Systematic Detection of Capability Leaks in Stock Android Smartphones
Download: Paper (PDF)
Date: 7 Feb 2012
Document Type: Briefing Papers
Additional Documents: Slides
Associated Event: NDSS Symposium 2012
In this research, we systematically analyze eight flagship Android smartphones from leading manufacturers and discover that the stock phone images do not properly enforce the Android permission model. Sensitive user data and dangerous features on the phones are unsafely exposed to other applications which do not have the proper permission, a security violation we term a capability leak.