资源描述
Android Security 2017 Year In ReviewMarch 2018Android Security 2017 Year in Review 2Contents3Overview27Ecosystem Data47PHA Family Highlights55Acknowledgements8Google Play Protect15Android Platform SecurityAndroid Security 2017 Year in Review 3Smartphones and other connected devices improve lives around the world every day. People depend on connected devices to exchange messages, navigate from here to there, and take lotsand lotsof photos. With more than 2 billion active Android devices, it's essential that Google provides the best protections for users at scale. We are committed to protecting users' privacy and security across different device types, such as smartphones, automobiles, wearables, TV, Things, and more.Android security made a significant leap forward in 2017 and many of our protections now lead the industry. We measure our improvement based on our own data about the Android ecosystem. We look at metrics, such as how many devices have installed Potentially Harmful Applications (PHAs), what protections they have in place, where PHAs are coming from, as well as third-party analysis and industry signals.Third-party data also pointed to improved overall security. Platform exploitation difficulty, as measured by vulnerability rewards program payouts, independent security researcher analyses, and premier security vulnerability contest results, signaled that Androids protections have become significantly stronger. Exploit pricing is correlated to attacker cost, which is determined by many factors, including time, people, expertise, product knowledge, product accessibility, specialized equipment, and money. Growth in exploit pricing and difficulty demonstrates that Android has achieved a strength of protection that now leads the industry.This is Googles fourth annual report on Android security. The report details improvements to Google's security offerings for Android, new and updated OverviewAndroid Security 2017 Year in Review 4Android platform features, metrics that informed our view of Android security, and security trends for Android devices in 2017.In 2017, we improved Android security in a variety of ways, such as reducing the number of PHAs on devices and in Google Play, improving security visibility and control for users with Google Play Protect, and reducing vulnerability exploitation with faster security updates. To make these changes, we collaborated closely with device manufacturers, system on a chip (SoC) vendors, telecom carriers, and Android researchers and academics.We hope that sharing this information gives you more insight into the state of security in Android, and our constant efforts to keep our users and their data secure.The best of Google security for AndroidAndroid devices that only download apps from Google Play are 9 times less likely to get a PHA than devices that download apps from other sources. While all Android devices benefit from protections built into the platform, Android devices with Google Play services have an additional layer of defense to keep them safe. Google protects these devices right out of the box with Google Play Protect, our built-in device, data, and apps security scanning technology. With nearly 2 billion protected devices, Google Play Protect is the most widely deployed mobile threat protection service in the world.Google Play Protect includes on-device capabilities that protect users from PHAs in real-time and cloud-based services that analyze device and app data to identify possible security concerns. Google is constantly improving our tools and methods, applying new machine learning techniques, and updating our detection and response systems to protect against new vulnerabilities and PHAs. Because Google Play Protect doesn't rely on firmware or platform updates, Android devices benefit from our innovation right away.Android Security 2017 Year in Review 5Google Play Protect gives a visible home to all the security protections that have kept Android users and devices safe behind the scenes for years. These protections include ways to find a lost device, safeguarding from deceptive websites, and systems that detect and remove PHAsno matter where the questionable apps came from. Google Play Protect also helps users check the security state of their Android device, providing peace of mind that their device is secure.We leverage machine and human intelligence to get the job done and keep our users safe. Our automated systems detect and classify PHAs and compare behavior to make meaningful connections across billions of data points. Our security experts analyze these findings and check suspected PHAs that our systems discover.In 2016, the annual probability that a user downloaded a PHA from Google Play was .04% and we reduced that by 50% in 2017 for an annual average of .02%.In 2017, downloading a PHA from Google Play was less likely than the odds of an asteroid hitting the earth.Up-to-date platform securityGoogle's protections are a real-time shield against PHAs, and those protections sit on top of core security smarts that are built directly into Android. All Android devices share a common, platform-level security model. We've enhanced this model over the years with SELinux protections, app isolation using sandboxing, exploit mitigations, and cryptographic features, like file-based encryption and Verified Boot.In 2017, we expanded platform-level security in Android Oreo. Android Oreo increases security by making devices easier to update with Project Treble, giving apps a way to verify Android devices, reducing privilege, and mitigating sophisticated attacking techniques.Google works closely with our device manufacturing, SoC, and carrier partners to bring the best of Android security to all devices. On top of that, the breadth Android Security 2017 Year in Review 6and depth of Android's ecosystemwith over 60,000 different device modelsmakes exploitation harder by limiting the impact of a mobile vulnerability and making it more complex to develop successful attacks. We provide compatibility resources, such as a detailed series of security requirements and a testing framework to ensure support across the diverse device ecosystem. In 2017, we also extended our security checks to proactively identify and remove preinstalled PHAs on Android devices. In addition to our proactive compatibility resources, we work with our partners to keep Android device security up-to-date. In 2017, we improved our collaborative security maintenance programs and provided faster and easier updates across all Android devices.In 2017, we increased the number of Android devices that received security patches by more than 30%.Protective power of openOne of Android's most important security strengths is its open source development approach. As Android security has matured, it has become more difficult and expensive for attackers to find high severity exploits. This is where open source really shines. As a global, open source project, Android has a community of defenders collaboratively locating the deeper vulnerabilities and developing mitigations. This community may be orders of magnitude larger and more effective than a closed source project of similar scale. Androids defenders come from tho u-sands of device manufacturers, SOC vendors, carriers, academic institutions, independent security researchers, and the worldwide Linux community. As of 2017, Googles Android Security Rewards program offers one of the highest reward values in the industry.Another example of exploit pricing is Mobile Pwn2Own, the premier mobile hacking contest where security experts from around the world compete to find exploits in mobile devices. Mobile Pwn2Own 2017 reward values were comparable across operating system platforms. In addition, the contest did not reward any core Android platform security exploits.Android Security 2017 Year in Review 7Enterprise growthSecure devices engender greater user and business confidence. Many enterprises have stringent device security requirements, so enterprise adoption and analyst reports help gauge the positive impact of Android security improvements.For example, Gartners December 2017 Mobile OSs and Device Security: A Comparison of Platforms report by Patrick Hevesi reviewed Android among security controls for mobile devices. These controls included iOS 9, iOS 10, iOS 11, Android 4, Android 5, Android 6, Android 7, Android 8, Samsung Knox 2.6, Samsung Knox 2.9, Google Pixel (Android 7), Google Pixel 2 (Android 8), Windows 10, and Microsoft Surface Pro.Google continued to invest in Android's enterprise security features in 2017. One of Android's primary enterprise security capabilities is the work profile, which separates business apps and data from personal apps and data. Work profiles enable privacy for users (the business can't see the apps, data, or activity on the personal side) and improve data and network security for the business. In 2017, we established a validation process to ensure consistent, quality implementations of work profile, managed device, and dedicated device solution sets with nearly 40 Enterprise Mobility Management (EMM) solution providers. We also released managed Google Play, a curated Google Play store for enterprise customers. In 2017, the number of 30-day active devices running managed Google Play increased by 2000%.We also launched the Verify Apps API, which helps administrators determine whether a device is protected by Google Play Protect, encourage users to enable Google Play Protect, and identify any PHAs that are installed on the device.As we celebrate Android security's successes in 2017, we are far from content. We look forward to eradicating more PHAs, further enhancing privacy and security in future Android releases, and providing the most up-to-date security features across Android devices. We are deeply grateful to our ecosystem partners, developers, researchers, and the rest of the global Android community for helping to protect Android devices and users.Android Security 2017 Year in Review 8Google has long contributed to the security of Android devices with multiple layers of on-device and cloud-based technologies. All devices with Google Play have a set of endpoint and mobile threat protection services that protect against common threats, including network attacks, app exploits, potentially harmful applications (PHAs), and physical attacks, such as device theft. In 2017, these protections evolved to form Google Play Protect, which provides a visible home for Googles comprehensive security protections for Android. While Google Play Protect's core features have been part of Android for years, we added several features that better identify and address mobile threats in 2017, which we'll cover below.Google Play Protect leverages the technical talent of security experts, app analysis, response tools, and machine learning advancements to detect PHAs. It also presents device security information in Settings and Google Play, providing users with comfort, ease, and control over their device's security.Google Play Protect is enabled on over 2 billion devices running Android 4.3+ with Google Play, and constantly works in the background to keep users devices and data safe. Google Play Protect regularly updates across all devices to remove new threats; it doesn't rely on releases or Over the Air updates (OTAs) to improve.Google Play ProtectGoogle Play Protect in SettingsAndroid Security 2017 Year in Review 9On-device protections This table lists Google Play Protect's on-device capabilities with a brief description of how they help keep devices and data safe. Most of these services integrate with a cloud-based component that allows Google to push updates.The following sections explain how these on-device protections work and details new features and improvements made in 2017.Service ProtectionPHA scanningCollection of mobile threat protections and removal options for downloaded PHAs including: Automatic daily PHA scanning User-initiated, on-demand scanning Scanning for threats even when device is offline Automatically disabling or removing PHA threats Uploading new apps to the cloud for scanningFind My DeviceProtection for lost or stolen devices (Formerly Android Device Manager)Safe Browsing Protection from deceptive websitesDeveloper APIsAPIs that allow third-party apps to use Googles security servicesPHA scanning servicesGoogle Play Protect leverage cloud-based app-verification services to determine if apps are potentially harmful. Google Play Protect scans Android devices for evidence of PHAs. If it finds a PHA, Google Play Protect warns the user and can disable or remove particularly bad PHAs.Daily PHA scanSince 2014, Google Play Protects Verify Apps service runs a periodic full-device scan that looks at apps before installation and runs regular scans on all installed apps. If a PHA is found, a notification asks the user to remove it. In cases where the PHA has no possible benefit to users, Google Play Protect can remove the PHA from affected devices and block future installs.Android Security 2017 Year in Review 10We have always scanned devices for PHAs about once every 6 days. (Devices that had indicators of installed PHAs or other risk factors were scanned more frequently.) In 2016, we started scanning all devices for PHAs once a day. Daily scanning allows Google Play Protect to respond quickly to a detected threat, reducing how long users could be exposed to the threat and how many devices may be affected. To conserve data, these daily scans only contact Google servers to request verification when a suspected PHA is detected.In 2017, daily scans led to faster identification and removal of approximately 39 million PHAs. Though Google Play Protect works in the background, users can check when their device was last scanned and the list of scanned apps in the Google Play Protect section of their Google Play app.On-demand PHA scanIn addition to a lightweight, daily, automatic scan, users can start a full-device scan at any time. Upon request, the device contacts Google servers for the latest information and scans all apps on the device. If a harmful app is discovered, Google Play Protect notifies the user to take action or takes action on their behalf. This visibility gives users peace of mind that they have the latest protection at all times.Offline PHA scanIn early 2017, we investigated more PHA install patterns. Our research showed that about 35% of new PHA installations occurred when the device was offline or had lost network connectivity before Google Play Protect could determine if an app was a PHA.To address this, in October 2017, Google Play Protect added offline scanning, which helps prevent well-known PHAs from being installed offline. When the device regains network connectivity, it undergoes a full scan. Since Octo
展开阅读全文