The evolution of Android applications security

The evolution of Android applications security

연구 분야: Cryptography

학회: 2025 5th International Conference on Innovative Research in Applied Science, Engineering and Technology (IRASET)

Since its beta release in 2007, android had been growing both amongst users and developers. Its ease of use, customizability, programmability, and open source nature caught not just the attention of both tech enthusiasts and regular users, but also manufacturers who started using it in their products either in its original format like the case of Samsung, or for custom operating systems based on it such as ColorOS for Oppo or HarmonyOS for Huawei making it the number one used OS in the world. But this also created more space for security issues to occur and created a great environment for hackers. In this paper, we explore the evolution of security measures introduced in Android since its first release, both for the Software development kit (SDK) and operating system across various versions. Starting with an overview of Android Architecture, we will then explore a set of methods used to classify vulnerabilities with statistics from the National Vulnerability Database (NVD). We will then study the evolution of security measure introduced in each step of the growth of Android, from early static permission models to more sophisticated features such as post-quantum encryption, SELinux and others, which will bring us to also discuss the challenges that remain. As many android development frameworks emerge, we will do a comparative analysis of the security of the modern Android development frameworks notably Flutter and React native face to face with the native Android, putting their strengths and weaknesses in terms of built-in security features under the spotlight. During this comparison, we focus on storage, encryption, obfuscation, and compromised device detection. To sum up, we will present a conclusion summarizing the analysis with a perspective on future work and how it will help improve the current situation.