An Empirical Analysis of Contemporary Android Mobile Vulnerability Market

Abstract

The increasing popularity and rapid growth of the mobile ecosystem have been changing people's daily life. The vulnerabilities of mobiles resulting from the inherent vulnerable characteristic of software products, however, can be exploited, causing substantial economic loss or privacy leakage. This paper introduces an information metadata model, comprising a life cycle model and a heterogeneous network model, to investigate the evolving patterns of vulnerabilities in the current Android Mobile Vulnerability Market (AMVM). The test bed collects data from a variety of vulnerability datasets, comprising 19,711 vulnerable records. An empirical study is conducted to trace the evolution process of vulnerabilities in the AMVM. The network analysis method has opened a new way of studying mobile vulnerability market, in order to improve the security situation in the Android ecosystem.