Paper Info
Title
A survey of Android exploits in the wild.
Abstract
The Android operating system has been dominating the mobile device market in recent years. Although Android has actively strengthened its security mechanisms and fixed a great number of vulnerabilities as its version evolves, new vulnerabilities still keep emerging. Vulnerability exploitation is a common way to achieve privilege escalation on Android systems. In order to provide a holistic and comprehensive understanding of the exploits, we conduct a survey of publicly available 63 exploits for Android devices in this paper. Based on the analysis of the collected real-world exploits, we construct a taxonomy on Android exploitation and present the similarities/differences and strength/weakness of different types of exploits. On the other hand, we conduct an evaluation on a group of selected exploits on our test devices. Based on both the theoretical analysis and the experimental results of the evaluation, we present our insight into the Android exploitation. The growth of exploit categories along the timeline reflects three trends: (1) the individual exploits are more device specific and operating system version specific; (2) exploits targeting vendors' customization grow steadily where the increase of other types of exploits slows down; and (3) memory corruption gradually becomes the primary approach to initiate exploitation.
Year
DOI
Venue
2018
10.1016/j.cose.2018.02.019
Computers & Security
Keywords
Field
DocType
Android,Mobile security,Privilege escalation,Exploit,Survey
Android (operating system),Memory corruption,Computer science,Computer security,Privilege escalation,Timeline,Exploit,Mobile device,Vulnerability,Personalization
Journal
Volume
ISSN
Citations 
76
0167-4048
6
PageRank 
References 
Authors
0.44
12
5
Name
Order
Citations
PageRank
Huasong Meng160.44
Vrizlynn L. L. Thing220821.08
Yao Cheng3366.21
Zhongmin Dai460.44
Li Zhang591.51