Review of “Towards Taming Privilege-Escalation Attacks on Android” Sven Bugiel, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer, Ahmad-Reza Sadeghi, Bhargava.

Slides:



Advertisements
Similar presentations
ACHIEVING NETWORK LEVEL PRIVACY IN WIRELESS SENSOR NETWORKS.
Advertisements

Vulnerability, Attack, Defense Split Tunneling Cross-Site Request Forgery And You Mary Henthorn OIT Senior Technology Analyst February 8, 2007.
How to Design Wireless Security Mechanisms Manel Guerrero Zapata Mobile Networks Laboratory Nokia Research Center.
A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,
Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks Qi Alfred Chen, Zhiyun Qian†, Z. Morley Mao University of.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.
Open-MS (Open-Management System) Ethan Hann
Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.
SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, and Abraham Flaxman Presented by Ryan.
Bandwidth DoS Attacks and Defenses Robert Morris Frans Kaashoek, Hari Balakrishnan, Students MIT LCS.
Android 4: Creating Contents Kirk Scott 1. Outline 4.1 Planning Contents 4.2 GIMP and Free Sound Recorder 4.3 Using FlashCardMaker to Create an XML File.
Unsafe Exposure Analysis of Mobile In-App Advertisements Offense: Rachel Stonehirsch.
Host Mobility for IP Networks CSCI 6704 Group Presentation presented by Ye Liang, ChongZhi Wang, XueHai Wang March 13, 2004.
Detecting and Preventing Privilege- Escalation on Android Jiaojiao Fu 1.
RUNNING PARALLEL APPLICATIONS BEYOND EP WORKLOADS IN DISTRIBUTED COMPUTING ENVIRONMENTS Zholudev Yury.
Flatiron Mobile Device Security Monitor Thomas Horacek Lucas Greve.
Presented by Xiaoyu Qin Virtualized Access Control & Firewall Virtualization.
TRACEREP: GATEWAY FOR SHARING AND COLLECTING TRACES IN HPC SYSTEMS Iván Pérez Enrique Vallejo José Luis Bosque University of Cantabria TraceRep IWSG'15.
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
The Protection of Information in Computer Systems Part I. Basic Principles of Information Protection Jerome Saltzer & Michael Schroeder Presented by Bert.
EAACK—A Secure Intrusion-Detection System for MANETs
Vasileios P. Kemerlis, Georgios Portokalidis, Angelos D. Keromytis Network Security Lab, Department of Computer Science, Columbia University, USA 21 st.
SOS: Security Overlay Service Angelos D. Keromytis, Vishal Misra, Daniel Rubenstein- Columbia University ACM SIGCOMM 2002 CONFERENCE, PITTSBURGH PA, AUG.
Hiding in the Mobile Crowd: Location Privacy through Collaboration.
MOBILE SENSOR NETWORK DEPLOYMENT USING POTENTIAL FIELDS: A DISTRIBUTED, SCALABLE SOLUTION TO THE AREA COVERAGE PROBLEM Proceedings of the 6 th International.
WP4 deliverable Critical Infrastructure Protection: Attack Prevention Solutions and Attacks.
The Secrecy of Compressed Sensing Measurements Yaron Rachlin & Dror Baron TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.:
A CRAWLER BASED STUDY OF SPYWARE ON THE WEB Vijay Savanth The University of Auckland Computer Science Department A. Moshchuk, T.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Android Security Extensions. Android Security Model Main objective is simplicity Users should not be bothered Does the user care? Most do not care…until.
.  Define risk and risk management  Describe the components of risk management  List and describe vulnerability scanning tools  Define penetration.
SOS: An Architecture For Mitigating DDoS Attacks Angelos D. Keromytis, Vishal Misra, Dan Rubenstein ACM SIGCOMM 2002 Presented By : Tracy Wagner CDA 6938.
Understanding Code Mobility A Fuggetta, G P Picco and G Vigna Presenter Samip Bararia.
Standards for Technology in Automotive Retail STAR Update Michelle Vidanes STAR XML Data Architect April 30 th, 2008.
Outline Introduction Existing solutions for ad hoc
11 CLUSTERING AND AVAILABILITY Chapter 11. Chapter 11: CLUSTERING AND AVAILABILITY2 OVERVIEW  Describe the clustering capabilities of Microsoft Windows.
10/1/20071 Automatic Evaluation of Intrusion Detection Systems F. Massicotte, F. Gagnon, Y. Labich, L. Briand, Computer Security Applications Conference,
1 A Network Security Monitor Paper By: Heberlein et. al. Presentation By: Eric Hawkins.
Research Breakout Session Networking Sensor Networks Mobile Devices.
Protecting Browsers from Extension Vulnerabilities Paper by: Adam Barth, Adrienne Porter Felt, Prateek Saxena at University of California, Berkeley and.
Wireless and Mobile Security
Anonymous Health Information Exchange (HIE) Transfer with Credibility Check against Fraud through Chaum Mixes and Crowds. By: Aaron Silcott.
Dynamic Vetting Android Applications for Privilege-escalation Risks Jiaojiao Fu 1.
CEG 2400 FALL 2012 Windows Servers Network Operating Systems.
Comparison of LMS Submitted by Seena. K Roll No: P2ELT14012.
LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►
Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK
Wireless Mesh Networking or Peer to Peer Technology Andre Lukito – Johnsonsu – Wednesday, 9.
 All lines are muted during presentation.  Lines are un-muted during Q&A ◦ If not asking question, please mute your line  *6 to mute your phone  *7.
Security and Resilience Pat Looney Brookhaven National Laboratory April 2016.
Towards Secure and Dependable Software-Defined Networks Fernando M. V. Ramos LaSIGE/FCUL, University of Lisbon
DeepDroid Dynamically Enforcing Enterprise Policy Manwoong (Andy) Choi
Langley Research Center An Architectural Concept for Intrusion Tolerance in Air Traffic Networks Jeffrey Maddalon Paul Miner {jeffrey.m.maddalon,
INTRODUCING HYBRID APP KAU with MICT PARK IT COMPANIES Supported by KOICA
01/27/10 What is PlanetLab? A planet-wide testbed for the R & D of network applications and distributed computing Over 1068 nodes at 493 sites, primarily.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.
Session 1: Technology Development August 15 NSF Workshop.
“What the is That? Deception and Countermeasures in the Android User Interface” Presented by Luke Moors.
WHAT THE APP IS THAT? DECEPTION AND COUNTERMEASURES IN THE ANDROID USER INTERFACE.
Introduction to Android Programming. Features of Android.
Target Fragmentation in Android Apps
Which is right for your business, Office 365 or Microsoft 365?
Which is right for your business, Office 365 or Microsoft 365?
Security Essentials for Small Businesses
User-mode Secret Protection (SP) architecture
Federalist Paper #78 By Alexander Hamilton.
Federalist Paper #78 By Alexander Hamilton.
Information Protection
Information Protection
Presentation transcript:

Review of “Towards Taming Privilege-Escalation Attacks on Android” Sven Bugiel, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer, Ahmad-Reza Sadeghi, Bhargava Shastry In Proceedings of the 19th Annual Network & Distributed System Security Symposium (February 2012)

Summary The authors of this paper has presented the design and implementation of a security framework that protects against both confused deputy attack and collusion attack Also included results for performance evaluation

Android architecture & Security framework architecture

Appreciation The first security framework that addresses both confused deputy attack and collusion attack System-centric solution that generally captures all application level privilege attacks: not dependent of applications, not just targeting attack subclasses Scalable performance over-head (adversary models: weak, basic, advanced and strong)

Criticism Heuristic evaluation: hard to simulate worst case scenario, sample size of 50 still sounds small given the amount of categories (27) Adversary model VS performance?? Separated test of “ICC based communication apps” and “File system and socket based communication” (I.E PDF plug-in for dolphin browser) (all tests were carried out where there’s only two nodes & single path, a mixed case would have more that two nodes and potentially multiple paths)

Sample scenario

Question Given that this security framework was built on a rather obsolete version of Android (2.2.1), do you think it will still satisfy the need on devices with newer Android versions ? (Android 4 had new features such as Android Beam, Screen Shots and On-device Encryption!)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.