ABSTRACT

Choose applications, data and security policies, and for this purpose the role of the operating system of
Android phones is very vital. Each mobile operating system, including IOS, Android and Windows has its
own security features and considerations. However, the benefits and features of operating systems are
very important for its consumers and even organizations, because the existence of a security challenge in
it can cause a large security hole and organizational information leakage.

This research tries to introduce the security controls used in the Android phone operating system.

INTRODUCTION
Security on the mobile platform is similar to the security of computers. Due to lower technical and
hardware specifications and limited access to resources on mobile devices in some cases can not use
special security technologies. On the other hand due to the package Being and being limited in installing
software and hardware, mobile systems face different security threats. Android security architecture is
very similar to a Linux-based computer. Android because it is based on the Linux kernel. It has all the
advantages of Linux and some disadvantages of Linux distributions.

However, it also has special security considerations for a mobile operating system. Android architecture
is such that it can be configured for strong security situations.

Android security architecture

Android architecture is such that it has created a platform that can customize security from simple to
advanced. Some security indicators and features help application developers to create a high security
application. Which can be referred to the following:

· Sandbox:

This feature allows applications to run data and code for each application, isolated and independent of
the other application. This feature is developed by applying SELinux and boot integrity.

· Android application framework:

Strong implementation with common security features such as encryption (permission) and secure IPC is
possible in Android.

· Encryption file system:

It can be used to combat device or information theft.

· Input validation technology:

Technologies to reduce the risks associated with common memory management errors are embedded in
Android, such as:

ASLR

NX

ProPolice

safe_iop

OpenBSD dlmalloc

OpenBSD calloc

linux mmap_min_addr

User permissions are intended to restrict access to system features and user data. There are permissions
defined for an application to control application data per application.

The following figure shows the security considerations and components at different levels of the Android
software stack.
How to secure a user on an Android phone

Android security architecture is such that the user can use it safely without installing special software or
making any changes to their tablet or smartphone.

Each Android application runs in its own safety box, which restricts access to sensitive information or
data without the user's permission. Download and install yourself. Avoid using unreliable resources to
meet your needs on mobile devices.

Since the Android architecture is such that it allows its users to provide their software from different
sources

Android security considerations and features

Because Android supports active content such as Flash, Java, JavaScript, and HTML5, it can allow
malware to attack it through these carriers.

The Android operating system is very popular with mobile malware, including SMS trojans, which can
use inappropriate services without the user's knowledge by sending text to international numbers and
installing fake and deceptive programs.Even his personal information is stolen and the user's mobile
control is illegally given to the hacker.

The following is a list of the most common types of Android malware and how they work:
1. Trojan:

Malware is malware that appears to be a seemingly secure application, application, or software. They
can be used to collect sensitive data, spy activities, delete files, access devices, download other malware,
and more.

2.keylogger:

Keyloggers are malware designed to record keystrokes on the keyboard and, of course, on mobile
devices to record the information you type on the device. The fact that you can freely find keylogger
software on the web (and not just on the Dark Web) is readily available to the public and is also indexed
by search engines. Unfortunately, this malware is usually advertised under such headings as parental
control strategies, and some developers are free to encourage people to monitor their friends and
spouses.

3.Ransomware:

Although this type of malware is more common on computers, this does not mean that your mobile
phone can not be infected with ransomware. These attacks cause all your files to be encrypted and
sometimes even lock the phone screen. In these cases, a message will appear on the screen of the
device asking you to pay a fee to decrypt the device information.

4. Spyware:
Spyware is also one of the most common malware infections on mobile devices. You may have recently
heard of a WhatsApp spyware attack that exploited a vulnerability in this application.

Mobile spyware is a type of malware that allows attackers to gain access to all the information on your
phone, including contact lists, contacts, messages and other sensitive information, as well as your
phone's microphone and camera.

5. Adware

If you occasionally see annoying ads on your device (in full screen), even when you are not browsing or
using ads that play ads, then your mobile phone is infected with ads.

How to detect malware on Android?

What are the warning signs that your Android device is infected with malware?

If the performance of your Android tablet or phone has changed dramatically and there are no obvious
signs of what is going on, this behavior may be due to malware.

In the continuation of this research, we will review some common symptoms of Android malware.

· Discharge the battery sooner than usual:

If your usage of your Android device has not changed but the battery has recently been discharged for
no good reason, it may be due to malware infection. Sometimes malicious applications consume a lot of
power. You need to go to Settings, then Battery, and see exactly which applications consume the most
power. Try to make sure the applications displayed in this section are real.

· The device heats up and its performance drops

Be careful if you do not use the device too much and yet the device heats up quickly and really slows
down or the screen often freezes. Examine data usage and see which applications consume a lot of data.
Go to Access Settings, Data and check all applications. Uninstall all suspicious applications immediately.

· Display ads and pop-ups randomly and abnormally

This is a clear sign of a type of malware infection, ie adware. No ad should be displayed on the phone
screen for no reason. Remember to never click on any of these ads. It does not matter what these
advertisements promise you. You should check what applications you have recently installed and remove
all suspicious applications as soon as possible.
 · View strange text messages and calls

If you see unwanted messages or contacts, it may be due to malware infection as this is one of the most
common ways for malware to multiply. For example, if you receive a strange message from a friend
trying to encourage you to click on a suspicious link, his or her phone may be infected with malware that
is trying to infect your phone as well. FileCoder is a clear example of a ransomware attack that spreads
via text message on the Android operating system. In any case, never click on any suspicious links or
reply to any anonymous messages.

· Suddenly anonymous applications appear on the phone

Needless to say, if you notice a severe program that you did not install yourself, remove it immediately.
Some malicious applications try to look like problems or mimic the work of other applications. So be very
careful.

· Search for hidden applications

Some applications may not be visible on Android unless you know where to look for them. This may
sound scary, but to do this, just follow these steps: Go to Settings - Applications and look for all the
unwanted emails in this list. In this menu, immediately remove all suspicious applications.

Tips to prevent malware from installing on Android devices:

In the following, we will tell you how you can prevent cyber criminals from attacking your Android
device.

Use a lock screen or Lock Screen

If we want to name one of the best methods that can be used to increase the security of the mobile
phone, we can mention the choice of a suitable and powerful password for the phone lock screen.
Therefore, by choosing a suitable password on the screen or screen of the phone, we increase the
security of our phone so that profiteers can not easily go through the lock of the device screen and
access the content of your phone. To choose a suitable password, you must pay attention to certain
points. If your phone has a finger scanner, we suggest that you activate it and use a finger scanner. Do
not choose simple, predictable passwords for other people if you are considering a pattern in the form of
a pattern (Pattern) or password (Password) for the phone. If you use Apple iPhones, it is not enough to
have a 4 or 6 digit password consisting of numbers and try to put a password on the device that consists
of numbers and letters.
Activate the Encrypt Phone feature

As many users know, the Android operating system offers a feature called "Encrypt Phone" which means
"phone encryption" which, when activated, makes the information on the device unreadable. This
means that if you lose your Android device, the information contained in it will be stored securely and
will be protected.

To activate the Encrypt Phone feature, enter the "Settings" section and then "Security" of your Android
device and select the "Encryption" option. Enabling this feature must be done by setting a screen lock. In
other words, when you enable the Encrypt Phone feature, you must also define a screen lock for the
device. Enabling the Encrypt Phone feature is also one of the effective ways to increase the security of
the device and protect the privacy of the user.

Conscious use of location services or so-called Location Services

Other features offered in the Android operating system are related to location services. This feature is
very useful and by activating it along with applications such as Google Map (Google Map) and. You can
access interesting features. But keep in mind that accessing this information means tracking your
activities 24 hours a day. So always pay special attention to your device's location services and use it
consciously. You should definitely disable this service, known as "Location Services", and thus increase
your security, but by doing so, you can no longer use the great features that are provided by the location
services enabled. . So we recommend that you use your phone's location service more consciously.
Consider, for example, applications that can access location services. Never allow irrelevant applications
to access your location information.

Enable the Opt out of interest-based ads feature

We may download and install applications every day. These programs generally have in-app ads and this
is one of the main ways to earn money in these applications. But in the Android operating system there
is a feature called "Interest-based Ads" which according to your profile information (information such as
date of birth, gender, sites you usually visit, etc.), special ads Is displayed. In fact, these ads are based on
user interests (Interest-Based).

Use the Google Play Store

Always try to download Android apps through your phone's Google Play Store. Using other resources
that are not approved by Google may involve security risks for the user. The apps offered in the Google
Play Store are free of any malware or malware, so again, try using this source to download the Android
apps you want.

In the settings section of your Android device, there are options called "Unknown Sources" which are
disabled by default. If you are going to use other unauthorized resources to download and install
Android applications, you must enable the "Unknown Sources" option. By activating this option, your
device will enter a security risk.

Knowledge of application permissions (Application Permissions)

As you can see, Android apps provide a list of "Application Permissions" for app access before installing
on the device. When installing any application, pay attention to its access list and if you encounter a
suspicious case, prevent installing that application on your device. For example, an application that is
supposed to turn a device's LED flash into a flashlight does not need to access your contact list. Then
check the permissions of the applications.

Use the paid version without the ads of the applications

Android app developers have to make money using certain methods. In most cases, this is done with two
approaches. In the first approach, the application is provided to the user for free and contains in-app
ads, some of which are malicious and reduce the security of the device. In this case, the developer will
receive a fee from the intended advertising source. In the second approach, the developer of the
application will provide copies of it without in-app ads, but to purchase it, the user will have to pay a fee.

Consider security measures for cloud storage services

Cloud storage services are now very popular among users. You can use these services to create backup
files or so-called backup files from the contents of your device. This backup file contains all device
information such as password, application data ‌and.. So it is very clear that if someone accesses this file,
your information is stolen and your privacy is made available to others.

To prevent this from happening, we recommend that you do not use cloud storage services on Android
devices as much as possible. To do this, go to the "Settings" section and then "Backup & reset" of your
device and disable the "Back up my data" option. If for any reason you want to enable backup through
cloud storage services on your device, be sure to set an advanced password for your account or use two-
step verifications.

Use security applications such as BitDefender Clueful

We recommend that you use security applications such as BitDefender Clueful on your device to increase
the security and privacy of your device. This application can analyze other applications installed on the
device and the phone and reveal their information and access to you. Using this application to control
the performance of other applications installed on Android devices is very effective.

Conclusion
Smartphones store our sensitive and important information such as banking information, personal
information, social media information and so on. Therefore, the issue of data protection and increasing
the security of the phone is becoming more and more important. The security of the phone depends to
some extent on ourselves. In fact, we should do the do's and don'ts to keep our information safe.

Most of these malware attacks, especially Android malware attacks, are successful because they are
based on false promises that seem appealing to users. Remember that the danger is real. Stay alert, keep
up to date with system applications and software, and never download anything from suspicious sites on
your mobile device

Refrence
https://source.android.com/security/app-sandbox

ecurity Tips | Android Developers. (2014). Retrieved from

http://developer.android.com/training/articles/securitytips.html

Citrix. (2014). BYOD and Information Security. Fort Lauderdale, FL, USA: Citrix Systems, Inc.
Retrieved from http://citrix.com

SANS. (2014). The Critical Security Controls for Effective Cyber Defense-Version 5.0. SANS
Institute.

Security | Android Developers. (2014). Retrieved from

https://source.android.com/devices/tech/security

https://securelist.com/keyloggers-how-they-work-and-how-to-detect-them-part-1/36138/