Android Security Open Problems

Get Started. It's Free
or sign up with your email address
Android Security Open Problems by Mind Map: Android Security Open Problems

1. Repackaging

1.1. Detecting Piggybacked Code

2. Dynamic Analysis

2.1. Sandbox

2.1.1. Droidbox

2.2. Real-time Monitoring

2.2.1. Taintdroid

2.2.2. Aurasium

2.3. Input Generation

2.3.1. Dynodroid

2.3.1.1. Game Based Malware

2.3.2. Monkey

2.4. Mobile Specific Features

2.4.1. Battery consumption

2.4.2. Data Usage

2.5. Crowdsourcing

2.5.1. Crowdroid

2.6. Open Problems

2.6.1. Bouncer

3. Static Analysis

3.1. Class Dependence

3.1.1. Graph Centrality

3.2. Component Count

3.3. Permissions

3.4. Data Flow

3.4.1. User-Centric Analysis

3.5. Control Flow

3.6. Opcodes

3.6.1. DroidMoss

3.7. Imported Packages

3.8. Market Data

3.9. Analyzing Native Code

3.10. Tools

3.10.1. DroidMat

3.10.2. Androguard

3.11. Open problems?

3.11.1. Hard to separate malicious code from benign

3.11.2. Malware Provenance and Phylogeny

3.11.3. Poor Application Verification

3.11.3.1. Weak Default App Scanner

3.11.3.2. Limitted AV Products

3.11.3.2.1. Anti-malware against Transformation Attacks

3.11.3.3. Partial Solutions

3.11.3.3.1. Acquiring VirusTotal

3.11.3.3.2. Private App Channels

3.11.4. obfuscation

3.11.5. dynamic code loading

3.11.6. limitted availability of tools

4. Malicious Applications

4.1. Rooting Exploits

4.2. SMS Fraud

4.3. Rapid Malware Production

4.3.1. Defeats Signature Based Detection

4.3.2. Malware Phylogeny Could Fight This

4.4. False Notification Attacks

4.5. Response to Malware Detection

4.5.1. Remote Revocation

4.6. Survey of Android Malware

5. Comprehensive Analysis Tools

5.1. Andrubis

5.2. DroidRanger

6. Triage

6.1. Market-scale Mobile Malware Analysis

7. Mobile Botnets

7.1. Epidemic Spread

7.2. Attacking Network Services

7.3. Evasive and Robust P.O.C.

7.4. Tracking Uninfected Devices

8. User Education

8.1. Ignoring Permissions

8.2. Phishing

8.3. Improperly Rooting Devices

8.4. Alternative Markets

9. Browser Attacks

9.1. Phishing

9.2. Click Through

10. Easy to Reverse Engineer Apps

10.1. Adjacking

10.2. Loss of Intellectual Property

10.3. Tools

10.3.1. Apktool

10.3.2. Dex2Jar

10.3.3. Dexdump

11. Android Forensics

11.1. Hiding Data

11.2. Data Mining Personal Information

11.3. Physical Access Attacks

11.3.1. password cracking

11.3.1.1. smudge detection

11.3.1.2. brute force

11.3.1.3. bypass

11.3.2. access data on RAM

11.3.2.1. FROST

11.3.3. survey of attacks

12. Baseband Attacks

13. Resources for Understanding Android Security

13.1. Permissions

13.2. Google's Dev Site