- 1. [email protected] 22 2013
2. Android; Android; ; . . 3. Android (smartphones & tablets) Linux. Google OpenHandset Alliance. developers Java, Google. Android 5 2007, OpenHandset Alliance, 48 , hardware, . Google Android Apache License, . 4. 500 (9/2012)1,3 (9/2012) Android 5. developers smartphones (Mail, Contacts, Calendar, Facebook, Twitter .) (privacy) . 6. http://source.android.com/tech/security/ 7. O kernel Linux Android : (User-Based permission model) Inter-processcommunication kernel , o kernel Linux : A CPU (.., GPS, Bluetooth, Camera .) 8. The Application Sandbox UID GID app (Binders, Services, Intends, ContentProviders). 9. Dalvik VM security manager ( Core Libraries Libraries) VM 10. "" (permission) Android . . Permissions AndroidManifest.xml 11. Normalandroid.permission.VIBRATEandroid.alarm.permission.SET_ALARM Dangerousandroid.permission.SEND_SMSandroid.permission.CALL_PHONE Signatureandroid.permission.FORCE_STOP_PACKAGESandroid.permission.INJECT_EVENTS SignatureOrSystemandroid.permission.ACCESS_USBandroid.permission.SET_TIME 12. , (malware). 2011, Computer Science Department University ofCalifornia, Berkeley 25 Android. Permissions 95% CI permissions 4 (17% ) 5% to 37% 10 (42% ) 22% to 63% 10 (42% ) 22% to 63%Felt, A.P., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D., Android permissions: User attention, comprehension, and behavior, 2012 13. permissions reviews developer 14. Android 2.2 (API 8) (APKs) (microSD .). Linux Android ( VFAT). Android 3.0 , by default. 15. Android . . 16. Armando, A., Merlo, A., Migliardi, M., Verderame, L.,Would you mind forking this process? A denial of service attack on android (andsome countermeasures), 2012 Zygote Android fork . Zygote socket. Armando, A., Merlo, A., Migliardi, M., Verderame, L., com.android.internal.util.WithFramework Zygote fork dummy Linux layer , android kill. . socket . 17. Zygote process fixZygote socket fix 18. http://source.android.com/tech/security/ Felt, A.P., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D.,Android permissions: User attention, comprehension, andbehavior, 2012 Armando, A., Merlo, A., Migliardi, M., Verderame, L., Wouldyou mind forking this process? A denial of service attack onandroid (and some countermeasures), 2012 19. [email protected]
