PUBLISHING HOUSE FOR SCIENCE AND TECHNOLOGY

Android operating system has become the world's most popular operating system in recent years. Security threat assessment on the Android operating system becomes imperative. Previous studies focused on analyzing applications on Android devices. However, security threats may exist in other components of the operating system, rather than in applications. In this study, we propose a system, uitXFROID, that allows to detect sensitive data leakage in the Applications Framework and security threat from default settings of Android custom firmware (Custom ROMs) instead of pre-installed applications. The experimental results show that the system accurately detects cases of sensitive data leakage in the samples that we propose ourselves. Besides, the system can be used to analyze Android custom ROMs downloaded from the Internet.

Custom ROM analysis, Android Framework analysis, sensitive data leakage, ROM default settings