The smartphone ecosystem encompasses smartphones' hardware and software platform, applications (apps) running on top of the platform, as well the infrastructural components. As the smartphone ecosystem is becoming an important part of our daily life, it is essential to profile, understand and, ultimately, secure the devices and the information they collect and manipulate. To this end, we pave the way for understanding and improving the smartphone ecosystem by designing useful tools, performing measurement studies and security analysis.
In this dissertation, we describe several key steps that help us understand and improve the Android smartphone ecosystem. First, we present the results of a long-term evolution study on Android permission system, the basic security mechanism in Android OS, is defined and used in practice; our results indicate that the Android permission system is becoming less secure over time. Second, we present a systematic approach and tool, named ProfileDroid, that enables multi-layer profiling of Android apps. ProfileDroid has a myriad of applications including behavioral app fingerprinting, enhancing users' understanding and control of app behavior, improving user experience, assessing performance and security implications. Finally, the Bring Your Own Handheld-device (BYOH) phenomenon presents novel management challenges to network administrators. We propose a systematic approach, Brofiler, for profiling the behavior of BYOHs along four dimensions: (a) protocol and control plane, (b) data plane, (c) temporal behavior, and (d) across dimensions using the H-M-L model by considering the different levels of intensity in each dimension. Using profiles from Brofiler, a network administrator can develop effective policies for managing BYOHs.