Google Android: A Comprehensive Security Assessment Academic Article uri icon


  • Google's Android—an open, programma- ble software framework—is vulnerable to typical smart-phone attacks. Such attacks can make the phone partially or fully unusable, cause unwanted SMS/MMS (short message service/multi- media messaging service) billing, or expose private information.1 Smart-phone attack vectors include cell ular networks, Bluetooth, the Internet (via Wi-Fi, General Packet Radio Service/Enhanced Data Rates for Global Evolution, or 3G network access), USB, and other peripherals.2 Smart-phone malware evolve very quickly due to the experience malware writers have gained with PC malware. As Alexander Gostev estimates,3 two years are sufficient for smart-phone viruses to evolve to a level that computer viruses only reached after 20 years. Thus, the challenge in ensur- ing smart-phone security is becoming similar to that confronting the PC.4 Among the most prominent smart-phone malware types are the Lasco/Cabir5 …

publication date

  • January 1, 2010