A kernel is the core of the operating system. It is what allow the user space to access hardware components, from disk to physical connections
(ex: graphic cards)
and memory.
Android kernel is based on Linux Kernel.
Syscalls, also known as Software interrupts and Supervisor calls are special arch-dependent instructions that switch the previlledge! They are an interface, or bridge between kernel space and user space. In short, they allow the user code to interact with the os/kernel so it can access different components of the system, including hardware components.
A process is any instance created by a Program. On Android, every application is a process. A process can create child processes/threads. The Kernel ensures that every process cannot access another's memory, unless you create a child from parent process or a thread (which you can manage too.)
Android starts a normal process then parses AndroidManifest.xml from our APK and looks for main class of the app, then it executes it (compiled java code, located usually into classes.dex). The code is executed using ART (Android Runtime).
While you can obfuscate Java to make it harder for a hacker, even encrypt the DEX and decrypt it at runtime, a hacker will have to deal with less methods than you could have added with native code, where you have almost unlimited control over what is happening.
Apple tries to make it harder for hackers to accomplish what they need without jailbreak, but their restrictions also makes it harder for developers to protect their code, especially the memory restrictions (ex: you can't give executable permission to a dynamic library, some system calls are blocked, etc..)
