All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영 2015. 04. 21.

Slides:



Advertisements
Similar presentations
Mobile Security Guide Matt Scofield, Eric Samson, Cong Le.
Advertisements

Syracuse University, New York, USA
Dissecting Android Malware : Characterization and Evolution
Aurasium: Practical Policy Enforcement for Android Applications By Yaoqi USENIX Security Symposium 2012.
Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.
Automated Remote Repair for Mobile Malware Yacin Nadji, Jonathon Giffin, Patrick Traynor Georgia Institute of Technology ACSAC’ 11.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
IOS VS ANDROID Presented by, Lowkya Pothineni.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.
Vivek-Vijayan University of Tennessee at Chattanooga.
Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
Case study 2 Android – Mobile OS.
William Enck, Machigar Ongtang, and Patrick McDaniel.
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
Presentation By Deepak Katta
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.
VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.
Mobile Operating System Security A PRESENTATION BY DANIEL ADAMS CSC 345 DR. BOX.
By, Anish Shanmugasundaram Yashwanth Sainath Jammi.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
박 종 혁 컴퓨터 보안 및 운영체제 연구실 MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications,
Introduction to Android Swapnil Pathak Advanced Malware Analysis Training Series.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
박 종 혁 컴퓨터 보안 및 운영체제 연구실 Workshop on Mobile Security Technologies (MoST)
 Security and Smartphones By Parker Moore. The Smartphone Takeover  Half of mobile phone subscribers in the United States have a smartphone.  An estimated.
Authors: William Enck The Pennsylvania State University Peter Gilbert Duke University Byung-Gon Chun Intel Labs Landon P. Cox Duke University Jaeyeon Jung.
Computer and Information Sciences
Vijay Krishnan Avinesh Dupat. A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators.
ANDROID Presented By Mastan Vali.SK. © artesis 2008 | 2 1. Introduction 2. Platform 3. Software development 4. Advantages Main topics.
This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
1 Company Proprietary and ConfidentialThe document name can go here Android OS Security Omar Alaql July 8, 2013 Kent State University Android OS Security.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
Android Security Auditing Slides and projects at samsclass.info.
Android Security Model that Provide a Base Operating System Presented: Hayder Abdulhameed.
VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.
ANDROID BY:-AANCHAL MEHTA MNW-880-2K11. Introduction to Android Open software platform for mobile development A complete stack – OS, Middleware, Applications.
UNIX System Protection. Unix History Developed by Dennis Ritchie and Ken Thompson at AT&T Bell Labs Adapted some ideas from the Multics project in 1969.
RootKit By Parrag Mehta OUTLINE What is a RootKit ? Installation Types How do RootKits work ? Detection Removal Prevention Conclusion References.
Android System Security Xinming Ou. Android System Basics An open-source operating system for mobile devices (AOSP, led by Google) – Consists of a base.
Wireless and Mobile Security
MobileSecurity Vulnerability Assessment Tools for the Enterprise Mobile Security Vulnerability Assessment Tools for the Enterprise Integrating Mobile/BYOD.
Speaker: Xiaojiang Du Authors: Xiali Hei, Xiaojiang Du and Shan Lin Temple University.
Dilip Dwarakanath.  The topic I’m about to present was taken from a paper titled “Apple iOS 4 Security Evaluation” written by Dino A Dai Zovi.  Dino.
Introducing the Smartphone Pentesting Framework Georgia Weidman Bulb Security LLC Approved for Public Release, Distribution Unlimited.
VMM Based Rootkit Detection on Android
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK
Root Access By: Derek Grove. What Do I Mean By Root?  An account that by default has access to all commands and files on a linux or other Unix-like operating.
Mobile Security Tom Taylor. Roadmap Security Risks Security Risks Examples of Attacks Examples of Attacks Personal Protection Personal Protection Business.
Antivirus Software Troy Behmer. Outline Topics covered: – What is Antivirus software (AVS)? – What are the advantages and disadvantages of AVS? – What.
By: Collin Molnar. Overview  Intro to Android  Security basics  Android architecture  Application isolation  Application permissions  Physical access.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
DeepDroid Dynamically Enforcing Enterprise Policy Manwoong (Andy) Choi
Java & The Android Stack: A Security Analysis Pragati Ogal Rai Mobile Technology Evangelist PayPal, eBay Java.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Android and IOS Permissions Why are they here and what do they want from me?
ANDROID ACCESS CONTROL Presented by: Justin Williams Masters of Computer Science Candidate.
Google. Android What is Android ? -Android is Linux Based OS -Designed for use on cell phones, e-readers, tablet PCs. -Android provides easy access to.
Module 51 (Mobile Device Fundamentals - Android)
Mobile Hacking - Fundamentals
A Presentation on Paper:
Boxify: Full-fledged App Sandboxing for Stock Android
Who owns your phone? Who feels that they have the right to use your phone for their purposes or on your behalf?
UNIX System Protection
Reverse engineering through full system simulations
Chapter 10. Mobile Device Security
Presentation transcript:

All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영

Computer Security & OS Lab. ContentsContents 2  Introduction  Android Security Model  Android Security Model Analysis  Attack Classes  Mitigations  Conclusion

Computer Security & OS Lab. IntroductionIntroduction 3  Today’s smartphone has as much processing power and memory as a high end laptop computer  Smartphone always-on devices which phone network connect and GPS services  Mobile OS made for more efficient management and large-scale attacks  Introduce attack mitigation about current security model

Computer Security & OS Lab. Android Security Model 4  Android is a Linux-based operating system, with a layered structure of services Core native libraries(C) Application framework(JAVA)  Android permission model Application require permission for request system resource  Each application is sandboxed by the kernel Applications have different UID  Application cannot access other application space Application can request other application’s resource with IPC(Intent)

Computer Security & OS Lab. Android Security Model 5  Confirm installing an application Before installing an applications, the user is presented with a list of all  This method is difficult for most users to understand. IPC mechanism more difficult to understand  Android system provide only two choices Yes or no

Computer Security & OS Lab. Android Security Model 6  Android Market is self-signing mechanism Market without employing any kind of central authority versus Apple’s App Store  This open policy attractive for attacker

Computer Security & OS Lab. Android Security Model Analysis 7  Application model SMS event cause broadcast to be sent system wide. Application register the ability to take action when broadcast observed And can assign themselves a priority over the broadcast Application can prevent broadcast

Computer Security & OS Lab. Android Security Model Analysis 8  Patch cycle

Computer Security & OS Lab. Android Security Model Analysis 9  Trusted USB Connections ADB bypass android market (for installing/uninstalling application) Unprivileged remote shell Attacker can executing malicious tool for exploit vulnerability  Recovery mode and boot process Attacker can replace malicious recovery image file For privileged access to the user’s information  Uniform privilege separation Security application, such as anti-virus application, limited AV require root privilege in order to block malware, spyware and phishing apps

Computer Security & OS Lab. Attack Classes 10  No physical access Attacker remote attack rely heavily on social engineering Ex) phishing, farming Attacker must get some malicious software To run code remotely on user’s device  Physical access with ADB enabled Non password or screen lock With ADB enabled Attacker can exploit the device through ADB  Physical access without ADB enabled Attacker unable to use ADB service Attacker load malicious code via recovery mode  Physical access on unobstructed device Non password or screen lock Attacker enabling ADB on, installing malicious application etc….

Computer Security & OS Lab. Unprivileged Attacks 11  User installing application via internet  Application sandboxed but access system resource with permissions  Trojan malware application found in legitimate Android Market  Malicious application running background with registered intent  Malicious application using legitimate API for disable screen lock  Application repackaging for downloading in Android Market

Computer Security & OS Lab. Remote Exploitation 12  Oberheid’s seemingly benign application but application would routinely make remote request for new payloads to execute. For privilege escalation  Linux exploit adaptable Android OS This feature maximized slow patch cycle

Computer Security & OS Lab. Physical Access without ADB Enabled 13  Attackers targeting recovery mode Generate customized recovery image  Modification init.rc and default.prop Modified init.rc run malicious code, such as root-kit init.rc file executable right to an su executable. default.prop file exchange ADB state unable -> enable  Physical access to unobstructed device Adaptable all methodologies

Computer Security & OS Lab. MitigationsMitigations 14  Reduce the Patch Cycle Length Separation between Google’s core and manufacturers patch  Privileged Applications Change permissions hierarchy  Leveraging Existing Security Technologies Adapting SELinux TaintDroid  Authenticated Downloads Apple’s AppStore  Authenticated ADB  Trusted Platform Module

Computer Security & OS Lab. ConclusionConclusion 15

Computer Security & OS Lab. ReferenceReference 16  element.html element.html  신뢰 _ 플랫폼 _ 모듈 신뢰 _ 플랫폼 _ 모듈

감사합니다.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.