|![[Search]](http://talks.cam.ac.uk/images/search.gif?1209136071)
|![[A-Z Index]](http://talks.cam.ac.uk/images/az.gif?1209136071)
|![[Contact]](http://talks.cam.ac.uk/images/contact.gif?1209136071)
||![[University of Cambridge]](http://talks.cam.ac.uk/images/identifier2.gif?1209136071){kind=small} |
COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring. | ![[Talks.cam]](http://talks.cam.ac.uk/images/talkslogosmall.gif?1209136071) |
University of Cambridge > Talks.cam > Computer Laboratory Digital Technology Group (DTG) Meetings > Security metrics for the Android ecosystem
Security metrics for the Android ecosystemAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Andrew Rice. The security of Android depends on the timely delivery of updates to fix critical vulnerabilities. In this paper we map the complex network of players in the Android ecosystem who must collaborate to provide updates, and determine that inaction by some manufacturers and network operators means many handsets are vulnerable to critical vulnerabilities. We define the FUM security metric to rank the performance of device manufacturers and network operators, based on their provision of updates and exposure to critical vulnerabilities. Using a corpus of 20 400 devices we show that there is significant variability in the timely delivery of security updates across different device manufacturers and network operators. This provides a comparison point for purchasers and regulators to determine which device manufacturers and network operators provide security updates and which do not. We find that on average 87.7% of Android devices are exposed to at least one of 11 known critical vulnerabilities and, across the ecosystem as a whole, assign a FUM security score of 2.87 out of 10. In our data, Nexus devices do considerably better than average with a score of 5.17; and LG is the best manufacturer with a score of 3.97. This is a practice talk for ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM) 2015, “Security metrics for the Android ecosystem” by Daniel R. Thomas, Alastair R. Beresford and Andrew Rice https://www.cl.cam.ac.uk/~drt24/papers/spsm-scoring.pdf This talk is part of the Computer Laboratory Digital Technology Group (DTG) Meetings series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsTalks related to sustainability and the environment The obesity epidemic: Discussing the global health crisis Mathematical Modeling Biophysical Seminars MRC Cancer Unit Seminars Type the title of a new list hereOther talksUncertainty Quantification with Multi-Level and Multi-Index methods Requirements in Application Development Volcanoes and Explosions Amphibian Evolution through Deep Time: Fossils, Genes and Regeneration Identifying new gene regulating networks in immune cells |
Monday 05 October 2015, 14:05-14:55