安全性和系统架构:Android自定义的比较

Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks Pub Date : 2015-06-22 DOI:10.1145/2766498.2766519

R. Gallo, Patricia Hongo, R. Dahab, L. C. Navarro, Henrique Kawakami, Kaio Galvão, Glauco Barroso Junquera, L. Ribeiro

{"title":"安全性和系统架构:Android自定义的比较","authors":"R. Gallo, Patricia Hongo, R. Dahab, L. C. Navarro, Henrique Kawakami, Kaio Galvão, Glauco Barroso Junquera, L. Ribeiro","doi":"10.1145/2766498.2766519","DOIUrl":null,"url":null,"abstract":"Smartphone manufacturers frequently customize Android distributions so as to create competitive advantages by adding, removing and modifying packages and configurations. In this paper we show that such modifications have deep architectural implications for security. We analysed five different distributions: Google Nexus 4, Google Nexus 5, Sony Z1, Samsung Galaxy S4 and Samsung Galaxy S5, all running OS versions 4.4.X (except for Samsung S4 running version 4.3). Our conclusions indicate that serious security issues such as expanded attack surface and poorer permission control grow sharply with the level of customization.","PeriodicalId":261845,"journal":{"name":"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","volume":"52 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"21","resultStr":"{\"title\":\"Security and system architecture: comparison of Android customizations\",\"authors\":\"R. Gallo, Patricia Hongo, R. Dahab, L. C. Navarro, Henrique Kawakami, Kaio Galvão, Glauco Barroso Junquera, L. Ribeiro\",\"doi\":\"10.1145/2766498.2766519\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Smartphone manufacturers frequently customize Android distributions so as to create competitive advantages by adding, removing and modifying packages and configurations. In this paper we show that such modifications have deep architectural implications for security. We analysed five different distributions: Google Nexus 4, Google Nexus 5, Sony Z1, Samsung Galaxy S4 and Samsung Galaxy S5, all running OS versions 4.4.X (except for Samsung S4 running version 4.3). Our conclusions indicate that serious security issues such as expanded attack surface and poorer permission control grow sharply with the level of customization.\",\"PeriodicalId\":261845,\"journal\":{\"name\":\"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks\",\"volume\":\"52 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-06-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"21\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2766498.2766519\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2766498.2766519","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 21

摘要

智能手机制造商经常定制Android发行版，以便通过添加、删除和修改软件包和配置来创造竞争优势。在本文中，我们展示了这种修改对安全性具有深刻的体系结构含义。我们分析了五种不同的操作系统:谷歌Nexus 4、谷歌Nexus 5、索尼Z1、三星Galaxy S4和三星Galaxy S5，它们都运行4.4版本的操作系统。X(运行4.3版本的三星S4除外)。我们的结论表明，严重的安全问题，如攻击面扩大和较差的权限控制随着定制水平的提高而急剧增长。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Security and system architecture: comparison of Android customizations

Smartphone manufacturers frequently customize Android distributions so as to create competitive advantages by adding, removing and modifying packages and configurations. In this paper we show that such modifications have deep architectural implications for security. We analysed five different distributions: Google Nexus 4, Google Nexus 5, Sony Z1, Samsung Galaxy S4 and Samsung Galaxy S5, all running OS versions 4.4.X (except for Samsung S4 running version 4.3). Our conclusions indicate that serious security issues such as expanded attack surface and poorer permission control grow sharply with the level of customization.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks

自引率

0.00%

发文量