AUDACIOUS: USER DRIVEN ACCESS CONTROL WITH UNMODIFIED OPERATING SYSTEM

Slides:

Advertisements

Similar presentations

Operating System Security

Advertisements

Java Applet Security Diana Dong CS 265 Spring 2004.

CMSC 414 Computer (and Network) Security Lecture 13 Jonathan Katz.

Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.

Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.

Fundamentals of Computer Security Geetika Sharma Fall 2008.

Bending Binary Programs to your Will Rajeev Barua.

Building Secure Software Chapter 9 Race Conditions.

Applied Software Project Management Andrew Stellman & Jennifer Greene Applied Software Project Management Applied Software.

Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.

Efficient Privilege De-Escalation for Ad Libraries in Mobile Apps Bin Liu (SRA), Bin Liu (CMU), Hongxia Jin (SRA), Ramesh Govindan (USC)

Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.

Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.

1 BTEC HNC Systems Support Castle College 2007/8 Systems Analysis Lecture 9 Introduction to Design.

APKInspector -Static Analysis of Android Applications Student: Yuan Tian Mentor: Cong Zheng Backup Mentor: Anthony Kara Jianwei 08/22/2012.

Integrity Through Mediated Interfaces PI Meeting: Feb 22-23, 2000 Bob Balzer Information Sciences Institute Legend: Changes from previous.

1 Lecture 4: Threads Operating System Fall Contents Overview: Processes & Threads Benefits of Threads Thread State and Operations User Thread.

Developing Security Mobile Applications for Android Presenter, Joel Elixson Author, Jesse Burns of iSEC Partners.

Lecture 7 Integrity & Veracity UFCE8K-15-M: Data Management.

Securing Embedded User Interfaces: Android and Beyond Franziska Roesner and Tadayoshi Kohno University of Washington Mohamed Grissa A presentation of USENIX.

CSC-682 Cryptography & Computer Security Sound and Precise Analysis of Web Applications for Injection Vulnerabilities Pompi Rotaru Based on an article.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

G53SEC 1 Reference Monitors Enforcement of Access Control.

Grace. M, Zhou. Y, Shilong. Z, Jiang. X.  RiskRanker analyses the paths within an android application  Potentially malicious security risks are flagged.

M. Alexander Helen J. Wang Yunxin Liu Microsoft Research 1 Presented by Zhaoliang Duan.

Wireless and Mobile Security

Processes and Virtual Memory

Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion.

Dilip Dwarakanath.  The topic I’m about to present was taken from a paper titled “Apple iOS 4 Security Evaluation” written by Dino A Dai Zovi.  Dino.

VMM Based Rootkit Detection on Android

Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.

PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.

DeepDroid Dynamically Enforcing Enterprise Policy Manwoong (Andy) Choi

“What the is That? Deception and Countermeasures in the Android User Interface” Presented by Luke Moors.

INFORMATION-FLOW ANALYSIS OF ANDROID APPLICATIONS IN DROIDSAFE JARED YOUNG.

Computer Security: Chapter 5 Operating Systems Security.

Chapter 25 – Configuration Management 1Chapter 25 Configuration management.

WHAT THE APP IS THAT? DECEPTION AND COUNTERMEASURES IN THE ANDROID USER INTERFACE.

HIPS. Host-Based Intrusion Prevention Systems  One of the major benefits to HIPS technology is the ability to identify and stop known and unknown attacks,

Computer System Structures

SE-1021 Software Engineering II

CMSC 345 Defensive Programming Practices from Software Engineering 6th Edition by Ian Sommerville.

Web Application Vulnerabilities, Detection Mechanisms, and Defenses

TriggerScope: Towards Detecting Logic Bombs in Android Applications

Understanding Android Security

2. OPERATING SYSTEM 2.1 Operating System Function

Talia ringer, dan grossman and Franziska roesner

Chapter 14: System Protection

Presented by Xiaohui (Amy) Lin

Chapter 2: System Structures

AUDACIOUS User-Driven Access Control with Unmodified Operating Systems

Systems Analysis and Design

Introduction to Operating System (OS)

Systematic Detection of capability leaks in stock android smartphones

Analyzing WebView Vulnerabilities in Android Applications

Test Driven Development

Design and Programming

Suwen Zhu, Long Lu, Kapil Singh

Chapter 2: System Structures

© University of Liverpool

Software Security Lesson Introduction

Chapter 1 Introduction(1.1)

Overview of Database Security

Sai Krishna Deepak Maram, CS 6410

Java Programming Introduction

ONLINE SECURE DATA SERVICE

Thomas E. Anderson, Brian N. Bershad,

Understanding Android Security

Overview Activities from additional UP disciplines are needed to bring a system into being Implementation Testing Deployment Configuration and change management.

Cybersecurity Simplified: Ransomware

Presentation transcript:

AUDACIOUS: USER DRIVEN ACCESS CONTROL WITH UNMODIFIED OPERATING SYSTEM By, Talia ringer, dan grossman and Franziska roesner PRESENTED BY: Mohammad

Introduction AUDACIOUS: Android User-Driven Access Control in Only User Space A secure library implementation whose primary goal is to provide a system for User-Driven access control in android applications without modifying the underlying operating system.

Goals of AUDACIOUS Goal 1: Goal 2: Unmodified Operating System Goal 3: User-driven Access Control Access to sensitive resources is only granted when the user interacts with the corresponding ACG. Goal 2: Unmodified Operating System The final implementation should not make any changes to the underlying operating system. Goal 3: Regulate Resource use, not just access Design should provide guarantees about the flow of resources. Goal 4: Permission Model Flexibility Allow applications to use alternative permission models for some functionalities.

Goals of AUDACIOUS(cont.)

Techniques used to secure ACG’s Event flow UI context Resource flow UI interaction is strictly invoked by the user UI does not trick the user into interactions Resources are accessed appropriately via ACGs Defense via taint analysis Defense via explicit Internal/External UI checking Defense via regulating Information Flow. Can be disrupted via event forgery. Can be disrupted by cover attacks. Disrupted by abusing granted permissions to perform malicious tasks.

Libraries ACG LIBRARY Developed in Android and is event-driven. It works on bytecode than source code. Invalidates view if library detects a potentially malicious or “evil” event. Application code is not executed. Two ACG interfaces – one for temporary permissions and one for permanent permissions. Views are wrapped so that applications cannot modify the ACG UI after creation. We can use the library in two ways Define it in a layout Access it programically.

Libraries(cont.) SPARTA LIBRARY Information flow tool Two stages - App store approval and Runtime approval SPARTA operates on source code. SPARTA compares the flows with allowable flows defined in a flow policy file. A human verifies the output of SPARTA in the context of the policy. SPARTA is extended by implementing an ACG type so SPARTA can distinguish ACGs from each other.

Summary of ACG applications

Fighting evil: Analysis Evil application developed is made to bypass the library security features Out of 57 attacks, 55 were defended One of the missed attack was an result of Android Bug . The other was due to limitation of android OS.

Performance

Limitation We cannot modify events or interfere with the flow of events. Partially obscured toast are to be invalidated but it is not and this bug has been reported to android. OS limitations leads to flag value being never set if we construct an event by programs. SPARTA does not ensure that correct resources are used at correct time. If ACG library is updated, all the applications using it has to be updated to include the latest version of library. No way to check obscured flag during a random check.

Criticism Existing applications cannot be benefitted by ACG unless it is refactored by the developer again for ACG library. If the OS prevented events from being created or modified, we would not need to run a analysis. ACG does not protect against all type of attacks When randomness test are done too frequently it may affect the performance of the application.

THANK YOU