TY - JOUR
T1 - An empirical study of collaborative model and its security risk in Android
AU - Jha, Ajay Kumar
AU - Lee, Woo Jin
N1 - Publisher Copyright:
© 2017 Elsevier Inc.
PY - 2018/3
Y1 - 2018/3
N2 - Android provides a framework for the development of collaborative applications, which is considered as one of the reasons behind its success. Collaborative model provides flexibility to an application in utilizing services offered by other applications. This approach offers several advantages to developers, such as allowing them to dedicate all of their resources in developing only core functionalities of an application while leveraging services offered by other applications for its auxiliary functionalities. However, the collaborative model also has some disadvantages, such as opening of attack surfaces in an application during exposure of some of its components as it offers its services. Malicious actions can be performed through the exposed components of the application. Android provides permission-based security to protect the exposed components. However, developers must implement the security correctly. In this paper, we empirically evaluate the scale of the collaborative model adopted by Android applications. We also investigate various methods to achieve collaboration among applications. Furthermore, we evaluate the scale of security risk instigated by the collaborative model and perform several other empirical studies on 13,944 Android applications.
AB - Android provides a framework for the development of collaborative applications, which is considered as one of the reasons behind its success. Collaborative model provides flexibility to an application in utilizing services offered by other applications. This approach offers several advantages to developers, such as allowing them to dedicate all of their resources in developing only core functionalities of an application while leveraging services offered by other applications for its auxiliary functionalities. However, the collaborative model also has some disadvantages, such as opening of attack surfaces in an application during exposure of some of its components as it offers its services. Malicious actions can be performed through the exposed components of the application. Android provides permission-based security to protect the exposed components. However, developers must implement the security correctly. In this paper, we empirically evaluate the scale of the collaborative model adopted by Android applications. We also investigate various methods to achieve collaboration among applications. Furthermore, we evaluate the scale of security risk instigated by the collaborative model and perform several other empirical studies on 13,944 Android applications.
KW - Android applications
KW - Collaborative application model
KW - Inter-application communications
KW - Permission-based security
KW - Security risk assessment
UR - http://www.scopus.com/inward/record.url?scp=85026630009&partnerID=8YFLogxK
U2 - 10.1016/j.jss.2017.07.042
DO - 10.1016/j.jss.2017.07.042
M3 - Article
AN - SCOPUS:85026630009
SN - 0164-1212
VL - 137
SP - 550
EP - 562
JO - Journal of Systems and Software
JF - Journal of Systems and Software
ER -