Penetration Testing for Android Smartphones

Abstract

One major challenge faced by Android users today is the security of the operating system especially during setup. The use of smartphones for communication, social networking, mobile banking and payment systems have all tripled and many have depended on it for their daily transactions.AndroidOS on smartphones is so popular today that it has beaten the most popular mobile operating systems, like RIM, iOS, Windows Mobile and even Symbian, which ruled the mobile market for more than a decade.This paper performspenetration testing of Android-based Smartphones using an application program designed to simplify port-scanning techniques for information gathering and vulnerability attack. In this paper, an attempt was made to test and analyze the security architecture of the Android operating system using the latest penetration testing and vulnerability tool based on Kali Linux. Three different Versions of Android, Version 2.3, 3.2 and 4.2 were simulated on a virtual machine. The result shows that although there is an improvement in the security stack of the different AndroidVersions but Version 4.2 is more secured than the others. This work is important for users and researchers who use their Android smartphones in a critical environment with hostile network traffic.