Skip to Main content Skip to Navigation
New interface

A Multidimensional Analysis of The Android Security Ecosystem

Abstract : With more than 2.5 billion active devices based on Android, Google's mobile operating system is now one of the most widely used in the world.Despite all the efforts made by Google to constantly improve the security of the entire Android ecosystem, there are still several problems that remain unresolved. In this thesis, we analyse in detail some of the open problems that affect different components and players that are part of and contribute to the Android ecosystem. We start with the security analysis of the network communication of Android applications, showing how, even if Android provides several techniques to secure network communications, developers sometimes are still forced to use cleartext protocols. Our study continues with the analysis of another issue that puts the security and privacy of the user at risk. We analyze the vulnerabilities exploited by malicious applications to perform phishing attacks and how there is still no system in place to allow applications to protect themselves against these attacks. Last, we analyze what we think may be the perfect representation of how difficult it is to ensure security in a domain as extensive as Android analyzing how customizations, even though beneficial to vendors, can lead to security problems that are lowering down the overall security of the Android system. In this thesis, for each of the problems, we analyze the issue in detail, we measure how widespread it is, and we propose an alternative solution with the aim of solving the problem, making a step towards a more secure Android ecosystem.
Complete list of metadata
Contributor : ABES STAR :  Contact
Submitted on : Thursday, September 15, 2022 - 1:03:52 AM
Last modification on : Friday, September 16, 2022 - 2:00:38 PM


Version validated by the jury (STAR)


  • HAL Id : tel-03777650, version 1


Andrea Possemato. A Multidimensional Analysis of The Android Security Ecosystem. Cryptography and Security [cs.CR]. Sorbonne Université, 2021. English. ⟨NNT : 2021SORUS455⟩. ⟨tel-03777650⟩



Record views


Files downloads