TR-12-01: Understanding and Improving App Installation Security Mechanisms through Empirical Analysis of Android

Abstract

We provide a detailed analysis of two largely unexplored aspects of the security decisions made by the Android operating system (OS) during the app installation process: update integrity and UID assignment. To inform our analysis, we collect a dataset of Android app metadata and extract features from these binaries to gain a better understanding of how developers interact with the security mechanisms invoked during installation. Using the dataset, we find empirical evidence that Android’s current signing architecture does not encourage best security practices, and that the UID sharing method is incongruent with how developers use it. As a result of our analysis, we recommend incrementally deployable improvements, including a novel UID sharing mechanism. We additionally provide a web-interface, which we call the Android Observatory, as a front-end to our dataset allowing queries that display relationships between developers, application versions, and app market listings. Our dataset currently includes metadata, packaging and code signing information for app packages collected from 7 different sources, including app markets, filesharing networks and malware repositories.

TR-12-01.pdf