEMO Introduction System and Kernel Level Security User Security Features Android Application Security Recent Security Problems Demo May 8, 2013 29
References (I) • F-secure MobileThreat Report Q4 2012, http://www.f- secure.com/static/doc/labs_global/Research/Mobile%20Thre at%20Report%20Q4%202012.pdf • Google, “Android PlatformVersions.”, http://developer.android.com/about/dashboards/index.html #Platform • Google, “Android Security Overview”, http://source.android.com/tech/security/#android- application-security • S. Fahl, M. Harbach,T. Muders, M. Smith, L. Baumgärtner, and B. Freisleben, “Why eve and mallory love android,” in Proceedings of the 2012 ACM conference on Computer and communications security - CCS ’12, (NewYork, NewYork, USA), p. 50, ACM Press, 2012. May 8, 2013 30
References (II) • J.-H. Hoepman and B. Jacobs, “Increased security through open source”, Communications of the ACM, vol. 50, pp. 79– 83, Jan. 2007. • Matthias Lange, “State of the Union: Android security overview – Is Android the new XP?, http://de.droidcon.com/2013/sessnio/state-union-android- security-overview-android-new-xp • Xuxian Jiang, “SmishingVulnerability in Multiple Android Platforms”, http://www.cs.ncsu.edu/faculty/jiang/smishing.html • A. Shabtai, “Google Android: A Comprehensive Security Assessment”, Security & Privacy, IEEE, vol. 8, pp. 35-44, March-April 2010 May 8, 2013 31
References (III) • A. Barresi and P. Somogyvari, “Android Security – An Introduction”, www.youtube.com/watch?v=OOFzu2J3EBY •Kaspersky Security Bulletin 2012, https://www.securelist.com/en/analysis/204792255/Kas persky_Security_Bulletin_2012_The_overall_statistics_f or_2012 May 8, 2013 32
http://2.bp.blogspot.com/-gZjNR3XVULs/T_ZOVgE-5lI/AAAAAAAAAg8/6YVmd5Q064o/s1600/questions11.jpg May 8, 2013 33

More Related Content

PDF
Secure coding presentation Oct 3 2020
byMoataz Kamel
 
PPTX
Android security
byMobile Rtpl
 
PPTX
Android Security
byArqum Ahmad
 
PPTX
Android security
byMidhun P Gopi
 
PPTX
Mobile security
bypriyanka pandey
 
PPTX
Pentesting Android Applications
byCláudio André
 
PPTX
Mobile Application Security
byIshan Girdhar
 
PPTX
Understanding android security model
byPragati Rai
 
Secure coding presentation Oct 3 2020
byMoataz Kamel
 
Android security
byMobile Rtpl
 
Android Security
byArqum Ahmad
 
Android security
byMidhun P Gopi
 
Mobile security
bypriyanka pandey
 
Pentesting Android Applications
byCláudio André
 
Mobile Application Security
byIshan Girdhar
 
Understanding android security model
byPragati Rai
 

What's hot

PPTX
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
byAjin Abraham
 
PDF
Deep Dive Into Android Security
byMarakana Inc.
 
PPTX
Automated Security Analysis of Android & iOS Applications with Mobile Securit...
byAjin Abraham
 
PPTX
Secure coding practices
byMohammed Danish Amber
 
PPTX
Android Application Penetration Testing - Mohammed Adam
byMohammed Adam
 
PPT
Software security
byRoman Oliynykov
 
PPTX
Azure active directory
byRaju Kumar
 
PDF
Microsoft Azure Fundamentals
byAdwait Ullal
 
PPTX
Android architecture
bypoojapainter
 
PDF
Cybersecurity - Mobile Application Security
byEryk Budi Pratama
 
PDF
Android pentesting
byMykhailo Antonishyn
 
PPTX
Object Storage Overview
byCloudian
 
PPTX
Azure storage
byRaju Kumar
 
PPTX
Android Hacking + Pentesting
bySina Manavi
 
PDF
Threat Intelligence
byDeepak Kumar (D3)
 
PPTX
Introduction to Android and Android Studio
bySuyash Srijan
 
PDF
DevSecOps
bySpv Reddy
 
PDF
Microsoft 365 Compliance and Security Overview
byDavid J Rosenthal
 
PDF
MindMap - Forensics Windows Registry Cheat Sheet
byJuan F. Padilla
 
PDF
MITRE ATT&CK Framework
byn|u - The Open Security Community
 
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
byAjin Abraham
 
Deep Dive Into Android Security
byMarakana Inc.
 
Automated Security Analysis of Android & iOS Applications with Mobile Securit...
byAjin Abraham
 
Secure coding practices
byMohammed Danish Amber
 
Android Application Penetration Testing - Mohammed Adam
byMohammed Adam
 
Software security
byRoman Oliynykov
 
Azure active directory
byRaju Kumar
 
Microsoft Azure Fundamentals
byAdwait Ullal
 
Android architecture
bypoojapainter
 
Cybersecurity - Mobile Application Security
byEryk Budi Pratama
 
Android pentesting
byMykhailo Antonishyn
 
Object Storage Overview
byCloudian
 
Azure storage
byRaju Kumar
 
Android Hacking + Pentesting
bySina Manavi
 
Threat Intelligence
byDeepak Kumar (D3)
 
Introduction to Android and Android Studio
bySuyash Srijan
 
DevSecOps
bySpv Reddy
 
Microsoft 365 Compliance and Security Overview
byDavid J Rosenthal
 
MindMap - Forensics Windows Registry Cheat Sheet
byJuan F. Padilla
 
MITRE ATT&CK Framework
byn|u - The Open Security Community
 

Viewers also liked

PPTX
Permission in Android Security: Threats and solution
byTandhy Simanjuntak
 
PPTX
Android sandbox
byAnusha Chavan
 
PPT
Android ppt
byblogger at indiandswad
 
ODP
Android security in depth
bySander Alberink
 
PPTX
Presentation on Android operating system
bySalma Begum
 
PPT
Analysis and research of system security based on android
byRavishankar Kumar
 
PPTX
Android Device Hardening
byanupriti
 
PPTX
Security threats in Android OS + App Permissions
byHariharan Ganesan
 
PPTX
Android– forensics and security testing
bySanthosh Kumar
 
PDF
Testing Android Security Codemotion Amsterdam edition
byJose Manuel Ortega Candel
 
PPT
Android seminar-presentation
byconnectshilpa
 
PDF
Introduction to Android Development and Security
byKelwin Yang
 
PPTX
Android ppt
bysrikanth982
 
PDF
Bridging the Social Media Implementation/Audit Gap
byJerod Brennen
 
PPTX
Information Security and Privacy
byAnika Tasnim Hafiz
 
PDF
Security in Android Applications / Александр Смирнов (RedMadRobot)
byOntico
 
PPTX
Common Sense Security Framework
byJerod Brennen
 
PDF
Securing Android
byMarakana Inc.
 
PPTX
Webinar on Enterprise Security & android
byEndeavour Software Technologies
 
PPTX
Android secure offline storage - CC Mobile
byJWORKS powered by Ordina
 
Permission in Android Security: Threats and solution
byTandhy Simanjuntak
 
Android sandbox
byAnusha Chavan
 
Android ppt
byblogger at indiandswad
 
Android security in depth
bySander Alberink
 
Presentation on Android operating system
bySalma Begum
 
Analysis and research of system security based on android
byRavishankar Kumar
 
Android Device Hardening
byanupriti
 
Security threats in Android OS + App Permissions
byHariharan Ganesan
 
Android– forensics and security testing
bySanthosh Kumar
 
Testing Android Security Codemotion Amsterdam edition
byJose Manuel Ortega Candel
 
Android seminar-presentation
byconnectshilpa
 
Introduction to Android Development and Security
byKelwin Yang
 
Android ppt
bysrikanth982
 
Bridging the Social Media Implementation/Audit Gap
byJerod Brennen
 
Information Security and Privacy
byAnika Tasnim Hafiz
 
Security in Android Applications / Александр Смирнов (RedMadRobot)
byOntico
 
Common Sense Security Framework
byJerod Brennen
 
Securing Android
byMarakana Inc.
 
Webinar on Enterprise Security & android
byEndeavour Software Technologies
 
Android secure offline storage - CC Mobile
byJWORKS powered by Ordina
 

Similar to Android Security

PDF
Android Security
byRobin De Croon
 
PPTX
Android security
byBehzadBeigzadeh
 
PDF
Android Security: A Survey of Security Issues and Defenses
byIRJET Journal
 
PPTX
Mobile security
byStefaan
 
PDF
CodeMotion tel aviv 2015 - burning marshmallows
byRon Munitz
 
PPTX
Security models of modern mobile systems
byDivya Raval
 
PDF
Brief Tour about Android Security
byNational Cheng Kung University
 
ODP
Android security in depth - extended
bySander Alberink
 
PDF
Google android security_2018_report
bymalvvv
 
PPTX
Android is one of the most widely used mobile operating systems
byavinashaind89
 
PPTX
Android OS & Security.pptx
byBhumiAvhad1
 
PDF
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
byFelipe Prado
 
PPTX
[Wroclaw #1] Android Security Workshop
byOWASP
 
PPTX
Android ppt
byAlitaha Riyaz
 
PDF
Android system security
byChong-Kuan Chen
 
PDF
Mediating Applications on the Android System
byNizar Maan
 
PPTX
Security testing of mobile applications
byGTestClub
 
PDF
CNIT 128 7. Attacking Android Applications (Part 3)
bySam Bowne
 
PPTX
19-f15-mobile-security.pptx
byJhansigali
 
PDF
ToorCon 14 : Malandroid : The Crux of Android Infections
byAditya K Sood
 
Android Security
byRobin De Croon
 
Android security
byBehzadBeigzadeh
 
Android Security: A Survey of Security Issues and Defenses
byIRJET Journal
 
Mobile security
byStefaan
 
CodeMotion tel aviv 2015 - burning marshmallows
byRon Munitz
 
Security models of modern mobile systems
byDivya Raval
 
Brief Tour about Android Security
byNational Cheng Kung University
 
Android security in depth - extended
bySander Alberink
 
Google android security_2018_report
bymalvvv
 
Android is one of the most widely used mobile operating systems
byavinashaind89
 
Android OS & Security.pptx
byBhumiAvhad1
 
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
byFelipe Prado
 
[Wroclaw #1] Android Security Workshop
byOWASP
 
Android ppt
byAlitaha Riyaz
 
Android system security
byChong-Kuan Chen
 
Mediating Applications on the Android System
byNizar Maan
 
Security testing of mobile applications
byGTestClub
 
CNIT 128 7. Attacking Android Applications (Part 3)
bySam Bowne
 
19-f15-mobile-security.pptx
byJhansigali
 
ToorCon 14 : Malandroid : The Crux of Android Infections
byAditya K Sood
 

Recently uploaded

PDF
UiPath Coded Agents - A Developer Driven Agentic Automation Era
byUiPathCommunity
 
PDF
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
PDF
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
PDF
XonTel Plus IP-PBX Business Phone System
byXonTel Technology
 
PPTX
TechSprint Kickoff - Everything You Need to Know
bygdgcodecellcmpn
 
PDF
P6 Presentation basics for project control managers and planners
byNebojsaPavlovic9
 
PDF
Best-Travel-Portal-Development-Solutions-for-Online-Growth
bykashishnagarrajput
 
PDF
Effective Ai powered mock interview .pdf
byamazingnishusingh766
 
PDF
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
PPTX
Unit 1 Introduction of Computer Networks
bySuvarnaSharma5
 
PDF
2025-CB-NCAE-slide-deck.pptx-1-83.pdf Virtual Orientation on the Administrati...
byNelizabethEsplaguera1
 
PPTX
On-Device AI with Gemma 3n and PaliGemma 2 Session Slides - GDG VESIT
bygdgcodecellcmpn
 
PDF
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
PPTX
Lecture 04. about Black heads and Hackerss.pptx
byvinocol222
 
PDF
Saga: The new era of transactions in a microservices architecture
byGiovanni Marigi
 
PDF
January Patch Tuesday
byIvanti
 
PPTX
Full course that Prymehat uploads for you version 2
byOhenebaManu1
 
PPTX
KTU-PEMET413 -MODULE 2-POLYMER MATRIX COMPOSITES - LECTURE 1.pptx
byVINAY B
 
PDF
65 AI-related Posts Catalog https://tinyurl.com/mpavkr8z
byBob Marcus
 
PDF
KM World 2025 Enterprises, KM, & Agentic AI
byEnterprise Knowledge
 
UiPath Coded Agents - A Developer Driven Agentic Automation Era
byUiPathCommunity
 
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
XonTel Plus IP-PBX Business Phone System
byXonTel Technology
 
TechSprint Kickoff - Everything You Need to Know
bygdgcodecellcmpn
 
P6 Presentation basics for project control managers and planners
byNebojsaPavlovic9
 
Best-Travel-Portal-Development-Solutions-for-Online-Growth
bykashishnagarrajput
 
Effective Ai powered mock interview .pdf
byamazingnishusingh766
 
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
Unit 1 Introduction of Computer Networks
bySuvarnaSharma5
 
2025-CB-NCAE-slide-deck.pptx-1-83.pdf Virtual Orientation on the Administrati...
byNelizabethEsplaguera1
 
On-Device AI with Gemma 3n and PaliGemma 2 Session Slides - GDG VESIT
bygdgcodecellcmpn
 
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
Lecture 04. about Black heads and Hackerss.pptx
byvinocol222
 
Saga: The new era of transactions in a microservices architecture
byGiovanni Marigi
 
January Patch Tuesday
byIvanti
 
Full course that Prymehat uploads for you version 2
byOhenebaManu1
 
KTU-PEMET413 -MODULE 2-POLYMER MATRIX COMPOSITES - LECTURE 1.pptx
byVINAY B
 
65 AI-related Posts Catalog https://tinyurl.com/mpavkr8z
byBob Marcus
 
KM World 2025 Enterprises, KM, & Agentic AI
byEnterprise Knowledge
 

Android Security

  • 1.
    ANDROID SECURITY Robin DeCroon Lars Jacobs |H05D9a| Cryptografie en netwerkbeveiliging: hoorcollege prof. dr. Ir. Bart Preneel
  • 2.
    Content • Introduction • Systemand Kernel Level Security • User Security Features • AndroidApplication Security • Recent Security Problems • Demo May 8, 2013 2 http://blog.thoughtpick.com/wp-content/uploads/2011/01/web_design_services.11-18.web_content.jpg
  • 3.
    INTRODUCTION Introduction System and KernelLevel Security User Security Features Android Application Security Recent Security Problems Demo May 8, 2013 3
  • 4.
    Introduction • All datalocated on your smartphone • Passwords • Photos • (Text) messages • Medical records • … • Smartphone cannot trust anyone • Android secure? • Open Source  Safer (Hoepman et al.) May 8, 2013 4
  • 5.
    Distribution of mobilemalware by platform in 2012 May 8, 2013 5
  • 6.
    Mobile threats motivatedby profit by year May 8, 2013 6
  • 7.
  • 8.
  • 9.
    SYSTEM AND KERNEL LEVEL SECURITY Introduction Systemand Kernel Level Security User Security Features Android Application Security Recent Security Problems Demo May 8, 2013 9
  • 10.
    Apps & Processes •Own Linux Process + user ID  Sandbox! •Data is protected from other apps •Secure IPC • API calls are authorized according to permissions • Hardware access is authorized by Group Membership • Java, Native,WebKit May 8, 2013 10
  • 11.
    Bootloader • Bootloader islocked by default • Boot process • Signature check May 8, 2013 11
  • 12.
    Memory management • Alot of memory corruption bugs  Attacker can control the program • Improvements •No eXecute (NX) (since Android 2.3) •Address Space Layout Randomization (since Android 4.0) •Position Independent Executables (since Android 4.1) •FORTIFY_SOURCE (since Android 4.2) May 8, 2013 12
  • 13.
    Randomization in Android2.3 May 8, 2013 13
  • 14.
    Randomization in Android4.0 May 8, 2013 14
  • 15.
    Randomization in Android4.1 May 8, 2013 15
  • 16.
    Rooting •Default no rootaccess •Possible through ‘su’ binary Bootloader unsafe Root apps can do ANYTHING Latest versions of Android May 8, 2013 16 http://1.bp.blogspot.com/-_DBO12vjaWM/Tu-bRCULR-I/AAAAAAAAA74/fZc-hszZarE/s1600/thumbs-up.jpg
  • 17.
    USER SECURITY FEATURES Introduction System andKernel Level Security User Security Features Android Application Security Recent Security Problems Demo May 8, 2013 17
  • 18.
    Device protection • Screenlock •Face unlock, Pattern, PIN, Passcode, … • File Encryption • 128AES with CBC and ESSIV:SHA256 • Master key encrypted with 128 bit AES via openssl library May 8, 2013 18
  • 19.
    Passwords are hashed •Saltsaved on device •/data/data/com.android.providers.settings.databases •/data/system/locksettings.db •‘Easily’ brute forced with salt •Keys are stored in software! May 8, 2013 20
  • 20.
  • 21.
    ANDROID APPLICATION SECURITY Introduction System and KernelLevel Security User Security Features Android Application Security Recent Security Problems Demo May 8, 2013 22
  • 22.
    Android Permissions • Accessingprotected APIs •Location (GPS), Camera, Bluetooth,Telephony, SMS/MMS, Network/data • Defined in AndroidManifest.xml May 8, 2013 23
  • 23.
    Play Store security •App is self signed • Bouncer •Online version •Local version (since Android 4.2) • App encryption •Introduced in Android 4.1 •Shutdown due to bugs May 8, 2013 24
  • 24.
    Cryptographic APIs • Primitives •AES,DSA, RSA, SHA • Higher level •SSL, HTTPS • Virtual Private Network •IPsec May 8, 2013 25
  • 25.
    RECENT SECURITY PROBLEMS Introduction System andKernel Level Security User Security Features Android Application Security Recent Security Problems Demo May 8, 2013 26
  • 26.
    SMS problems • Smishing •http://www.youtube.com/watch?v=baWeMbGatfs •SMS to premium services •F-secure MobileThreat Report Q4 2012 •Kaspersky Security Bulletin 2012 May 8, 2013 27
  • 27.
    Exynos Exploit • Exynos4210 and 4412 processor •Sprint Galaxy S II, Galaxy S II, Galaxy S3, Galaxy Note, Galaxy Note 2, GalaxyTab 2, Galaxy Note 10.1, Galaxy Camera •Kernel: /dev/exynos-mem  R/W by all users  access to all physical memory • ExynosAbuse.apk May 8, 2013 28
  • 28.
    DEMO Introduction System and KernelLevel Security User Security Features Android Application Security Recent Security Problems Demo May 8, 2013 29
  • 29.
    References (I) • F-secureMobileThreat Report Q4 2012, http://www.f- secure.com/static/doc/labs_global/Research/Mobile%20Thre at%20Report%20Q4%202012.pdf • Google, “Android PlatformVersions.”, http://developer.android.com/about/dashboards/index.html #Platform • Google, “Android Security Overview”, http://source.android.com/tech/security/#android- application-security • S. Fahl, M. Harbach,T. Muders, M. Smith, L. Baumgärtner, and B. Freisleben, “Why eve and mallory love android,” in Proceedings of the 2012 ACM conference on Computer and communications security - CCS ’12, (NewYork, NewYork, USA), p. 50, ACM Press, 2012. May 8, 2013 30
  • 30.
    References (II) • J.-H.Hoepman and B. Jacobs, “Increased security through open source”, Communications of the ACM, vol. 50, pp. 79– 83, Jan. 2007. • Matthias Lange, “State of the Union: Android security overview – Is Android the new XP?, http://de.droidcon.com/2013/sessnio/state-union-android- security-overview-android-new-xp • Xuxian Jiang, “SmishingVulnerability in Multiple Android Platforms”, http://www.cs.ncsu.edu/faculty/jiang/smishing.html • A. Shabtai, “Google Android: A Comprehensive Security Assessment”, Security & Privacy, IEEE, vol. 8, pp. 35-44, March-April 2010 May 8, 2013 31
  • 31.
    References (III) • A.Barresi and P. Somogyvari, “Android Security – An Introduction”, www.youtube.com/watch?v=OOFzu2J3EBY •Kaspersky Security Bulletin 2012, https://www.securelist.com/en/analysis/204792255/Kas persky_Security_Bulletin_2012_The_overall_statistics_f or_2012 May 8, 2013 32
  • 32.