Android Application Sandbox
Abstract
Usage of smartphones in everyday life is getting more popular. While
former mobile phones were mainly used only
for phone calls, modern devices often have the ability to install
third-party software and being connected to the
internet. Along with these new possibilities there are also new attack
vectors on the security of mobile devices.
One of the newer operating systems for such smartphones is Android. It is
based on a Linux Kernel and set open source.
Although there are still certain parallels to commonly used Linux
environments, Google engineer Patrick Brady said
"Android is not Linux". This might indicate that some special
characteristics of Android and also the limitations
of the used mobile hardware makes it harder to detect and react on malware
attacks if using the same techniques as
on personal computer environments.
There are a lot of ways detecting if an application is suspicious or not.
One possibility is to scan the software
for malicious patterns before it will be installed and another one is to
execute the application in a fully isolated
environment. The Android Application Sandbox (short AAS) is supposed to
examine both, a static and a dynamic analysis,
to automatically detect suspicious applications in a more efficient way as
it is done until now.
One practical application of the gathered results is the faster and more
secure detection of suspicious software in
an Android application market as Google currently provides. Another one is
the improvement of actually existing anti
virus applications available for the Android operating system.
thomasbl
|
