The impact of vendor customizations on Android security

Abstract

The smartphone market has grown explosively in recent years, as more and more consumers are attracted to the sensor-studded mul-tipurpose devices. Android is particularly ascendant; as an open platform, smartphone manufacturers are free to extend and modify it, allowing them to differentiate themselves from their competitors. However, vendor customizations will inherently impact overall An-droid security and such impact is still largely unknown. In this paper, we analyze ten representative stock Android im-ages from five popular smartphone vendors (with two models from each vendor). Our goal is to assess the extent of security issues that may be introduced from vendor customizations and further de-termine how the situation is evolving over time. In particular, we take a three-stage process: First, given a smartphone’s stock im-age, we perform provenance analysis to classify each app in th