Information security evaluation for Android mobile operating system

One of the main directions of information systems development is to increase the efficiency of collecting, processing and exchanging information through the introduction of modern data transfer technologies, automated remote monitoring and control. The cornerstone of this concept is mobile devices that solve the issue of operational data exchange and processing. Modern mobile services used including the exchange and processing of personalized, banking and critical data are the result of the steady increase in the number of crimes in the field of information security in relation to and using mobile devices. The widespread use of these devices for access to protected information contained in information systems has given special importance to the issue of information security.

The subject of this research is to assess the current state of information security mechanisms for mobile operating systems that form the basis of the structure of episodic distributed mobile networks. The Android OS (operating system) was used as an example. The article discusses the problems of the development of a mobile ecosystem and methods aimed at solving them, the main vectors of malicious impact, ways of countering the means of static and dynamic analysis and modern protection mechanisms.

1. Operating System Market Share Worldwide. URL: http://gs.statcounter.com/os-market-share (accessed March 02, 2019).

2. Android Architecture. URL: https://source.android.com/devices/architecture (accessed January 02, 2019).

3. Android Enterprise Recommended. URL: https://www.android.com/intl/ru_ru/enterprise/recommended/(accessed January 02, 2019).

4. Android version market share distribution among smartphone owners as of September 2018. URL: https://www.statista.com/statistics/271774/share-of-android-platforms-on-mobile-devices-with-android-os/ (accessed February 23, 2019).

5. Stoep J.V. Android: protecting the kernel. – 2016, 35 p. URL: https://events.linuxfoundation.org/sites/events/files/slides/Android%20protecting%20the%20kernel.pdf (accessed March 03, 2019).

6. Vigna G. How automated vulnerability analysis discovered hundreds of Android 0-days. URL: https://www.rsaconference.com/writable/presentations/file_upload/mbs-r14-how-automated-vulnerability-analysis-discoveredhundreds-of-android-0-days.pdf (accessed January 02, 2019).

7. Chebyshev V. Mobile malware evolution 2018. URL: https://securelist.com/mobile-malwareevolution-2018/89689/ (accessed March 15, 2019).

8. Романеев М. Проблемы безопасности Android-приложений: классификация и анализ [Romaneev M. Android Application Security Issues: Classification and Analysis]. URL: http://www.pvsm.ru/android/260205#17 (accessed February 27, 2019).

9. Kaspersky_Lab Security Week 45: Кое-что об уязвимостях в Bluetooth [Something about Bluetooth vulnerabilities]. URL: http://www.pvsm.ru/android/298251 (accessed February 10, 2019).

10. CVE-2017-0466 Detail. URL: https://nvd.nist.gov/vuln/detail/CVE-2017-0466 (accessed April 22, 2019).

11. Petsas T., Voyatzis G., Athanasopoulos E., Ioannidis S., Polychronakis M. Rage against the virtual machine: Hindering dynamic analysis of Аndroid malware [presentation]. URL: http://www.syssec-project.eu/m/documents/eurosec14/RATVM.pdf (accessed November 18, 2018).

12. Petsas T., Voyatzis G., Athanasopoulos E., Ioannidis S., Polychronakis M. Rage against the virtual machine: Hindering dynamic analysis of Android malware URL: http://www.syssec-project.eu/m/page-media/3/petsas_rage_against_the_virtual_machine.pdf (accessed March 02, 2019).

13. Android Security & Privacy 2018 Year in Review. URL: https://source.android.com/security/reports/Google_Android_Security_2018_Report_Final.pdf (accessed March 02, 2019).

14. Security Blog. URL: https://security.googleblog.com/search/label/android%20security (accessed April 02, 2019).

15. Vulnerability Trends Over Time. URL: https://www.cvedetails.com/product/19997/Google-Android. html?vendor_id=1224 (accessed April 25, 2019).