Lecture Embedded System Security
|
|
- Kory McKenzie
- 6 years ago
- Views:
Transcription
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Germany Summer Term 2011
2 Overview Introduction Android Software Stack Android Security Mechanisms Recent Attacks Security Extensions 2
3 Overview Introduction Android Software Stack Android Security Mechanisms Recent Attacks Security Extensions 3
4 Summary Smartphones and their applications have become an integral part of information society Security and privacy-protection technology is an enabler for innovative business models Recent research on mobile phone security (main focus on Android) 4
5 Trust Model Different & more complicated than PC world Mutual mistrust, resource constraints, Users Enterprises Network Providers Device Manufacturer Service Providers 5
6 Smartphones Applications Today Mobile Phone Features Interfaces GPS, WiFi, Bluetooth, Infrared Call, SMS, MP3, Video Online Services Browsing, , E-Shopping, Social Networking Location Services Navigation, Recommendation 6
7 And in Near Future: Context-Based Policies & Applications Bluetooth Discovery Bluetooth interface should only be discovered at home Requires location recognition Lend Phone Access control to sensitive data (e.g., SMS) when lending to others Requires user recognition Application Restriction in Company A company restricts the set of applications which can be used while the employee is working Requires policy enforcement by trusted third parties 7
8 Worldwide Smartphone Sales to End Users by Operating System Sold Units Q1/ Android Symbian ios Research In Motion Microsoft Other OS 0 1Q/2011 Based on Gartner Statistics (May 2011) 8
9 9
10 Threat Classification Attacks on Privacy Location, , Contacts Runtime Attacks Code Injection, Return-Oriented Programming Attack Vectors Hardware Attacks GSM Module, Base Station Malware Trojans, Viruses, Worms 10
11 11
12 Overview of selected smartphones Closed Source Sandboxing Code Signing Code Inspection Non-Executable Memory Open Source Strict Sandboxing Java Dalvik Virtual Machine Java Apps Lightweight Code Signing Permission Framework Open Source Security Framework based on Role- Based Access Control Detailed information not yet published Closed Source Apps and main part of the OS in Java End-to-End Encryption Code signing and digital certificates 12
13 Overview Introduction Android Software Stack Android Security Mechanisms Recent Attacks Security Extensions 13
14 Big Picture (Android Anatomy and Physiology, Patrick Brady) 14
15 Linux Kernel Standard Linux kernel ( for Android Froyo ) Patches for Android (e.g., aggressive Power Management, Logger, Binder) Binder: High-performance, shared memory based IPC Synchronous calls between processes Per-process thread pool for processing requests Android Interface Definition Language (AIDL) 15
16 Native Libraries C/C++ libraries Exposed to developers through the Android application framework Core libraries include: Libc (Bionic) Media libraries Surface Manager 3D libraries SQLite SSL 16
17 Android Runtime Dalvik Virtual Machine VM optimized for embedded environments Runs optimized file format.dex and Dalvik bytecode generated from Java.class/.jar files at build time Relies on underlying Linux kernel for threading and low-level memory management Core Libraries Provide most of the functionality available in the core libraries of Java Provides core APIs of Java (familiar programming environment) 17
18 Application Framework Provides developers API to basic functionalities and services (e.g., set alarms, access location information, take advantage of device HW, ) App Service (App. Framework) lib App Service (App. Framework) Native Service lib App Service (App. Framework) Native Daemon lib APIs are the same as for the core applications (e.g., Phone, Contacts, ) Activity Manager Enforces permissions on IPC ( Reference Monitor ) Responsible for starting applications Package Manager Management of Permissions and Applications 18
19 Applications Third party applications (e.g., Android Market) A number for core ( system ) applications (cannot be uninstalled) Contacts Settings Browser Components of applications Activity: User interface Service: Background service Content Provider: SQL-like database Broadcast receiver: Mailbox for broadcasted messages Applications can contain native code (C/C++ shared libraries) For simplicity, Binder-based IPC between components often called Inter- Component Communication Binder usually not exposed to native code in applications 19
20 Overview Introduction Android Software Stack Android Security Mechanisms Recent Attacks Security Extensions 20
21 Sandboxing General Idea The application sandbox specifies which system resources the application is allowed to access An attacker can only perform actions defined in the sandbox 21
22 Application Isolation by Sandboxing Each application is isolated in own sandbox Applications can access only own resources Access to sensitive resources depends on the application s capabilities ( permissions ) Sandboxing is enforced by Linux Each App is assigned a unique UserID and runs in separate process Each App has a private data folder 22
23 Android Installer: Installation of a Benign App Android Market Movie Player Download App Permissions Requested permissions are reasonable User Install 23
24 Android Installer: Installation of a Security-Critical App Android Market Malicious Movie Player Download app Permissions Why Movie Player requests permission to send SMS? User Deny install 24
25 Android Permission System Application are assigned permissions Permissions are needed to control access System resources (logs, battery, etc.) Sensitive data (SMS, contacts, s, etc.) System interfaces (Internet, send SMS, etc.) Application (developers) can also define own permissions to protect application interfaces Permissions are either Simply associated strings (most permissions) Mapped to Linux GIDs (few: Internet, Bluetooth, ext. storage, ) 25
26 The Manifest File Application App A Manifest P 1 P 2 Application Manifest P 3 App B Perm. P 2 Perm. P 3 Perm. P 1 Installer Permission Database Reference Monitor Dalvik VM Android Middleware 26
27 Permission System: Example App A is allowed to send SMS (P 1 ) App A also posses permission P 2 (e.g., access location) App B has two interfaces protected by permission P 2 and P 3 App A Perm. P 1 Perm. P 2 Perm. P 2 Perm. P 3 App B 27
28 Permission Enforcement Binder provides certain information to the callee of IPC getuid(): returns caller s UID getpid(): returns caller s PID System enforces permission check upon IPC call checkpermission(string Perm): checks if caller has been granted the permission Perm Can also be called from applications themselves 28
29 Android Permission Graph Phone Granted Permission: CALL_PHONE Core Application with many interfaces Browser Required Permission: CALL_PHONE Android Download Provider 29
30 Overview Introduction Android Software Stack Android Security Mechanisms Recent Attacks Security Extensions 30
31 31
32 Requesting dangerous permissions android.permission.internet android.permission.access_coarse_location android.permission.read_phone_state android.permission.vibrate Geinimi Trojan 2010 User has to confirm Requested permissions android.permission.internet android.permission.access_coarse_location android.permission.read_phone_state android.permission.vibrate com.android.launcher.permission.install_shortcut android.permission.access_fine_location android.permission.call_phone android.permission.mount_unmount_filesystems android.permission.read_contacts android.permission.read_sms android.permission.send_sms android.permission.set_wallpaper android.permission.write_contacts android.permission.write_external_storage com.android.browser.permission.read_history_bookmarks com.android.browser.permission.write_history_bookmarks android.permission.access_gps android.permission.access_location android.permission.restart_packages android.permission.receive_sms android.permission.write_sms 32
33 Problem Android Permission Framework is vulnerable to Application-level Privilege Escalation Attacks 33
34 Application-level Privilege Escalation Attacks Scenario 1: Confused deputy attack Unprivileged App A Privilege P1 App B A privileged program is fooled into misusing its privileges on behave of another (malicious) unprivileged program. Android Middleware Examples: 1) Invoke browser to download malicious files (Lineberry et al., BlackHat 2010) 2) Unauthorized phone call (Enck et al., TechReport 2008) 34
35 Scenario 2: Collusion attack Application-level Privilege Escalation Attacks Privilege P1 Privilege P2 App A Android Core App B Android Middleware 1) Apps communicate directly 2) Apps communicate via covert (e.g., volume settings) or overt (e.g., content providers) channels in AndroidCore Example: Soundcomber (Schlegel et al., NDSS 2011) 35
36 Breaking out of the sandbox a) IPC / RPC / Sockets (Example: Davi et al., 2010) Access control a) Kernel exploit (Example: DroidDream Trojan 2011) 36
37 Privilege Escalation on Google Android NO Permission to send SMS Java Application Native Code Exploit Bug Escalate Privileges Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Marcel Winandy Information Security Conference (ISC 2010) 37
38 Google Android: Communication with web servers without possesing INTERNET Permission 0 Permissions Malicious App 1) Ask Browser for data transfer from a remote server 2) Browser forwards request 3) Files are transmitted to SD card Android Web Browser INTERNET Permission 38
39 Google Android: Install arbitrary applications without the users knowledge Android Web Browser Permission: INSTALL_PACKAGES 1) Exploit Bug in web Browser 2) Enforce the installation of various apps 39
40 Google Android: Soundcomber: A stealthy and context-aware sound Trojan APP_B Permission: Internet APP_A Permission: Record Audio 1) Call Credit Institute 2) Credit Card Number is extracted from the speech 40
41 Soundcomber Internals Exploiting Covert Channels in Android APP_B Permission: Internet Read Android Core Application APP_A Permission: Record Audio Write Volume Setting 41
42 Application Installation What user perceives: (Jon Oberheide, 42
43 Application Installation (cont.) What actually happens: Android Device 1 Market App Install Request 2 Market Servers Google Vending 6 5 GTtalk Service INSTALL_ASSET 4 3 C2DM Service APK Hosting APK Download 43
44 Application Installation (cont.) What is the consequence: Malicious software could impersonate Market app and fake the INSTALL_ASSET Further apps could be installed without ever prompting the user to approve the Installation of new packages Permissions requested by these new packages 44
45 Overview Introduction Android Software Stack Android Security Mechanisms Recent Attacks Security Extensions 45
46 46
47 Security Extensions for Android App A Perm. P 1 App B Perm. P 2 Perm. P 3 Dalvik VM TaintDroid Porscha Mediator Reference Monitor Saint Apex CRePE XManDroid QUIRE IPC Inspection Installer Kirin Saint Apex QUIRE Android Middleware Linux Kernel Hardware SELinux 47
48 Security Extensions for Android App A Perm. P 1 App B Perm. P 2 Perm. P 3 Kirin [2009] Reference Installer Prevents the Monitor installation of Kirin malicious applications Identifies security-critical combinations of permissions at install-time Android Middleware Linux Kernel Hardware 48
49 Kirin William Enck, Machigar Ongtang, and Patrick McDaniel. On Lightweight Mobile Phone Application Certification. ACM CCS 2009 Goal Lightweight certification of applications to mitigate malware Solution Check the set of permissions requested by an application at installtime against a policy database The database contains security-critical combinations of permissions E.g., an application requesting RECORD_AUDIO, INTERNET, and CALL_PHONE indicates a voice recorder In case of a policy match Kirin denies the installation Conclusion Can be easily integrated in Android s installer and prevents most of existing malware Open Problems Policy deployment, collusion attacks, cannot catch dynamic behavior of applications, a lot of false positive (usability) 49
50 Security Extensions for Android App A Perm. P 1 App B Perm. P 2 Perm. P 3 Saint [2009] Reference Installer Apps can define Monitor flexible access Kirin control policies Saint for own Saint interfaces Privileged apps can be protected from being misused by malicious apps Android Middleware Linux Kernel Hardware 50
51 Saint Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel. Semantically Rich Application-Centric Security in Android. ACSAC 2009 Goal Provide a framework which allows applications and their interfaces from being misused Solution Saint (Secure Application INTeraction) extends Android s installer and reference monitor to meet this goal Saint allows the assignment of signature-and configuration-based policies at install-time At runtime, Saint enforces fine-grained permission checks Context Policies: State of the device (e.g., location, time, battery, etc.) Configuration: Application version of the caller and callee (e.g., only version 2.1 and higher are allowed to access an application interface) Conclusion Saint provides a sophisticated framework which allow developer to protect their applications from being exploited and misused Open Problem The developer (likely not to be interested in security) is himself responsible for deploying Saint policies 51
52 Security Extensions for Android App A Perm. P 1 App B Perm. P 2 Perm. P 3 Apex [2010] Reference Installer Android Permission Monitor Extension Kirin Fine-grained Saint permission model Saint allowing users Apex to deny certain Apex permissions Allows to specifiy runtime constraints: Maximum number of SMS per day Android Middleware Linux Kernel Hardware 52
53 Security Extensions for Android App A Perm. P 1 App B Perm. P 2 Perm. P 3 CRePE [2010] Reference Installer Context-Related Monitor Policy Enforcement Kirin for Android Saint Saint See Slide Applications Apex of Context- Apex Based Policies CRePE for application examples Android Middleware Linux Kernel Hardware 53
54 Security Extensions for Android App A Perm. P 1 App B Perm. P 2 Perm. P 3 To: App A Porscha [2010] Reference Installer Security-sensitive Monitor data (SMS, E-Kirin Mail, Documents) Saint are tagged Saint with a DRM-compliant Apex security Apex Porscha CRePE Mediator policy Only applications complying to the policy are allowed to read data Android Middleware Linux Kernel Hardware 54
55 Security Extensions for Android App A Perm. P Location 1 Data App B Perm. P 2 Perm. P 3 TaintDroid [2010] Dalvik VM Reference Installer Monitor TaintDroid Deploys dynamic taint analysis in Kirin Saint Saint order to detect unauthorized Apex Apex Porscha leakage of sensitive data CRePE Mediator Applied to real apps in Android Market, showed many of them leak sensitive data Android Middleware Linux Kernel Hardware 55
56 Security Extensions for Android App A Perm. P 1 App B Perm. P 2 Perm. P 3 SELinux for Android Dalvik VM Reference Installer Monitor TaintDroid Kirin [2010] Saint Saint Mitigates privilege Apex escalation Apex Porscha attacks at the CRePE kernel level Mediator Android Middleware Linux Kernel SELinux Hardware 56
57 Security Extensions for Android App A Perm. P 1 App B Perm. P 2 Perm. P 3 Dalvik VM Reference Installer Monitor TaintDroid Kirin Saint Saint XManDroid [2011] Apex Apex Porscha extended Monitoring on Android CRePE Mediator Prevents privilege XManDroid escalation attacks (in particular, confused deputy and collusion attacks) on the application level by monitoring IPC messages Detects also covert and overt channel attacks on Android the ICC Middleware level (e.g., Soundcomber) Linux Kernel SELinux Hardware 57
58 Security Extensions for Android App A Perm. P 1 App B Perm. P 2 Perm. P 3 Dalvik VM Reference Installer Monitor TaintDroid Kirin Saint Saint QUIRE Apex [2011] Apex Porscha Prevents confused deputy CRePE attacks by tracking the IPC Mediator call chain XManDroid Based on the IPC call QUIRE chain, applications themselves decide if the request should be processed or denied for the case the originator lacks permissions QUIRE enables secure in-payment services (PayPal, Google Checkout) Android Middleware However, QUIRE does not address collusion attacks QUIRE and is developer-centric Linux Kernel SELinux Hardware 58
59 Security Extensions for Android App A Perm. P 1 App B Perm. P 2 Perm. P 3 Dalvik VM Reference Installer Monitor TaintDroid IPC Inspection [2011] Kirin Demonstrates several Saint severe privilege Saint Apex Apex Porscha escalation attacks against Android CRePE Mediator system applications XManDroid Prevents confused deputy attacks by QUIRE permission IPC reduction: Inspection The receiving application of an ICC communication reduces its permissions to the caller s permissions Android Middleware QUIRE Linux Kernel Hardware SELinux 59
60 60
2 Lecture Embedded System Security A.-R. Darmstadt, Android Security Extensions
2 Lecture Embedded System Security A.-R. Sadeghi, @TU Darmstadt, 2011-2014 Android Security Extensions App A Perm. P 1 App B Perm. P 2 Perm. P 3 Kirin [2009] Reference Monitor Prevents the installation
More informationSTUDY OF PRIVILEGE ESCALATION ATTACK ON ANDROID AND ITS COUNTERMEASURES
STUDY OF PRIVILEGE ESCALATION ATTACK ON ANDROID AND ITS COUNTERMEASURES REJO MATHEW Department of Information Technology, NMIMS University, MPSTME, Mumbai, Maharashtra 400056, India rejo.mathew@nmims.edu
More informationQuantDroid: Quantitative Approach towards Mitigating Privilege Escalation on Android
QuantDroid: Quantitative Approach towards Mitigating Privilege Escalation on Android Tobias Markmann 1 Dennis Gessner 2 Dirk Westhoff 3 1 HAW Hamburg, Germany 2 NEC Laboratories Europe, Heidelberg, Germany
More informationSecurity Philosophy. Humans have difficulty understanding risk
Android Security Security Philosophy Humans have difficulty understanding risk Safer to assume that Most developers do not understand security Most users do not understand security Security philosophy
More informationLecture Embedded System Security Introduction to Trusted Computing
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Summer Term 2015 Roadmap: Trusted Computing Motivation Notion of trust
More informationStatic Verification of Android Security
Static Verification of Android Security Michele Bugliesi based on work with Stefano Calzavara and Alvise Spanò appeared at FORTE/FMOODS Int. Conf. 2013 Università Ca Foscari Venezia Dipartimento di Scienze
More informationFlexible and Fine- Grained Mandatory Access Control on Android for Diverse Security and Privacy Policies
Flexible and Fine- Grained Mandatory Access Control on Android for Diverse Security and Privacy Policies Sven Bugiel Joint work with Stephan Heuser and Ahmad- Reza Sadeghi Cryptography and InformaAon Security
More informationLecture 3 MOBILE PLATFORM SECURITY
Lecture 3 MOBILE PLATFORM SECURITY You will be learning: What techniques are used in mobile software platform security? What techniques are used in mobile hardware platform security? Is there a common
More informationLecture 08. Android Permissions Demystified. Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, David Wagner. Operating Systems Practical
Lecture 08 Android Permissions Demystified Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, David Wagner Operating Systems Practical 20 November, 2013 OSP Lecture 08, Android Permissions Demystified
More informationLecture Embedded System Security Introduction to Trusted Computing
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Summer Term 2012 Roadmap: Trusted Computing Motivation Notion of trust
More informationAn Effective Access Control Scheme for Preventing Permission Leak in Android
An Effective Access Control Scheme for Preventing Permission Leak in Android Longfei Wu 1, Xiaojiang Du 1, and Hongli Zhang 2 1 Department of Computer and Information Science, Temple University, Philadelphia,
More informationLecture Embedded System Security Introduction to Trusted Computing
1 Lecture Embedded System Security Introduction to Trusted Computing Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Summer Term 2017 Roadmap: Trusted Computing Motivation
More informationLecture 2 PLATFORM SECURITY IN ANDROID OS
Lecture 2 PLATFORM SECURITY IN ANDROID OS You will be learning: Android as a software platform Internals and surrounding ecosystem Security techniques in Android: Application signing Application isolation
More informationINTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY
INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK A REVIEW ON THE ARCHITECTURE OF ANDROID IN SMART PHONES RAVNEET KAUR T. BAGGA 1,
More informationIJRDTM Kailash ISBN No Vol.17 Issue
ABSTRACT ANDROID OPERATING SYSTEM : A CASE STUDY by Pankaj Research Associate, GGSIP University Android is a software stack for mobile devices that includes an operating system, middleware and key applications.
More informationAn Enhanced Security Policy Framework for Android
All rights are reserved and copyright of this manuscript belongs to the authors. This manuscript has been published without reviewing and editing as received from the authors: posting the manuscript to
More informationAndroid Overview. Most of the material in this section comes from
Android Overview Most of the material in this section comes from http://developer.android.com/guide/ Android Overview A software stack for mobile devices Developed and managed by Open Handset Alliance
More informationLecture 10. Denial of Service Attacks (cont d) Thursday 24/12/2015
Lecture 10 Denial of Service Attacks (cont d) Thursday 24/12/2015 Agenda DoS Attacks (cont d) TCP DoS attacks DNS DoS attacks DoS via route hijacking DoS at higher layers Mobile Platform Security Models
More informationLecture 1 - Introduction to Android
Lecture 1 - Introduction to Android This work is licensed under the Creative Commons Attribution 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/
More informationAnother difference is that the kernel includes only the suspend to memory mechanism, and not the suspend to hard disk, which is used on PCs.
9. Android is an open-source operating system for mobile devices. Nowadays, it has more than 1.4 billion monthly active users (statistic from September 2015) and the largest share on the mobile device
More informationThe Case for Security Enhanced (SE) Android. Stephen Smalley Trusted Systems Research National Security Agency
The Case for Security Enhanced (SE) Android Stephen Smalley Trusted Systems Research National Security Agency Background / Motivation Increasing desire to use mobile devices throughout the US government.
More informationTowards a Systematic Study of the Covert Channel Attacks in Smartphones
Towards a Systematic Study of the Covert Channel Attacks in Smartphones Swarup Chandra 1, Zhiqiang Lin 1, Ashish Kundu 2, and Latifur Khan 1 1 University of Texas at Dallas, Richardson, TX, USA {swarup.chandra,zhiqiang.lin,lkhan}@utdallas.edu
More informationAndroid Internals and the Dalvik VM!
Android Internals and the Dalvik VM! Adam Champion, Andy Pyles, Boxuan Gu! Derived in part from presentations by Patrick Brady, Dan Bornstein, and Dan Morrill from Google (http://source.android.com/documentation)!
More informationSHWETANK KUMAR GUPTA Only For Education Purpose
Introduction Android: INTERVIEW QUESTION AND ANSWER Android is an operating system for mobile devices that includes middleware and key applications, and uses a modified version of the Linux kernel. It
More informationApplications Mobiles et Internet des Objets Introduction a l architecture d Android
Applications Mobiles et Internet des Objets Introduction a l architecture d Android Thibault CHOLEZ - thibault.cholez@loria.fr TELECOM Nancy - Universite de Lorraine LORIA - INRIA Nancy Grand-Est From
More informationAndroid App Development. Muhammad Sharjeel COMSATS Institute of Information Technology, Lahore
Android App Development Muhammad Sharjeel COMSATS Institute of Information Technology, Lahore Mobile devices (e.g., smartphone, tablet PCs, etc.) are increasingly becoming an essential part of human life
More informationMiddleware MAC for Android. Stephen Smalley Trusted Systems Research National Security Agency
Middleware MAC for Android Stephen Smalley Trusted Systems Research National Security Agency Motivation Many attacks on Android can occur entirely at the middleware layer. Not directly visible to kernel
More informationVirtualSwindle: An Automated Attack Against In-App Billing on Android
Northeastern University Systems Security Lab VirtualSwindle: An Automated Attack Against In-App Billing on Android ASIACCS 2014 Collin Mulliner, William Robertson, Engin Kirda {crm,wkr,ek}[at]ccs.neu.edu
More informationIntroduction. Lecture 1. Operating Systems Practical. 5 October 2016
Introduction Lecture 1 Operating Systems Practical 5 October 2016 This work is licensed under the Creative Commons Attribution 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/.
More informationCh 1: The Mobile Risk Ecosystem. CNIT 128: Hacking Mobile Devices. Updated
Ch 1: The Mobile Risk Ecosystem CNIT 128: Hacking Mobile Devices Updated 1-12-16 The Mobile Ecosystem Popularity of Mobile Devices Insecurity of Mobile Devices The Mobile Risk Model Mobile Network Architecture
More informationInteroperation of tasks
Operating systems (vimia219) Interoperation of tasks Tamás Kovácsházy, PhD 4 th topic, Implementation of tasks, processes and threads Budapest University of Technology and Economics Department of Measurement
More informationApex: Extending Android Permission Model and Enforcement with User-defined Runtime Constraints
Apex: Extending Android Permission Model and Enforcement with User-defined Runtime Constraints Mohammad Nauman Institute of Management Sciences, Pakistan nauman@imsciences.edu.pk Sohail Khan School of
More informationLecture 1 Introduction to Android. App Development for Mobile Devices. App Development for Mobile Devices. Announcement.
CSCE 315: Android Lectures (1/2) Dr. Jaerock Kwon App Development for Mobile Devices Jaerock Kwon, Ph.D. Assistant Professor in Computer Engineering App Development for Mobile Devices Jaerock Kwon, Ph.D.
More informationAndroid Malware: they divide, we conquer
Android Malware: they divide, we conquer Igor Muttik *, Irina Mariuca Asavoae ** J. Blasco ***, T.M. Chen ***, H.K. Kalutarage *****, H.N. Nguyen ****, M. Roggenbach **, S.A. Shaikh **** * - Intel Security;
More informationAndroid - open source mobile platform
Android - open source mobile platform Alexander Schreiber http://www.thangorodrim.de/ Chemnitzer Linux-Tage 2009 Alexander Schreiber Android - open source mobile
More informationCSCI 420: Mobile Application Security. Lecture 7. Prof. Adwait Nadkarni. Derived from slides by William Enck, Patrick McDaniel and Trent Jaeger
CSCI 420: Mobile Application Security Lecture 7 Prof. Adwait Nadkarni Derived from slides by William Enck, Patrick McDaniel and Trent Jaeger 1 cryptography < security Cryptography isn't the solution to
More informationThreat Modeling. Bart De Win Secure Application Development Course, Credits to
Threat Modeling Bart De Win bart.dewin@ascure.com Secure Application Development Course, 2009 Credits to Frank Piessens (KUL) for the slides 2 1 Overview Introduction Key Concepts Threats, Vulnerabilities,
More informationEnforcing Multiple Security Policies for Android System*
2nd International Symposium on Computer, Communication, Control and Automation (3CA 2013) Enforcing Multiple Security Policies for System* Tao Guo guotao@itsec.gov.cn Puhan Zhang zhangph2008@gmail.com
More informationMOBILE THREAT LANDSCAPE. February 2018
MOBILE THREAT LANDSCAPE February 2018 WHERE DO MOBILE THREATS COME FROM? In 2017, mobile applications have been a target of choice for hackers to access and steal data, with 86% of mobile threats coming
More informationCSE 484 / CSE M 584: Computer Security and Privacy. Anonymity Mobile. Autumn Tadayoshi (Yoshi) Kohno
CSE 484 / CSE M 584: Computer Security and Privacy Anonymity Mobile Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Ada Lerner, John Manferdelli,
More informationCSE 544 Advanced Systems Security
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA CSE 544 Advanced Systems
More informationAn Introduction to Android. Jason Chen Developer Advocate Google I/O 2008
An Introduction to Android Jason Chen Developer Advocate Google I/O 2008 Background What is Android? Latest News 4,000,000,000 Internet and Mobile Phone Users, Worldwide 3,000,000,000 2,000,000,000 1,000,000,000
More informationios vs Android By: Group 2
ios vs Android By: Group 2 The ios System Memory Section A43972 Delta Core OS Layer Core Services Layer Media Layer CoCoa Touch Layer Memory Section A43972 Delta Aaron Josephs Core OS Layer - Core OS has
More informationPAPER ON ANDROID ESWAR COLLEGE OF ENGINEERING SUBMITTED BY:
PAPER ON ANDROID ESWAR COLLEGE OF ENGINEERING SUBMITTED BY: K.VENU 10JE1A0555 Venu0555@gmail.com B.POTHURAJU 10JE1A0428 eswr10je1a0410@gmail.com ABSTRACT early prototypes, basic building blocks of an android
More informationStephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, Marcel Winandy. ACM CCS 2010, Chicago, USA
Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, Marcel Winandy ACM CCS 2010, Chicago, USA Ad hoc defense against code injection: W X DEP Code injection unnecessary
More informationMandatory Access Control for the Android Dalvik Virtual Machine
Mandatory Access Control for the Android Dalvik Virtual Machine Aline Bousquet 1, Jérémy Briffaut 1, Laurent Clevy 2, Christian Toinard 1, Benjamin Venelle 2 1 LIFO - ENSI de Bourges - first.last@ensi-bourges.fr
More informationID: Sample Name: SMS_MMS_1.0_1.apk Cookbook: defaultandroidfilecookbook.jbs Time: 14:20:20 Date: 01/12/2017 Version:
ID: 38864 Sample Name: SMS_MMS_1.0_1.apk Cookbook: defaultandroidfilecookbook.jbs Time: 14:20:20 Date: 01/12/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information
More informationKratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework
Kratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework Yuru Shao, Jason Ott, Qi Alfred Chen, Zhiyun Qian, Z. Morley Mao University of Michigan, University of California Riverside
More information6.858 Quiz 2 Review. Android Security. Haogang Chen Nov 24, 2014
6.858 Quiz 2 Review Android Security Haogang Chen Nov 24, 2014 1 Security layers Layer Role Reference Monitor Mandatory Access Control (MAC) for RPC: enforce access control policy for shared resources
More informationThe Pennsylvania State University. The Graduate School. Department of Computer Science and Engineering. A Thesis in. Computer Science and Engineering
The Pennsylvania State University The Graduate School Department of Computer Science and Engineering DESIGN AND IMPLEMENTATION OF OVER-THE-AIR PARENTAL CONTROL FOR SMARTPHONES A Thesis in Computer Science
More informationChapter 1 Hello, Android
Chapter 1 Hello, Android OPEN HANDSET ALLIANCE OPEN HANDSET ALLIANCE OPEN HANDSET ALLIANCE A commitment to openness, a shared vision for the future, and concrete plans to make the vision a reality. To
More informationSecuring Today s Mobile Workforce
WHITE PAPER Securing Today s Mobile Workforce Secure and Manage Mobile Devices and Users with Total Defense Mobile Security Table of Contents Executive Summary..................................................................................
More informationPractical Attack Scenarios on Secure Element-enabled Mobile Devices
Practical Attack Scenarios on Secure Element-enabled Mobile Devices Michael Roland University it of Applied Sciences Upper Austria,, Austria 4 th International Workshop on Near Field Communication 13 March
More informationLast time. Security Policies and Models. Trusted Operating System Design. Bell La-Padula and Biba Security Models Information Flow Control
Last time Security Policies and Models Bell La-Padula and Biba Security Models Information Flow Control Trusted Operating System Design Design Elements Security Features 10-1 This time Trusted Operating
More informationMobile Devices prioritize User Experience
Mobile Security 1 Uniqueness of Mobile Mobile Devices are Shared More Often Mobile Devices are Used in More Locations Mobile Devices prioritize User Experience Mobile Devices have multiple personas Mobile
More informationOffense & Defense in IoT World. Samuel Lv Keen Security Lab, Tencent
Offense & Defense in IoT World Samuel Lv Keen Security Lab, Tencent Keen Security Lab of Tencent Wide coverage of software and hardware security research Mainstream PC & Mobile Operating Systems Mainstream
More informationAndroid Analysis Tools. Yuan Tian
Android Analysis Tools Yuan Tian Malware are more creative: XcodeGhost More than 300 a pps are infected, including wechat and netease Collect device ID, Apple ID and p assword 10/3/15 CMU Mobile Security
More informationLecture 3 Android Internals
Lecture 3 Android Internals This work is licensed under the Creative Commons Attribution 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/ or
More informationComparative Analysis of Smartphone Operating system Android Apple ios and Windows
Comparative Analysis of Smartphone Operating system Android Apple ios and Windows Ankit Tiwari Computer Science, Sachdeva Institute of Technology Mathura (India) ABSTRACT A smart phone is a mobile phone
More informationAn Android runtime security policy enforcement framework
Pers Ubiquit Comput (2012) 16:631 641 DOI 10.1007/s00779-011-0437-6 ORIGINAL ARTICLE An Android runtime security policy enforcement framework Hammad Banuri Masoom Alam Shahryar Khan Jawad Manzoor Bahar
More informationMobile and Ubiquitous Computing: Android Programming (part 1)
Mobile and Ubiquitous Computing: Android Programming (part 1) Master studies, Winter 2015/2016 Dr Veljko Pejović Veljko.Pejovic@fri.uni-lj.si The World of Android The Android Platform A mobile operating
More informationAccess Control for Plugins in Cordova-based Hybrid Applications
2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising
More informationSecurity policies and access control
Security policies and access control (continued) Chaire Informatique et sciences numériques Collège de France, cours du 23 mars 2011 Access control and programs Programs everywhere! Principal Do operation
More informationMobile Middleware Course. Mobile Platforms and Middleware. Sasu Tarkoma
Mobile Middleware Course Mobile Platforms and Middleware Sasu Tarkoma Role of Software and Algorithms Software has an increasingly important role in mobile devices Increase in device capabilities Interaction
More informationMobile Platform Security Architectures A perspective on their evolution
Mobile Platform Security Architectures A perspective on their evolution N. Asokan CARDIS 2012 Graz, Austria November 29, 2012 1 NA, KKo, JEE, Nokia Resarch Center 2011-2012 Introduction Recent interest
More informationID: Sample Name: badoo.apk Cookbook: defaultandroidfilecookbook.jbs Time: 12:51:18 Date: 29/05/2018 Version:
ID: 61542 Sample Name: badoo.apk Cookbook: defaultandroidfilecookbook.jbs Time: 12:51:18 Date: 29/05/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information
More informationRethinking Permission Enforcement Mechanism on Mobile Systems
Rethinking Permission Enforcement Mechanism on Mobile Systems Yuan Zhang, Min Yang, Guofei Gu, and Hao Chen Abstract To protect sensitive resources from unauthorized use, modern mobile systems, such as
More informationGoogle on BeyondCorp: Empowering employees with security for the cloud era
SESSION ID: EXP-F02 Google on BeyondCorp: Empowering employees with security for the cloud era Jennifer Lin Director, Product Management, Security & Privacy Google Cloud What is BeyondCorp? Enterprise
More informationInvestigation of taint analysis for Smartphone-implicit taint detection and privacy leakage detection
Hou et al. EURASIP Journal on Wireless Communications and Networking (2016) 2016:227 DOI 10.1186/s13638-016-0711-4 RESEARCH Investigation of taint analysis for Smartphone-implicit taint detection and privacy
More informationCIS 5373 Systems Security
CIS 5373 Systems Security Topic 3.1: OS Security Basics of secure design Endadul Hoque Slide Acknowledgment Contents are based on slides from Ninghui Li (Purdue), John Mitchell (Stanford), Dan Boneh (Stanford)
More informationThe Attacker s POV Hacking Mobile Apps. in Your Enterprise to Reveal Real Vulns and Protect the Business. Tony Ramirez
The Attacker s POV Hacking Mobile Apps in Your Enterprise to Reveal Real Vulns and Protect the Business Tony Ramirez AGENDA & SPEAKERS Introduction Attacks on Mobile Live Demo Recommendations Q&A Tony
More informationFile Synchronization using API Google Drive on Android Operating System
File Synchronization using API Google Drive on Android Operating System Agustinus Noertjahyana, Kevin Darmawan, Justinus Andjarwirawan Informatics Engineering Department Petra Christian University Surabaya,
More informationLaying a Secure Foundation for Mobile Devices. Stephen Smalley Trusted Systems Research National Security Agency
Laying a Secure Foundation for Mobile Devices Stephen Smalley Trusted Systems Research National Security Agency Trusted Systems Research Conduct and sponsor research to provide information assurance for
More informationInject malicious code Call any library functions Modify the original code
Inject malicious code Call any library functions Modify the original code 2 Sadeghi, Davi TU Darmstadt 2012 Secure, Trusted, and Trustworthy Computing Chapter 6: Runtime Attacks 2 3 Sadeghi, Davi TU Darmstadt
More informationMobile Device and Platform Security Part II
CS 155 Spring 2018 Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security Introduction: platforms and trends Threat categories Physical, platform malware, malicious apps
More informationOld, New, Borrowed, Blue: A Perspective on the Evolution of Mobile Platform Security Architectures
Old, New, Borrowed, Blue: A Perspective on the Evolution of Mobile Platform Security Architectures N. Asokan ACM CODASPY 11 Joint work with Kari Kostiainen, Elena Reshetova, Jan-Erik Ekberg Feb 22, 2011
More informationSurvey of Cyber Moving Targets. Presented By Sharani Sankaran
Survey of Cyber Moving Targets Presented By Sharani Sankaran Moving Target Defense A cyber moving target technique refers to any technique that attempts to defend a system and increase the complexity of
More informationAndroid Based Business Card Scanner: An OCR Based Approach
Android Based Business Card Scanner: An OCR Based Approach Prof. Kaushal Patel 1, Prof. Amit Choksi 2 Department of Electronics & Telecommunication Engineering, Birla Vishvakarma Mahavidyalaya engineering
More informationAndroid OS. Operating System based on Linux [ ] [Jonas Teuscher, Alex Cuordileone, Cédric Glaus]
1 Android OS Operating System based on Linux [24-02-16] [Jonas Teuscher, Alex Cuordileone, Cédric Glaus] 1 https://www.androidpit.com/android-marshmallow-update-overview-for-smartphones-and-tablets 2 https://blog.idrsolutions.com/2014/12/android-apps-ide-for-java-coder-programmers/
More informationUranine: Real-time Privacy Leakage Monitoring without System Modification for Android
Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android Vaibhav Rastogi 1, Zhengyang Qu 2, Jedidiah McClurg 3, Yinzhi Cao 4, and Yan Chen 2 1 University of Wisconsin and Pennsylvania
More informationCuriousDroid: Automated User Interface Interaction for Android Application Analysis Sandboxes
CuriousDroid: Automated User Interface Interaction for Android Application Analysis Sandboxes Patrick Carter, Collin Mulliner, Martina Lindorfer, William Robertson, Engin Kirda 02/23/2016 Android 2015
More informationInfrastructure Middleware (Part 3): Android Runtime Core & Native Libraries
Infrastructure Middleware (Part 3): Android Runtime Core & Native Libraries Douglas C. Schmidt d.schmidt@vanderbilt.edu www.dre.vanderbilt.edu/~schmidt Institute for Software Integrated Systems Vanderbilt
More informationCopyright 2011 Trend Micro Inc.
Copyright 2011 Trend Micro Inc. 2008Q1 2008Q2 2008Q3 2008Q4 2009Q1 2009Q2 2009Q3 2009Q4 2010Q1 2010Q2 2010Q3 2010Q4 2011Q1 2011Q2 2011Q3 2011Q4 M'JPY Cloud Security revenue Q to Q Growth DeepSecurity/Hosted/CPVM/IDF
More informationC1: Define Security Requirements
OWASP Top 10 Proactive Controls IEEE Top 10 Software Security Design Flaws OWASP Top 10 Vulnerabilities Mitigated OWASP Mobile Top 10 Vulnerabilities Mitigated C1: Define Security Requirements A security
More informationAdvanced Systems Security: Ordinary Operating Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationAndroid System Architecture. Android Application Fundamentals. Applications in Android. Apps in the Android OS. Program Model 8/31/2015
Android System Architecture Android Application Fundamentals Applications in Android All source code, resources, and data are compiled into a single archive file. The file uses the.apk suffix and is used
More informationLecture 9. PSiOS: Bring Your Own Privacy & Security to ios Devices. Tim Werthmann, Ralf Hund, Lucas Davi, Ahmad-Reza Sadeghi and Thorsten Holz
Lecture 9 PSiOS: Bring Your Own Privacy & Security to ios Devices Tim Werthmann, Ralf Hund, Lucas Davi, Ahmad-Reza Sadeghi and Thorsten Holz Operating Systems Practical December 3, 2014 OSP Lecture 9,
More informationDELDroid: Determination & Enforcement of Least Privilege Architecture in AnDroid
DELDroid: Determination & Enforcement of Least Privilege Architecture in AnDroid Mahmoud Hammad Software Engineering Ph.D. Candidate Mahmoud Hammad, Hamid Bagheri, and Sam Malek IEEE International Conference
More informationGOOGLE S Android has dominated smart phone operating
INTL JOURNAL OF ELECTRONICS AND TELECOMMUNICATIONS, 2015, VOL. 61, NO. 4, PP. 311 320 Manuscript received October 10, 2015; revised December, 2015. DOI: 10.1515/eletel-2015-0040 An Android Security Policy
More informationSecurity and Authentication
Security and Authentication Authentication and Security A major problem with computer communication Trust Who is sending you those bits What they allow to do in your system 2 Authentication In distributed
More informationSymantec Endpoint Protection Family Feature Comparison
Symantec Endpoint Protection Family Feature Comparison SEP SBE SEP Cloud SEP Cloud SEP 14.2 Device Protection Laptop, Laptop Laptop, Tablet Laptop Tablet & & Smartphone Smartphone Meter Per Device Per
More informationOS Security III: Sandbox and SFI
1 OS Security III: Sandbox and SFI Chengyu Song Slides modified from Dawn Song 2 Administrivia Lab2 VMs on lab machine Extension? 3 Users and processes FACT: although ACLs use users as subject, the OS
More informationSecurity Architecture
Security Architecture We ve been looking at how particular applications are secured We need to secure not just a few particular applications, but many applications, running on separate machines We need
More informationQuick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.
Quick Heal Total Security for Android Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping. Product Highlights Complete protection for your Android device that
More informationSMART DEVICES: DO THEY RESPECT YOUR PRIVACY?
SMART DEVICES: DO THEY RESPECT YOUR PRIVACY? Systems and Mobile Research Lab, Department of Computer Science and Engineering INDIAN INSTITUTE OF TECHNOLOGY KHARAGPUR Presenter: Sandip Chakraborty sandipc@cse.iitkgp.ac.in
More informationFirefox OS App Days. Overview and High Level Architecture. Author: José M. Cantera Last update: March 2013 TELEFÓNICA I+D
Firefox OS App Days Overview and High Level Architecture Author: José M. Cantera (@jmcantera) Last update: March 2013 TELEFÓNICA I+D 1 Introduction What is Firefox OS? A new mobile open OS fully based
More informationDesign and Implementation of a Fine-grained Resource Usage Model for the Android Platform
440 The International Arab Journal of Information Technology, Vol. 8, No. 4, October 2011 Design and Implementation of a Fine-grained Resource Usage Model for the Android Platform Mohammad Nauman 1 and
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by behavior-based threat detection and intelligent automation.
More informationMobile development initiation
Mobile development initiation Outline Mobile development: o Why? o How? o New issues Android ios 2 Mobile growth ¼ Internet access Sales of smartphones and tablets increase o + 70% tab Community 3 Why
More informationIdentity-based Access Control
Identity-based Access Control The kind of access control familiar from operating systems like Unix or Windows based on user identities This model originated in closed organisations ( enterprises ) like
More information