C. Pour and A. , http://www.cvedetails.com/vulnerability-list/vendor id-1224

A. La-plateforme, Dernì ere visite en mai 2013. [10] L'API Apache HttpCore

L. Projet and O. Sandbox, https://github.com/ OVALProject/Sandbox

. Mécanismes-de-sécurité-dans-android, http://source.android.com/tech/security

O. Une-introduction-au-langage, http://oval.mitre.org/documents/docs-06/an introduction to the oval language

. Vulnxml-vision and . Document, coverpages.org/VulnXMLVisionDocument.pdf. [25] ´ Evolution des malwares Android au cours des derniers mois. https://blog.commtouch.com, 2013.

J. Banghart and C. Johnson, The Technical Specification for the Security Content Automation Protocol (SCAP) http://csrc.nist.gov/publications, pp.800-126, 2009.

M. Barrère, R. Badonnel, and O. Festor, Supporting Vulnerability Awareness In Autonomic Networks and Systems with OVAL, Proceedings of the seventh International Conference on Network and Service Management, pp.1-8, 2011.

M. Barrère, R. Badonnel, and O. Festor, Vulnerability Management and Past Experience in Autonomic Networks and Services, 2012.

M. Barrère, G. Betarte, and M. Rodriguez, Towards machine-assisted formal procedures for the collection of digital evidence, 2011 Ninth Annual International Conference on Privacy, Security and Trust, pp.32-35, 2011.
DOI : 10.1109/PST.2011.5971960

M. Barrère, G. Hurel, R. Badonnel, and O. Festor, Increasing Android Security Using a Lightweight OVAL-Based Vulnerability Assessment Framework, Proceedings of the IEEE 5th Symposium on Security Analytics and Automation, 2012.
DOI : 10.1007/978-3-319-01433-3_3

M. Barrère, G. Hurel, R. Badonnel, and O. Festor, A probabilistic cost-efficient approach for mobile security assessment, Proceedings of the 9th International Conference on Network and Service Management (CNSM 2013), 2013.
DOI : 10.1109/CNSM.2013.6727842

A. Bose and K. G. Shin, On Mobile Viruses Exploiting Messaging and Bluetooth Services, 2006 Securecomm and Workshops, pp.1-10, 2006.
DOI : 10.1109/SECCOMW.2006.359562

H. Dai, C. Murphy, and G. Kaiser, Configuration Fuzzing for Software Vulnerability Detection, 2010 International Conference on Availability, Reliability and Security, pp.525-530, 2010.
DOI : 10.1109/ARES.2010.22

A. Doupé, L. Cavedon, C. Kruegel, and G. Vigna, Enemy of the State : A State-Aware Black- Box Vulnerability Scanner, Proceedings of the USENIX Security Symposium (USENIX), 2012.

W. Enck, M. Ongtang, and P. Mcdaniel, Understanding Android Security. Security Privacy, IEEE, vol.7, issue.1, pp.50-57, 2009.
DOI : 10.1109/msp.2009.26

W. Enck, P. Traynor, P. Mcdaniel, and T. L. Porta, Exploiting Open Functionality in SMScapable Cellular Networks, Proceedings of the ACM Conference on Computer and Communication Security (CCS), pp.393-404, 2005.

M. Eslahi, R. Salleh, and N. B. Anuar, MoBots: A new generation of botnets on mobile devices and networks, 2012 International Symposium on Computer Applications and Industrial Electronics (ISCAIE), pp.262-266, 2012.
DOI : 10.1109/ISCAIE.2012.6482109

A. P. Felt, M. Finifter, E. Chin, S. Hanna, and D. Wagner, A survey of mobile malware in the wild, Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, SPSM '11, pp.3-14, 2011.
DOI : 10.1145/2046614.2046618

M. Ghorbanzadeh, Y. Chen, Z. Ma, T. C. Clancy, and R. Mcgwier, A neural network approach to category validation of Android applications, 2013 International Conference on Computing, Networking and Communications (ICNC), pp.740-744, 2013.
DOI : 10.1109/ICCNC.2013.6504180

S. Huang, M. Huang, P. Huang, C. Lai, H. Lu et al., CRAX: Software Crash Analysis for Automatic Exploit Generation by Modeling Attacks as Symbolic Continuations, 2012 IEEE Sixth International Conference on Software Security and Reliability, pp.78-87, 2012.
DOI : 10.1109/SERE.2012.20

R. Johnson, Z. Wang, C. Gagnon, and A. Stavrou, Analysis of Android Applications' Permissions, 2012 IEEE Sixth International Conference on Software Security and Reliability Companion, pp.45-46, 2012.
DOI : 10.1109/SERE-C.2012.44

G. Kambourakis, C. Kolias, S. Gritzalis, and J. H. Park, DoS attacks exploiting signaling in UMTS and IMS, Computer Communications, vol.34, issue.3, pp.226-235, 2011.
DOI : 10.1016/j.comcom.2010.02.010

S. Khan, M. Nauman, A. T. Othman, and S. Musa, How secure is your smartphone: An analysis of smartphone security mechanisms, Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), pp.76-81, 2012.
DOI : 10.1109/CyberSec.2012.6246082

L. Laribee, D. S. Barnes, N. C. Rowe, and C. H. Martell, Analysis and Defensive Tools for Social-Engineering Attacks on Computer Systems, 2006 IEEE Information Assurance Workshop, pp.388-389, 2006.
DOI : 10.1109/IAW.2006.1652125

S. Li, Juxtapp and DStruct : Detection of Similarity Among Android Applications, Master's thesis, 2012.

B. Liu, L. Shi, Z. Cai, and M. Li, Software Vulnerability Discovery Techniques: A Survey, 2012 Fourth International Conference on Multimedia Information Networking and Security, pp.152-156, 2012.
DOI : 10.1109/MINES.2012.202

V. B. Livshits and M. S. Lam, Finding Security Vulnerabilities in Java Applications with Static Analysis, Proceedings of the 14th conference on USENIX Security Symposium SSYM'05, pp.18-18, 2005.

M. Maxim and D. Pollino, Wireless Security. The McGraw-Hill Companies, 2002.

C. Mulliner, Security of Smart Phones, 2006.

C. Mulliner, Vulnerability Analysis and Attacks on NFC-Enabled Mobile Phones, 2009 International Conference on Availability, Reliability and Security, pp.695-700, 2009.
DOI : 10.1109/ARES.2009.46

C. Mulliner and J. Seifert, Rise of the iBots: Owning a telco network, 2010 5th International Conference on Malicious and Unwanted Software, pp.71-80, 2010.
DOI : 10.1109/MALWARE.2010.5665790

M. Nagy and M. Kotocova, An IP based Security Threat in Mobile Networks, Proceedings of the 35th International Convention, pp.667-670, 2012.

M. Nita and D. Notkin, White-box approaches for improved testing and analysis of configurable software systems, 2009 31st International Conference on Software Engineering, Companion Volume, pp.307-310, 2009.
DOI : 10.1109/ICSE-COMPANION.2009.5071008

M. Nkosi and F. Mekuria, Improving the Capacity, Reliability and Life of Mobile Devices with Cloud Computing, Proceedings of the IST-Africa Conference 2011, pp.1-9, 2011.

C. Oriaku, N. Alwan, and I. A. Lami, The readiness of mobile operating systems for cloud computing services, 2012 IV International Congress on Ultra Modern Telecommunications and Control Systems, pp.49-55, 2012.
DOI : 10.1109/ICUMT.2012.6459717

X. Ou and S. Govindavajhala, Mulval : A Logic-Based Network Security Analyzer, Proceedings of the 14th USENIX Security Symposium (Usenix 2005), pp.113-128, 2005.

H. Pieterse and M. S. Olivier, Android botnets on the rise: Trends and characteristics, 2012 Information Security for South Africa, pp.1-5, 2012.
DOI : 10.1109/ISSA.2012.6320432

M. L. Polla, F. Martinelli, and D. Sgandurra, A Survey on Security for Mobile Devices, IEEE Communications Surveys & Tutorials, vol.15, issue.1, pp.446-471, 2013.
DOI : 10.1109/SURV.2012.013012.00028

A. G. Prieto and R. Stadler, A-GAP: An Adaptive Protocol for Continuous Network Monitoring with Accuracy Objectives, IEEE Transactions on Network and Service Management, vol.4, issue.1, pp.2-12, 2007.
DOI : 10.1109/TNSM.2007.030101

C. J. Rhodes and M. Nekovee, The Opportunistic Transmission of Wireless Worms between Mobile Devices. CoRR, abs/0802, 2008.

M. R. Rieback, B. Crispo, and A. Tanenbaum, RFID malware: truth vs. myth, IEEE Security & Privacy Magazine, vol.4, issue.4, pp.70-72, 2006.
DOI : 10.1109/MSP.2006.102

M. Rodriguez-martinez, J. Seguel, M. Sotomayor, J. P. Aleman, J. Rivera et al., Open911: Experiences with the Mobile Plus Cloud Paradigm, 2011 IEEE 4th International Conference on Cloud Computing, pp.606-613, 2011.
DOI : 10.1109/CLOUD.2011.96

N. Shrestha, Security Assessment via Penetration Testing : A Network and System Administrator's Approach, Master's thesis, 2012.

X. Song, M. Stinson, R. Lee, and P. Albee, A Qualitative Analysis of Privilege Escalation, 2006 IEEE International Conference on Information Reuse & Integration, pp.363-368, 2006.
DOI : 10.1109/IRI.2006.252441

D. Votipka, T. Vidas, and N. Christin, All Your Droid are Belong to Us : A Survey of Current Android Attacks, Proceedings of the 5th USENIX conference on Offensive technologies (WOOT'11), pp.10-10, 2011.

W. B. Tesfay, T. Booth, and K. Andersson, Reputation Based Security Model for Android Applications, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, pp.896-901, 2012.
DOI : 10.1109/TrustCom.2012.236

P. Traynor, M. Lin, M. Ongtang, V. Rao, T. Jaeger et al., On cellular botnets, Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, pp.223-234, 2009.
DOI : 10.1145/1653662.1653690

T. Wei, A. Jeng, H. Lee, C. Chen, and C. Tien, Android Privacy, Proceedings of the International Conference on Machine Learning and Cybernetics, pp.1830-1837, 2012.

T. Wei, C. Mao, A. Jeng, H. Lee, H. Wang et al., Android Malware Detection via a Latent Network Behavior Analysis, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, pp.1251-1258, 2012.
DOI : 10.1109/TrustCom.2012.91

Y. Wen, W. Zhang, and H. Luo, Energy-optimal mobile application execution: Taming resource-poor mobile devices with cloud clones, 2012 Proceedings IEEE INFOCOM, pp.2716-2720, 2012.
DOI : 10.1109/INFCOM.2012.6195685

D. Wu, C. Mao, T. Wei, H. Lee, and K. Wu, DroidMat: Android Malware Detection through Manifest and API Calls Tracing, 2012 Seventh Asia Joint Conference on Information Security, pp.62-69, 2012.
DOI : 10.1109/AsiaJCIS.2012.18

W. Xu, Y. Zhang, and T. Wood, The feasibility of launching and detecting jamming attacks in wireless networks, Proceedings of the 6th ACM international symposium on Mobile ad hoc networking and computing , MobiHoc '05, pp.46-57, 2005.
DOI : 10.1145/1062689.1062697

L. C. Yarter, Private cloud delivery model for supplying centralized analytics services, IBM Journal of Research and Development, vol.56, issue.6, pp.1-10
DOI : 10.1147/JRD.2012.2216331

Y. Zhou and X. Jiang, Dissecting Android Malware: Characterization and Evolution, 2012 IEEE Symposium on Security and Privacy, pp.95-109, 2012.
DOI : 10.1109/SP.2012.16
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.368.3979

N. Ziring and S. D. Quinn, Specification for the Extensible Configuration Checklist Description Format (XCCDF), 2012.
DOI : 10.6028/NIST.IR.7275