A Presentation on Paper:

Slides:



Advertisements
Similar presentations
Mobile Security Guide Matt Scofield, Eric Samson, Cong Le.
Advertisements

Syracuse University, New York, USA
Dissecting Android Malware : Characterization and Evolution
Chromium OS Chase Rogers. User Interface Unobtrusive Use small amount of screen space Combine apps and web pages into one tab strip Floating Windows Search.
By : Versha Thakur Shravani Aishwarya
Automated Remote Repair for Mobile Malware Yacin Nadji, Jonathon Giffin, Patrick Traynor Georgia Institute of Technology ACSAC’ 11.
Android Malware Characterisaion. Android Under Attack Android Malware is on the rise In 2012 malware presence has increased by 580% compared to the same.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.
A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID David Barrera, H. Güne¸s Kayacık, P.C. van Oorschot,
System and Network Security Practices COEN 351 E-Commerce Security.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.
Case study 2 Android – Mobile OS.
Android Security What is out there? Waqar Aziz. Android Market Share - I 2.
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
Presentation By Deepak Katta
A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID.
 Security and Smartphones By Parker Moore. The Smartphone Takeover  Half of mobile phone subscribers in the United States have a smartphone.  An estimated.
All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영
Is Your Mobile App Secure. DEF CON 23 Wall of Sheep Sat
Week #7 Objectives: Secure Windows 7 Desktop
ANDROID Presented By Mastan Vali.SK. © artesis 2008 | 2 1. Introduction 2. Platform 3. Software development 4. Advantages Main topics.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
Android Security Auditing Slides and projects at samsclass.info.
ADV. NETWORK SECURITY CODY WATSON What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protections of External Resources.
Android Security Model that Provide a Base Operating System Presented: Hayder Abdulhameed.
Android Security Extensions. Android Security Model Main objective is simplicity Users should not be bothered Does the user care? Most do not care…until.
ANDROID BY:-AANCHAL MEHTA MNW-880-2K11. Introduction to Android Open software platform for mobile development A complete stack – OS, Middleware, Applications.
RootKit By Parrag Mehta OUTLINE What is a RootKit ? Installation Types How do RootKits work ? Detection Removal Prevention Conclusion References.
M. Alexander Helen J. Wang Yunxin Liu Microsoft Research 1 Presented by Zhaoliang Duan.
Arpit Jain Mtech2. Outline Introduction Attacks Solution Experimental Evaluation References.
Slides and projects at samsclass.info. Adding Trojans to Apps Slides and projects at samsclass.info.
Speaker: Xiaojiang Du Authors: Xiali Hei, Xiaojiang Du and Shan Lin Temple University.
Rooting By Rajan. Topics What is rooting? Different ways to root your phone? Advantages and disadvantages.
“Google Chrome OS is an open source, lightweight operating system that will initially be targeted at netbooks" and "most of the user experience takes.
Secure Boot.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Mobile Security Tom Taylor. Roadmap Security Risks Security Risks Examples of Attacks Examples of Attacks Personal Protection Personal Protection Business.
1 Get All Answers Get All Answers. Contents History of Android Android Fragmentation The Role of Google Features and Architecture Android Software Development.
By Collin Donaldson.   In conventional OS architectures, the user accesses the OS via an account that has certain privileges (admin, guest). They can.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
BareDroid Presenter: Callan Christophersen. What is BareDroid BareDroid is a system to analyse Android apps on real devices with no emulation. It uses.
What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources Literature by S. Demetriou et al. Presented.
Mobile device security Practical advice on how to keep your mobile device and the data on it safe.
How to root Android Phone and Tablet for free and safe.
ANDROID ACCESS CONTROL Presented by: Justin Williams Masters of Computer Science Candidate.
Android’s Malware Attack, Stealthiness and Defense: An Improvement Mohammad Ali, Humayun Ali and Zahid Anwar 2011 Frontiers of Information Technology.
Module 51 (Mobile Device Fundamentals - Android)
Mobile Hacking - Fundamentals
Firmware threat Dhaval Chauhan MIS 534.
Operating System Security
WELCOME Mobile Applications Testing
Security+ All-In-One Edition Chapter 1 – General Security Concepts
Protecting Memory What is there to protect in memory?
Protecting Memory What is there to protect in memory?
Rooting Android Created By : Mayank Talwar.
Onno W. Purbo Cracking Techniques Onno W. Purbo
WELCOME Mobile Applications Testing
Outline Introduction Characteristics of intrusion detection systems
Security of Mobile Operating Systems
Introduction to Computers
Local Administrator Rights
Implementing Client Security on Windows 2000 and Windows XP Level 150
IS4680 Security Auditing for Compliance
BACHELOR’S THESIS DEFENSE
Severity and Exploitability Index
Cybersecurity and Cyberhygiene
Convergence IT Services Pvt. Ltd
Chapter 10. Mobile Device Security
Presentation transcript:

A Presentation on Paper: All Your Droid Are Belong To Us: A Survey of Current Android Attacks Original Paper by Presented by Timothy Vidas ECE/CyLab Carnegie Mellon University Daniel Votipka INI/CyLab Carnegie Mellon University Nicolas Christin INI/CyLab Carnegie Mellon University Tropa Mahmood BUET

Outline Introduction Android Security Model Security Model Analysis Attack Taxonomy Possible Mitigations

Introduction Adoption of smartphones has increased Nearly 70% of cell phones sold are smartphones Ubiquity of the market Devices are faster, more connected, and always on Smartphones hold sensitive user information Banking Information Current Location

Introduction Major smartphones use a managed model of service Google and Carrier control administration Closer to corporate-­‐managed devices than personal machines Managers control security instead of user

Android Security Model Android was designed with security in mind Sandboxes applications Apps can only access their own data Apps divided through privilege separation System resources accessed through permissions

Permission Model Applications require explicit permission from users at install time Intended to prevent unwanted access to user data

Android Market Un-­‐moderated Market Users flag applications Remote Kill

Security Model Analysis

Android Permissions Hard for user to understand – ACCESS_SURFACE_FLICKER and BIND_APPWIDGET Permissions can be too general Unexpected consequences

RECEIVE_SMS Malicious apps can take advantage of permissions 10

RECEIVE_SMS Malicious apps can take advantage of permissions

Patch Cycle Not Android Specific Android Specific Vulnerability Discovered Component Patch Available Manufacturer Releases Patch D E User Applies Patch A B C F G Vulnerability Disclosed Google Releases Patch Carrier Releases Patch Exploit Window

Patch Cycle OS Version Google X Droid X HTC Legend X X Samsung Captivate X X X myTouch 3G Samsung Fascinate 2.2 (Froyo) X Motorola Droid HTC Evo 5/10 6/10 7/10 8/10 9/10 10/10 11/10 12/10 1/11 2/11 3/11 4/11 Time

Patch Cycle Attacks stay viable longer Attackers can build exploits through analysis of early updating devices

Trusted USB Connection Android Debug Bridge (ADB) developer tool Gives access to interactive shell Allows developer to push applications directly to the device ADB doesn’t require authentication Attacker can use ADB to bypass Android Market

Recovery Mode Circumvents standard boot partition Allows user to recover from “bricked” phone Attacker can use to install malicious image

Uniform Privilege Separation Security tools typically require root access Android restricts all apps the same

Attack Classes

Unprivileged Access Operate within the permission system Foreground Background Current Location Spam

Unprivileged Access pjapps (aka Andr) Geinimi FakePlayer DroidDream Bgserv Ggtracker Hipposms YZHCSMS HTCFakepatch GoldDream DroidKungFu DroidKungFu2 jSMSHider BaseBridge DroidDreamLight EndOfDays Zsone zitmo (aka zues) 20

Remote Exploitation RootStrap Attack* Foreground Background Privilege Escalation Exploit *Jon Oberheide, In SummerCon, 2010

Remote Exploitation Legitimate Rooting Applications WebKit Vulnerabilities* *CANVAS 6.65, www.immunityinc.com/

Physical Access With ADB Enabled

Physical Access with ADB Enabled Super One-­‐Click desktop application Minimal device modification – Hard for non-­‐rooted devices to detect

Recovery Mode Create a custom recovery image to gain root access Bypass authentication by using the recovery mode

Recovery Mode Does not rely on a kernel exploit Large footprint, but simple to cover your tracks

Attack Chart No Physical Access No Privileged Access Needed Not Obstructed Privileged Access Needed Obstructed No Privileged ADB Enabled ADB Not Enabled Recovery Mode Access Needed Unprivileged Access Remote Exploitation Privileged Access Needed ADB Attack

Attack Chart No Physical Access No Privileged Access Needed Not Obstructed Privileged Access Needed Obstructed No Privileged ADB Enabled ADB Not Enabled Recovery Mode Access Needed Unprivileged Access Remote Exploitation Privileged Access Needed ADB Attack

Attack Chart No Physical Access No Privileged Access Needed Not Obstructed Privileged Access Needed Obstructed No Privileged ADB Enabled ADB Not Enabled Recovery Mode Access Needed Unprivileged Access Remote Exploitation Privileged Access Needed ADB Attack

Attack Chart No Physical Access No Privileged Access Needed Not Obstructed Privileged Access Needed Obstructed No Privileged ADB Enabled ADB Not Enabled Recovery Mode Access Needed Unprivileged Access Remote Exploitation Privileged Access Needed ADB Attack 30

Possible Mitigations

Reduce Patch Cycle Length Google produces patches relatively quickly Separate manufacturer modifications from core of Android

Adjusted Permission Model Hierarchical permissions INTERNET BANKING ADVERTISING secondbank.eu bigbank.com myad.com adco.com Would require a re-­‐structuring of the permission model Barrera et al, In ACM Conference on Computer and Communications Security, 2010

Adjusted Permission Model Check requested rules for possible malicious combinations Notify User Rule Checker Install Enck et al, In ACM Conference on Computer and Communications Security, 2009

Adjusted Application Privilege Two classes of applications: Standard Applications – Same privileges and rights as current apps. Privileged Applications – Root privileges, but must under-­‐go a moderated review before publication Allows the user to trust some apps that watch the others

Leverage Existing Technology Port operating system concepts such as SELinux, ASLR, or Firewalls to the Android kernel. Implement something similar to TaintDroid* framework to give real-­‐time information on permission usage Processing costs must be considered *Enck et al, In Proceedings of OSDI, 2010

Additional Authentication Require user credentials to install an Application Currently done on the iPhone Require authentication for ADB tool Removes backdoor around locking mechanism

Trusted Platform Module Provides ground truth for device security Mitigates recovery image attack

Conclusion 100M Android Devices sold 500,000 devices activated every day

Conclusion 100M Android Devices sold 500,000 devices activated every day

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.