Security testing in Android networks : a practical case study

Android is a new generation of an open operating system directed at mobile devices that are carried every day. The openness of this architecture is leading to new applications and opportunities including a host of multimedia services, new interfaces and browsers, multitasking including support for wireless local, personal and wide area networking services. Security with mobility and wireless connectivity thus becomes even more important with all these exciting developments. Vital security issues such as leakage of private information, file stealing and spambots abound in networks in practice and Android networks continue to be subject to these same families of vulnerabilities. This paper provides a demonstration of such vulnerabilities in spite of the best efforts of designers and implementers. In particular it describes examples of data leakage and file stealing (address books, contact lists, SMS messages, pictures) as well as demonstrating how Android devices can create spambots. © 2013 IEEE.