Android System Security Xinming Ou. Android System Basics An open-source operating system for mobile devices (AOSP, led by Google) – Consists of a base.

Slides:



Advertisements
Similar presentations
Android Application Development A Tutorial Driven Course.
Advertisements

Google Android Introduction to Mobile Computing. Android is part of the build a better phone process Open Handset Alliance produces Android Comprises.
Android OS : Core Concepts Dr. Jeyakesavan Veerasamy Sr. Lecturer University of Texas at Dallas
MOOC on M4D 2013 I NTRODUCTION TO THE A NDROID P LATFORM Ashish Agrawal Indian Institute of Technology Kanpur.
Presented By Abhishek Singh Computer Science Department Kent state University WILLIAM ENCK, MACHIGAR ONGTANG, AND PATRICK MCDANIEL.
Android architecture overview
Policy Weaving for Mobile Devices Drew Davidson. Smartphone security is critical – 1200 to 1400 US Army troops to be equipped with Android smartphones.
Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Android 101 Application Fundamentals January 29, 2010.
Google Android as a mobile development platform T Internet Technologies for Mobile Computing Olli Mäkinen.
Security of Mobile Applications Vitaly Shmatikov CS 6431.
ANDROID PROGRAMMING MODULE 1 – GETTING STARTED
Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.
Case study 2 Android – Mobile OS.
Emerging Platform#4: Android Bina Ramamurthy.  Android is an Operating system.  Android is an emerging platform for mobile devices.  Initially developed.
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
Presentation By Deepak Katta
Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.
About me Yichuan Wang Android Basics Credit goes to Google and UMBC.
A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID.
VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.
Introduction to Android Swapnil Pathak Advanced Malware Analysis Training Series.
Enhancing User Privacy on Android Devices Bachelor of Computer Science (Honours) Name: Quang Do Supervisor: Raymond Choo Associate Supervisor: Ben Martini.
Android Introduction Based on slides made by
박 종 혁 컴퓨터 보안 및 운영체제 연구실 Workshop on Mobile Security Technologies (MoST)
 Security and Smartphones By Parker Moore. The Smartphone Takeover  Half of mobile phone subscribers in the United States have a smartphone.  An estimated.
CS5103 Software Engineering Lecture 08 Android Development II.
Lecture 4 Page 1 CS 236 Online Prolog to Lecture 4 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Authors: William Enck The Pennsylvania State University Peter Gilbert Duke University Byung-Gon Chun Intel Labs Landon P. Cox Duke University Jaeyeon Jung.
© Keren Kalif Intro to Android Development Written by Keren Kalif, Edited by Liron Blecher Contains slides from Google I/O presentation.
All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영
Software Architecture of Android Yaodong Bi, Ph.D. Department of Computing Sciences University of Scranton.
@2011 Mihail L. Sichitiu1 Android Introduction Platform Overview.
Mobile Application Development using Android Lecture 2.
Erika Chin Adrienne Porter Felt Kate Greenwood David Wagner University of California Berkeley MobiSys 2011.
DUE Hello World on the Android Platform.
CS378 - Mobile Computing Intents.
16 Services and Broadcast Receivers CSNB544 Mobile Application Development Thanks to Utexas Austin.
Android for Java Developers Denver Java Users Group Jan 11, Mike
Developing Secure Mobile Applications for Android CS 595 James Zachary Howland.
CS378 - Mobile Computing Intents. Allow us to use applications and components that are part of Android System – start activities – start services – deliver.
COMP 365 Android Development.  Every android application has a manifest file called AndroidManifest.xml  Found in the Project folder  Contains critical.
Android Security Auditing Slides and projects at samsclass.info.
Android Security Model that Provide a Base Operating System Presented: Hayder Abdulhameed.
VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.
Mobile Application Security on Android Originally presented by Jesse Burns at Black Hat
Wireless and Mobile Security
By: Collin Molnar. Overview  Intro to Android  Security basics  Android architecture  Application isolation  Application permissions  Physical access.
Java & The Android Stack: A Security Analysis Pragati Ogal Rai Mobile Technology Evangelist PayPal, eBay Java.
Android and IOS Permissions Why are they here and what do they want from me?
ANDROID ACCESS CONTROL Presented by: Justin Williams Masters of Computer Science Candidate.
Google. Android What is Android ? -Android is Linux Based OS -Designed for use on cell phones, e-readers, tablet PCs. -Android provides easy access to.
Module 51 (Mobile Device Fundamentals - Android)
Android Application -Architecture.
More Security and Programming Language Work on SmartPhones
Android 01: Fundamentals
Understanding Android Security
Android Access Control
Reactive Android Development
Android System Security
Android Runtime – Dalvik VM
Android.
Development-Introduction
Application Development A Tutorial Driven Course
Android Topics UI Thread and Limited processing resources
Understanding Android Security
Emerging Platform#3 Android & Programming an App
Chapter 10. Mobile Device Security
Android Access Control
Presentation transcript:

Android System Security Xinming Ou

Android System Basics An open-source operating system for mobile devices (AOSP, led by Google) – Consists of a base operating system (Linux), an application middleware, and a Java SDK. – Available since 2007; first Android phone debut in Currently the most popular smart-phone platform

Android System Overview Hardware Linux OS Application Middleware App ……

Security Considerations A smart phone is “mostly” a single-user system – The security goal is primarily to protect the user and his/her data – The security goal also includes that critical functions of the phone shall not be hampered The apps a phone runs are from manufacturers and app stores – The origin of the apps could be untrustworthy – apps could be vulnerable or outright malicious

Basics Protections Each application runs as a user process in the Linux OS with a unique user ID – At install time, Android gives each package a distinct Linux user ID – Two apps can run under the same user ID if they are signed by the same key – This creates a sandbox for each app, so that Linux isolates applications from each other and from the system.

However Apps need to communicate with each other and the system – A restaurant recommender app may need to launch a map app to show a restaurant’s location on map – An app may need to launch a PDF viewer to open an attachment – A messenger app may need to receive text messages sent to the phone

Android Inter-Component Communication (ICC) Each Android app contains one or more components of the following types: – Activity: A GUI screen – Service: background processing – Broadcast Receiver: receives messages from other component – Content Provider: store and share data Each component runs as a separate thread in the OS

An Example Source: Understanding Android Security, Enck, et al., IEEE Security & Privacy, 09

ICC Paths in the Example Source: Understanding Android Security, Enck, et al., IEEE Security & Privacy, 09

Security Protection for ICC An ICC interface is protected in two ways: – A private component cannot be accessed outside of the app – A component can be protected by permissions A permission is a label defined by the system or app developer to protect an Android component

Android Permission Protection Source: Understanding Android Security, Enck, et al., IEEE Security & Privacy, 09

Policy Specification Each Android app package contains a “manifest file” that defines all the components in the app, and the permissions needed to access each component The manifest file also contains a list of permissions the app requests from the system and/or user

Difficulty in Understanding Policy Policy can be changed dynamically at runtime, in the app’s code – A message can be sent requiring a specific permission at runtime – A runtime permission check can be performed to access a component’s public method

Difficulty in Understanding App’s Behaviors An app, when given a set of permissions, may misuse them to harm other apps and the user. It is not trivial to understand how an app will use the given permissions

How Android app works Component A Component B Component C App B App A Cellular network, Internet, GPS, etc. Android System User Input Event Send intent or Call some callback method Find the handler System event Event

How Android app works Component A Component B Component C App B App A Cellular network, Internet, GPS, etc. Intent i Android System Find the target Intent i

A Motivating Example: Sensitive-SMS App onCreate(Bundle …){ … String s1 = getSensitiveData(); Intent i1 = new Intent(); i1.setClass(…, Leaker.class); i1.putExtra(“key”, s1); startActivity(i1); } onCreate(Bundle …){ … String s1 = getSensitiveData(); Intent i1 = new Intent(); i1.setClass(…, Leaker.class); i1.putExtra(“key”, s1); startActivity(i1); } onCreate(Bundle …){ … Intent i2 = getIntent(); String s2 = i2.getStringExtra(“key”); SmsManager sms = SmsManager.getDefault(); sms.sendTextMessage(…, s2, …); } onCreate(Bundle …){ … Intent i2 = getIntent(); String s2 = i2.getStringExtra(“key”); SmsManager sms = SmsManager.getDefault(); sms.sendTextMessage(…, s2, …); } DataGrabber Activity Leaker Activity Environment of DataGrabber Intent p1 Environment of Leaker Intent p2 App Android System Model

Problem 1: Data Leakage Collect sensitive data d Send Intent with d Data leak source sink ICC App X Comp X.1 Comp X.2 Comp X.3 Another App ICC

Problem 2: Data Injection Receive Intent Send Intent Receive Intent Send Intent Network I/O source sink App Y Comp Y.1 Comp Y.2 Injecting ill-crafted intent