Android Security: A Survey of Issues, Malware Penetration and Defenses

Smartphones have become pervasive due to the availability of office applications, Internet, games, vehicle guidance using location-based services apart from conventional services like voice calls, SMSes and multimedia services. Android devices have gained huge market share due to the open architecture of Android, and the popularity of its application programming interface (APIs)in the developer community. Increased popularity of the Android devices and associated monetary benefits attracted the malware developers, resulting in big rise of the the Android malware apps between 2010-2014. Academic researchers and commercial anti-malware companies have realized that the conventional signature based and static analysis methods are vulnerable. In particular, the prevalent stealth techniques such as encryption, code transformation and environment aware approaches are capable of generating variants of known malware. This has led to the use of behavior, anomaly and dynamic analysis based methods. As single approach may be ineffective against the advanced techniques, multiple complementary approaches can be used in tandem for an effective malware detection. The existing reviews extensively cover the smartphone OS security. However, we believe that the security of Android, with particular focus on malware growth, study of anti-analysis techniques and existing detection methodologies needs an extensive coverage. In this survey, we discuss the Android security enforcement mechanisms, threats to the existing security enforcements and related issues, malware growth timeline between 2010-2014, stealth techniques employed by the malware authors, in addition to the existing detection methods. This review gives an insight into the strengths and shortcomings of the known research methodologies and provides a platform to the researchers and practitioners towards proposing the next generation Android security, analysis and malware detection techniques.