Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 51 (Mobile Device Fundamentals - Android)

Published byAlban Clark Modified over 7 years ago

Similar presentations

Presentation on theme: "Module 51 (Mobile Device Fundamentals - Android)"— Presentation transcript:

1 Module 51 (Mobile Device Fundamentals - Android)
In this Module, we'll briefly discuss the general landscape of mobile devices. You will then learn about the underlying structure and security properties of Android devices. You'll also know how most trojan apps are developed. You'll be able to identify several of the common categories of security vulnerabilities to which current Android mobile devices are subject. Module 51

2 Mobile Devices Targets of interest: Smartphones Tablet Computers
Most popular platforms Android OS (Google) IOS (Apple) Module 51

3 Android Devices Android started in 2003 and acquired in 2005 by Google. What is it? Software stack including Operating system (linux) Framework Middleware Applications Module 51

4 Android Software Structure
Linux OS at lowest layer Libraries to provide access to Device functionality (camera, graphics, sound, GPS, phone network, wifi network) System underpinnings (SQLite database with no encryption that records all system and application settings and information) Dalvik Virtual Machine Application Framework Applications Module 51

5 Android Security Measures
Application sandbox uses Linux user protection scheme to isolate app resources. Unique uid assigned to each process so processes cannot interact. Full system encryption using AES 128 is available, but the system partition is read-only and will not be encrypted. Address Space Layout Randomization (ASLR) and no-execute permission on memory areas used to avoid stack and heap attacks. Permission model controls access to camera, location, data, telephony, SMS.MMS. Apps request such permission on installation. But it is given as all-or-none. All applications must be signed with a cert signed by the app developer. (But certificate may be self- signed. No need to be signed by a Certificate Authority.) Module 51

6 Android Development Tools
System Development Kit (SDK) for Linux, Mac, Windows. Includes Emulator for ARM (from ARM holdings) mobile devices Can't send phone calls or real SMS except to another instance of the emulator No bluetooth or camer/video No Google apps (gmail, maps) or telephone carrier apps. Android Debug Bridge Dalvik Debug Monitor Server Module 51

7 Rooting a mobile device
Rooting (Android nomenclature) or jail-breaking (iOS nomenclature) refers to an escalation privilege attack in which you increase your privilege so you can gain access to all phone resources. (Normal phone access is less privileged.) Rooting is arranged by Exploiting a vulnerability in the underlying software of the device, or Replacing your entire ROM with one supporting superuser access. Module 51

8 Benefits and Drawbacks of Rooting
May brick your device Voids manufacturer warranty May open yourself up to new malware attacks Benefits: Full control of the device Access to the latest software versions (fewer vulns) Can run SuperUser.apk which controls access to root privileges for other processes Module 51

9 Android App Structure Android applications (apk files) are justPK files (Phil Katz – developer of zip). Contents: Manifest Encoded XML file defining software componentes, services, activities, permisions, etc. Classes.dex Dalvik executable code that implements the application. Broadcast receivers (event handlers) Services (that run in background with no GUI elements Module 51

10 Trojan Development Common Vector of Infection is the Downloading of a Trojan App. Behaves as normally expected, but provides a special malware component. Development plan: Start with legitimate application Disassemble dex code Decode manifest Include malicious code Assemble dex code Encode the (possibly modified) manifest Sign the final apk Module 51

11 Android Master Key Vulnerability
On installation, android checks the integrity of the application by using a checksum calculated on the apk dex components. These components are unpacked from the PK file one at a time. If any redundant components are encountered they are ignored. But when the apk execution occurs, the dex components are unpacked in such a way that the most recently redundant component is used. Upshot: you can replace a valid component with a malicious one and use the original certificate and signature. Patch released by Google in July 2013. Module 51

12 How Do These Apps Get on Your Device?
.One estimate is that 30% of smartphone users have no password. Consider this app: Have you ever downloaded an app from anywhere except the Android Marketplace? Malware has been hosted on the Marketplace as well. Module 51

13 SMS Abuse Malware More common in eastern Europe.
mbers More common in eastern Europe. SMS charges are immediately applied rather than being billed monthly. Module 51

14 Phishing Attacks Apps imitating legitimate banking apps are linked via sent to unsuspecting recipients. Clients using these applications provide their banking credentials. Module 51

15 Poorly Written Applications
Many apps are written without encryption. If users connect via wifi, data can be compromised. Many applications use hard-coded passwords. Discover the password on your device and you can use it on another one. Module 51

16 Protections Upgrade, upgrade, upgrade Use a password on your device
Encrypt your user data Don't download software from anywhere except the Google Marketplace (Don't) Root Your Device Make software developers write better code!?!? Module 51

Download ppt "Module 51 (Mobile Device Fundamentals - Android)"

Similar presentations

Android Application Development A Tutorial Driven Course.

Android Application Development A Tutorial Driven Course.
Aurasium: Practical Policy Enforcement for Android Applications By Yaoqi USENIX Security Symposium 2012.

Aurasium: Practical Policy Enforcement for Android Applications By Yaoqi USENIX Security Symposium 2012.
DEPARTMENT OF COMPUTER ENGINEERING

DEPARTMENT OF COMPUTER ENGINEERING
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Mobile Application Development

Mobile Application Development
2. Setting Up Your Android Development Environment.

2. Setting Up Your Android Development Environment.
Asst.Prof.Dr.Ahmet Ünveren 2014-2015 SPRING Computer Engineering Department Asst.Prof.Dr.Ahmet Ünveren 2014-2015 SPRING Computer Engineering Department.

Asst.Prof.Dr.Ahmet Ünveren SPRING Computer Engineering Department Asst.Prof.Dr.Ahmet Ünveren SPRING Computer Engineering Department.
ANDROID PROGRAMMING MODULE 1 – GETTING STARTED

ANDROID PROGRAMMING MODULE 1 – GETTING STARTED
IOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Android Security – Cydia Substrate Dimitris.

IOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Android Security – Cydia Substrate Dimitris.
Hacking Exposed 7 Network Security Secrets & Solutions

Hacking Exposed 7 Network Security Secrets & Solutions
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.

CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
Presentation By Deepak Katta

Presentation By Deepak Katta
Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.

Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.
Android Introduction Platform Overview.

Android Introduction Platform Overview.
Mobile Application Development with ANDROID. Agenda Mobile Application Development (MAD) Intro to Android platform Platform architecture Application building.

Mobile Application Development with ANDROID. Agenda Mobile Application Development (MAD) Intro to Android platform Platform architecture Application building.
About me Yichuan Wang Android Basics Credit goes to Google and UMBC.

About me Yichuan Wang Android Basics Credit goes to Google and UMBC.
Introduction to Android Swapnil Pathak www.SecurityXploded.com Advanced Malware Analysis Training Series.

Introduction to Android Swapnil Pathak Advanced Malware Analysis Training Series.
All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영 2015. 04. 21.

All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영
Presented by: Kushal Mehta University of Central Florida Michael Spreitzenbarth, Felix Freiling Friedrich-Alexander- University Erlangen, Germany michael.spreitzenbart,

Presented by: Kushal Mehta University of Central Florida Michael Spreitzenbarth, Felix Freiling Friedrich-Alexander- University Erlangen, Germany michael.spreitzenbart,
@2011 Mihail L. Sichitiu1 Android Introduction Platform Overview.

@2011 Mihail L. Sichitiu1 Android Introduction Platform Overview.

Similar presentations

Ads by Google