<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.3 20210610//EN" "JATS-journalpublishing1-3.dtd">
<article article-type="research-article" dtd-version="1.3" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xml:lang="ru"><front><journal-meta><journal-id journal-id-type="publisher-id">mireabulletin</journal-id><journal-title-group><journal-title xml:lang="ru">Russian Technological Journal</journal-title><trans-title-group xml:lang="en"><trans-title>Russian Technological Journal</trans-title></trans-title-group></journal-title-group><issn pub-type="ppub">2782-3210</issn><issn pub-type="epub">2500-316X</issn><publisher><publisher-name>RTU MIREA</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.32362/2500-316X-2019-7-6-44-55</article-id><article-id custom-type="elpub" pub-id-type="custom">mireabulletin-180</article-id><article-categories><subj-group subj-group-type="heading"><subject>Research Article</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="ru"><subject>ИНФОРМАЦИОННЫЕ СИСТЕМЫ. ИНФОРМАТИКА. ПРОБЛЕМЫ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="en"><subject>INFORMATION SYSTEMS. COMPUTER SCIENCES. ISSUES OF INFORMATION SECURITY</subject></subj-group></article-categories><title-group><article-title>Оценка уровня информационной безопасности мобильной операционной системы Android</article-title><trans-title-group xml:lang="en"><trans-title>Information security evaluation for Android mobile operating system</trans-title></trans-title-group></title-group><contrib-group><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0002-3174-4550</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Изергин</surname><given-names>Д. А.</given-names></name><name name-style="western" xml:lang="en"><surname>Izergin</surname><given-names>Dmitriy A.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Изергин Дмитрий Андреевич, ассистент кафедры КБ-4 «Интеллектуальные системы информационной безопасности»</p><p>119454, Россия, Москва, пр-т Вернадского, д. 78</p></bio><bio xml:lang="en"><p>Dmitriy A. Izergin, Assistant of Professor of the Chair CS-4 “Intelligent Information Security Systems”</p><p>78, Vernadskogo pr., Moscow 119454, Russia</p></bio><email xlink:type="simple">izergind@gmail.com</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0002-5511-4000</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Еремеев</surname><given-names>М. А.</given-names></name><name name-style="western" xml:lang="en"><surname>Eremeev</surname><given-names>Mikhail A.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Еремеев Михаил Алексеевич, доктор технических наук, профессор, профессор кафедры КБ-2 «Прикладныеинформационные технологии»</p><p>119454, Россия, Москва, пр-т Вернадского, д. 78</p></bio><bio xml:lang="en"><p>Mikhail A. Eremeev, Dr. of Sci. (Engineering), Professor, Professor of the Chair CS-2 “Applied Information Technologies”</p><p>78, Vernadskogo pr., Moscow 119454, Russia</p></bio><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0001-8560-1937</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Магомедов</surname><given-names>Ш. Г.</given-names></name><name name-style="western" xml:lang="en"><surname>Magomedov</surname><given-names>Shamil G.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Магомедов Шамиль Гасангусейнович, кандидат технических наук, доцент кафедры КБ-4 «Интеллектуальные системы информационной безопасности», ResearcherID M-5782-2016</p><p>119454, Россия, Москва, пр-т Вернадского, д. 78</p></bio><bio xml:lang="en"><p>Shamil G. Magomedov, Cand. of Sci. (Engineering), Associate Professor of the Chair CS-4 “Intelligent Information Security Systems”</p><p>78, Vernadskogo pr., Moscow 119454, Russia</p></bio><email xlink:type="simple">magomedov_sh@mirea.ru</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0003-4387-0850</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Смирнов</surname><given-names>С. И.</given-names></name><name name-style="western" xml:lang="en"><surname>Smirnov</surname><given-names>Stanislav I.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Смирнов Станислав Игоревич, старший преподаватель кафедры КБ-4 «Интеллектуальные системы информационной безопасности»</p><p>119454, Россия, Москва, пр-т Вернадского, д. 78</p></bio><bio xml:lang="en"><p>Stanislav I. Smirnov, Senior Lecturer of the Chair CS-4 “Intelligent Information Security Systems”</p><p>78, Vernadskogo pr., Moscow 119454, Russia</p></bio><xref ref-type="aff" rid="aff-1"/></contrib></contrib-group><aff-alternatives id="aff-1"><aff xml:lang="ru"><institution>МИРЭА – Российский технологический университет</institution><country>Россия</country></aff><aff xml:lang="en"><institution>MIREA – Russian Technological University</institution><country>Russian Federation</country></aff></aff-alternatives><pub-date pub-type="collection"><year>2019</year></pub-date><pub-date pub-type="epub"><day>09</day><month>01</month><year>2020</year></pub-date><volume>7</volume><issue>6</issue><fpage>44</fpage><lpage>55</lpage><permissions><copyright-statement>Copyright &amp;#x00A9; Изергин Д.А., Еремеев М.А., Магомедов Ш.Г., Смирнов С.И., 2020</copyright-statement><copyright-year>2020</copyright-year><copyright-holder xml:lang="ru">Изергин Д.А., Еремеев М.А., Магомедов Ш.Г., Смирнов С.И.</copyright-holder><copyright-holder xml:lang="en">Izergin D.A., Eremeev M.A., Magomedov S.G., Smirnov S.I.</copyright-holder><license xml:lang="ru" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>Данная работа распространяется под лицензией Creative Commons Attribution 4.0.</license-p></license><license xml:lang="en" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>This work is licensed under a Creative Commons Attribution 4.0 License.</license-p></license></permissions><self-uri xlink:href="https://www.rtj-mirea.ru/jour/article/view/180">https://www.rtj-mirea.ru/jour/article/view/180</self-uri><abstract><p>Одним из главных направлений развития информационных систем является повышение эффективности сбора, обработки и обмена информацией на основе внедрения современных технологий передачи данных, автоматизированного дистанционного мониторинга и управления. Краеугольным камнем данной концепции являются мобильные устройства, решающие вопрос оперативного обмена данными и их обработки. Современные мобильные сервисы, использующиеся в том числе для обмена и обработки персонализированных, банковских и критически важных данных, появляются вследствие неуклонного роста количества преступлений в сфере информационной безопасности в отношении и с использованием мобильных устройств. Широкое применение данных устройств для доступа к защищаемой информации, содержащейся в информационных системах, придало вопросу обеспечения информационной защищенности особое значение.</p><p>Предметом исследования данной статьи является оценка текущего состояния механизмов обеспечения информационной безопасности мобильных операционных систем, составляющих основу структуры эпизодических распределенных мобильных сетей, на примере ОС (операционной системы) Android. В статье рассмотрены проблемы развития мобильной экосистемы и методы, направленные на их решение, основные векторы вредоносного воздействия, способы противодействия средствам статического и динамического анализа и современные механизмы защиты.</p></abstract><trans-abstract xml:lang="en"><p>One of the main directions of information systems development is to increase the efficiency of collecting, processing and exchanging information through the introduction of modern data transfer technologies, automated remote monitoring and control. The cornerstone of this concept is mobile devices that solve the issue of operational data exchange and processing. Modern mobile services used including the exchange and processing of personalized, banking and critical data are the result of the steady increase in the number of crimes in the field of information security in relation to and using mobile devices. The widespread use of these devices for access to protected information contained in information systems has given special importance to the issue of information security.</p><p>The subject of this research is to assess the current state of information security mechanisms for mobile operating systems that form the basis of the structure of episodic distributed mobile networks. The Android OS (operating system) was used as an example. The article discusses the problems of the development of a mobile ecosystem and methods aimed at solving them, the main vectors of malicious impact, ways of countering the means of static and dynamic analysis and modern protection mechanisms.</p></trans-abstract><kwd-group xml:lang="ru"><kwd>мобильные операционные системы</kwd><kwd>Android</kwd><kwd>вредоносное воздействие</kwd><kwd>информационная безопасность</kwd><kwd>механизмы защиты</kwd></kwd-group><kwd-group xml:lang="en"><kwd>mobile operating systems</kwd><kwd>Android</kwd><kwd>malicious impact</kwd><kwd>information security</kwd><kwd>protection mechanisms</kwd></kwd-group></article-meta></front><back><ref-list><title>References</title><ref id="cit1"><label>1</label><citation-alternatives><mixed-citation xml:lang="ru">Operating System Market Share Worldwide. URL: http://gs.statcounter.com/os-market-share (accessed March 02, 2019).</mixed-citation><mixed-citation xml:lang="en">Operating System Market Share Worldwide. URL: http://gs.statcounter.com/os-market-share (accessed March 02, 2019).</mixed-citation></citation-alternatives></ref><ref id="cit2"><label>2</label><citation-alternatives><mixed-citation xml:lang="ru">Android Architecture. URL: https://source.android.com/devices/architecture (accessed January 02, 2019).</mixed-citation><mixed-citation xml:lang="en">Android Architecture. URL: https://source.android.com/devices/architecture (accessed January 02, 2019).</mixed-citation></citation-alternatives></ref><ref id="cit3"><label>3</label><citation-alternatives><mixed-citation xml:lang="ru">Android Enterprise Recommended. URL: https://www.android.com/intl/ru_ru/enterprise/recommended/(accessed January 02, 2019).</mixed-citation><mixed-citation xml:lang="en">Android Enterprise Recommended. URL: https://www.android.com/intl/ru_ru/enterprise/recommended/(accessed January 02, 2019).</mixed-citation></citation-alternatives></ref><ref id="cit4"><label>4</label><citation-alternatives><mixed-citation xml:lang="ru">Android version market share distribution among smartphone owners as of September 2018. URL: https://www.statista.com/statistics/271774/share-of-android-platforms-on-mobile-devices-with-android-os/ (accessed February 23, 2019).</mixed-citation><mixed-citation xml:lang="en">Android version market share distribution among smartphone owners as of September 2018. URL: https://www.statista.com/statistics/271774/share-of-android-platforms-on-mobile-devices-with-android-os/ (accessed February 23, 2019).</mixed-citation></citation-alternatives></ref><ref id="cit5"><label>5</label><citation-alternatives><mixed-citation xml:lang="ru">Stoep J.V. Android: protecting the kernel. – 2016, 35 p. URL: https://events.linuxfoundation.org/sites/events/files/slides/Android%20protecting%20the%20kernel.pdf (accessed March 03, 2019).</mixed-citation><mixed-citation xml:lang="en">Stoep J.V. Android: protecting the kernel. – 2016, 35 p. URL: https://events.linuxfoundation.org/sites/events/files/slides/Android%20protecting%20the%20kernel.pdf (accessed March 03, 2019).</mixed-citation></citation-alternatives></ref><ref id="cit6"><label>6</label><citation-alternatives><mixed-citation xml:lang="ru">Vigna G. How automated vulnerability analysis discovered hundreds of Android 0-days. URL: https://www.rsaconference.com/writable/presentations/file_upload/mbs-r14-how-automated-vulnerability-analysis-discoveredhundreds-of-android-0-days.pdf (accessed January 02, 2019).</mixed-citation><mixed-citation xml:lang="en">Vigna G. How automated vulnerability analysis discovered hundreds of Android 0-days. URL: https://www.rsaconference.com/writable/presentations/file_upload/mbs-r14-how-automated-vulnerability-analysis-discoveredhundreds-of-android-0-days.pdf (accessed January 02, 2019).</mixed-citation></citation-alternatives></ref><ref id="cit7"><label>7</label><citation-alternatives><mixed-citation xml:lang="ru">Chebyshev V. Mobile malware evolution 2018. URL: https://securelist.com/mobile-malwareevolution-2018/89689/ (accessed March 15, 2019).</mixed-citation><mixed-citation xml:lang="en">Chebyshev V. Mobile malware evolution 2018. URL: https://securelist.com/mobile-malwareevolution-2018/89689/ (accessed March 15, 2019).</mixed-citation></citation-alternatives></ref><ref id="cit8"><label>8</label><citation-alternatives><mixed-citation xml:lang="ru">Романеев М. Проблемы безопасности Android-приложений: классификация и анализ [Romaneev M. Android Application Security Issues: Classification and Analysis]. URL: http://www.pvsm.ru/android/260205#17 (accessed February 27, 2019).</mixed-citation><mixed-citation xml:lang="en">Романеев М. Проблемы безопасности Android-приложений: классификация и анализ [Romaneev M. Android Application Security Issues: Classification and Analysis]. URL: http://www.pvsm.ru/android/260205#17 (accessed February 27, 2019).</mixed-citation></citation-alternatives></ref><ref id="cit9"><label>9</label><citation-alternatives><mixed-citation xml:lang="ru">Kaspersky_Lab Security Week 45: Кое-что об уязвимостях в Bluetooth [Something about Bluetooth vulnerabilities]. URL: http://www.pvsm.ru/android/298251 (accessed February 10, 2019).</mixed-citation><mixed-citation xml:lang="en">Kaspersky_Lab Security Week 45: Кое-что об уязвимостях в Bluetooth [Something about Bluetooth vulnerabilities]. URL: http://www.pvsm.ru/android/298251 (accessed February 10, 2019).</mixed-citation></citation-alternatives></ref><ref id="cit10"><label>10</label><citation-alternatives><mixed-citation xml:lang="ru">CVE-2017-0466 Detail. URL: https://nvd.nist.gov/vuln/detail/CVE-2017-0466 (accessed April 22, 2019).</mixed-citation><mixed-citation xml:lang="en">CVE-2017-0466 Detail. URL: https://nvd.nist.gov/vuln/detail/CVE-2017-0466 (accessed April 22, 2019).</mixed-citation></citation-alternatives></ref><ref id="cit11"><label>11</label><citation-alternatives><mixed-citation xml:lang="ru">Petsas T., Voyatzis G., Athanasopoulos E., Ioannidis S., Polychronakis M. Rage against the virtual machine: Hindering dynamic analysis of Аndroid malware [presentation]. URL: http://www.syssec-project.eu/m/documents/eurosec14/RATVM.pdf (accessed November 18, 2018).</mixed-citation><mixed-citation xml:lang="en">Petsas T., Voyatzis G., Athanasopoulos E., Ioannidis S., Polychronakis M. Rage against the virtual machine: Hindering dynamic analysis of Аndroid malware [presentation]. URL: http://www.syssec-project.eu/m/documents/eurosec14/RATVM.pdf (accessed November 18, 2018).</mixed-citation></citation-alternatives></ref><ref id="cit12"><label>12</label><citation-alternatives><mixed-citation xml:lang="ru">Petsas T., Voyatzis G., Athanasopoulos E., Ioannidis S., Polychronakis M. Rage against the virtual machine: Hindering dynamic analysis of Android malware URL: http://www.syssec-project.eu/m/page-media/3/petsas_rage_against_the_virtual_machine.pdf (accessed March 02, 2019).</mixed-citation><mixed-citation xml:lang="en">Petsas T., Voyatzis G., Athanasopoulos E., Ioannidis S., Polychronakis M. Rage against the virtual machine: Hindering dynamic analysis of Android malware URL: http://www.syssec-project.eu/m/page-media/3/petsas_rage_against_the_virtual_machine.pdf (accessed March 02, 2019).</mixed-citation></citation-alternatives></ref><ref id="cit13"><label>13</label><citation-alternatives><mixed-citation xml:lang="ru">Android Security &amp; Privacy 2018 Year in Review. URL: https://source.android.com/security/reports/Google_Android_Security_2018_Report_Final.pdf (accessed March 02, 2019).</mixed-citation><mixed-citation xml:lang="en">Android Security &amp; Privacy 2018 Year in Review. URL: https://source.android.com/security/reports/Google_Android_Security_2018_Report_Final.pdf (accessed March 02, 2019).</mixed-citation></citation-alternatives></ref><ref id="cit14"><label>14</label><citation-alternatives><mixed-citation xml:lang="ru">Security Blog. URL: https://security.googleblog.com/search/label/android%20security (accessed April 02, 2019).</mixed-citation><mixed-citation xml:lang="en">Security Blog. URL: https://security.googleblog.com/search/label/android%20security (accessed April 02, 2019).</mixed-citation></citation-alternatives></ref><ref id="cit15"><label>15</label><citation-alternatives><mixed-citation xml:lang="ru">Vulnerability Trends Over Time. URL: https://www.cvedetails.com/product/19997/Google-Android. html?vendor_id=1224 (accessed April 25, 2019).</mixed-citation><mixed-citation xml:lang="en">Vulnerability Trends Over Time. URL: https://www.cvedetails.com/product/19997/Google-Android. html?vendor_id=1224 (accessed April 25, 2019).</mixed-citation></citation-alternatives></ref></ref-list><fn-group><fn fn-type="conflict"><p>The authors declare that there are no conflicts of interest present.</p></fn></fn-group></back></article>
