An empirical study of collaborative model and its security risk in Android

Android provides a framework for the development of collaborative applications, which is considered as one of the reasons behind its success. Collaborative model provides flexibility to an application in utilizing services offered by other applications. This approach offers several advantages to developers, such as allowing them to dedicate all of their resources in developing only core functionalities of an application while leveraging services offered by other applications for its auxiliary functionalities. However, the collaborative model also has some disadvantages, such as opening of attack surfaces in an application during exposure of some of its components as it offers its services. Malicious actions can be performed through the exposed components of the application. Android provides permission-based security to protect the exposed components. However, developers must implement the security correctly. In this paper, we empirically evaluate the scale of the collaborative model adopted by Android applications. We also investigate various methods to achieve collaboration among applications. Furthermore, we evaluate the scale of security risk instigated by the collaborative model and perform several other empirical studies on 13,944 Android applications.