Presentation is loading. Please wait.

Presentation is loading. Please wait.

Motivation. Part of Deutsche Telekom project:

Published byRuby Hill Modified over 9 years ago

Similar presentations

Presentation on theme: "Motivation. Part of Deutsche Telekom project:"— Presentation transcript:

0 Remote backup and recovery service for Android device owners
Company: Deutsche Telekom Academic advisor: Yuval Elovici Technical advisor : Assaf Shabtai Project Team: Limor Segev Eran Frieman Carmel Karni

1 Motivation. Part of Deutsche Telekom project:
Backup and restore users’ Android terminals Remote monitoring and offline analysis of Android application Remote monitoring and offline analysis of Android application

2 Problem Domain An Android OS could be attacked by hackers:
Open platform Users will access the Internet intensively Everyone can develop applications for Android

3 Problem Domain Cont. Successful attack on Androids may:
Expose private information Prevent T-Mobile customers from using T- Mobile services Flood T-Mobile’s customer service infrastructure and personnel. No easy way exists to “fix” mobile devices and especially Android.

4 Scope and Purpose. Backup and restore users’ Android terminals:
Develop a platform that will backup Android terminals and restore “last good snapshot” on demand. Backup of customers installed applications. Backup of applications must always be on a remote server.

5 Current Situation Backup is possible for: Documents Media files
Not for Application files

6 The Solution Backup Application files on remote server
Manage DB at server + Allow Security operations Enable restoration of phone last stable status

7 Customer’s Android device
System Architecture 1. Downloading and installing a new application 2. System’s agent send the new application files (apk) to the external server 3. Sending the new application files (apk) to the storage server with additional information to enable restoring users’ systems 4. Backed-up application apk apk apk apk apk apk apk Internet Customer’s Android device Server Storage 5. Threat detection system checks files and alerts the server about threats

8 Customer’s Android device
System Architecture Autor / Thema der Präsentation 8 3. Sending an alert to the user apk apk apk apk Internet Customer’s Android device Server Storage apk 2. Sending analysis result: “malicious application” Threat detection system checks apks with status “UNCHECKED”

9 Autor / Thema der Präsentation
System Architecture apk apk Internet Storage Server NetShield Analysis Server apk

10 System Architecture Cont.
The system includes 4 major components: Agent Server (which runs a threat detection system) Data Base Remote Desktop Client for reports

11 Main Functional Requirements
Agent: Registration Login Monitor Send Application Files Change Device Backup Status Displaying Device Backup Status Server Updates / Warnings Display List of Applications Receive Application Files Display List of Received Files Restore application Handle Disconnections

12 Main Functional Requirements
Server + Agent Management : Add/Remove/Update Agent Handling Registration Requests Handling Login Requests Receive and Store Files Send Updates / warnings / confirmations Verify Data Integrity Receive and Store Data Send Information and Files. Enable scanning of files

13 Agent Software Installation
Main Functional Requirements Management: Manager Login Produce Reports Deployment and Installation : Agent Software Installation

14 Main Functional Requirements
System View: Main Menu View Configuration view Login view Registration view Recovery view Applications List View

15 Non-Functional Requirements
Speed, Capacity & Throughput Ninety five percent of all backup transaction will be completed within 10 seconds. The agent will use up to 20% of the CPU. Reliability support data recovery, including transmission-error detection and correction. Portability client side is dedicated to the Android OS.

16 Non-Functional Requirements
Usability Extremely user-friendly. Does not require constant maintenance by the user. Possibility to configure most of the system operations to be done automatically Safety & Security The information sent between the server and the agents will be encrypted. Availability The server will be active at all times, waiting for agents requests or notifications from the Threats Detection System.

17 High level use cases view of the system

18 Use case: Install and Register
Use Case ID 1 Primary Actor Owner (User) Brief Description The user registers to the server (including a login) Trigger The user installs the system application Preconditions The server is active Flow of Events # Actor System The user downloads the application 2 Auto installs itself on the device 3 Asks the user for registry data: Name, password 4 Enters the relevant details and confirms 5 Agent send the data to the server 6 The server writes the data to the database 7 The server sends confirmation to the user and log him in. Post-conditions The new user is registered to the system – i.e – his details were written to the db. Alternative flows and exceptions 6.a -The user is already registered and wants to recover his device -The system performs login -The server sends the appropriate files 6.b - The user name that was entered already exists in the database. - The server notify the user and asks for new user name

19 Use case: Install and Register

20 Use case: Login Login Use Case ID 2 Primary Actor Owner
Brief Description The owner login to the server Trigger The owner asks to login Preconditions The application is installed on the device Flow of Events # Actor System 1 User hit the login button The agent asks the user for a username and password 3 Enters the relevant details and confirms 4 Agent send the data to the server 5 The server confirms username and password using the DB 6 Server sends confirmation to the agent 7 Agent informs the user that he is logged in Post-conditions The user is logged in Alternative flows and exceptions 1.a - An automatic login occurs -All the relevant data is saved by the agent, the user takes no part in the process

21 Use case: Login

22 Use case: Intercept Install Event
Use Case ID 3 Primary Actors Owner Brief Description The Agent detects that a new app. Has been installed, asks the user if he wants to back it up. if so, sends the appropriate files to the server. Trigger The user installed a new application. Preconditions The Agent is enabled. Flow of Events # Actor System 1 Install an application. 2 Agent identify the installation Agent asks the owner whether to backup the application 4 Confirms the backup. 5 Agent collects relevant data and files 6 Agent sends apk signature to the server along with implicit login Post-conditions The application has been installed and was backed up on the server. Alternative flows and exceptions 4.a The user decide not to backup the app, the app is not backed up.

23 Use case: Intercept Install Event

24 Use case: Backup Application
Use Case ID 4 Primary Actors Server Brief Description The server receives an application signature from the agent, checks if the files already exist in his data base, If not, the server gets the apk data saves them. The server then add the appropriate records to its data base. Trigger Agent sends apk signature to the server (including implicit login) Preconditions The Agent is enabled, the server is active Flow of Events # Actor System 1 Server searches for the apk signature in the database 2 Server doesn't find the app in the database. 3 Agent send apk file and data to the server Server stores application data in the db, and updates the application data to be "UNCHECKED" 5 Server sends confirmation to the agent 6 Agent informs the user of a successful backup. Post-conditions The application has been backed up on the server. 3.a The app exists in the database. The server just updates the user backup information without receiving files from the agent.

25 Use case: Backup Application

26 Use case: Hand-set Recovery
Use Case ID 5 Primary Actors User Brief Description The user decides to recover a specific app. The agent receives the appropriate files from the server and then performs a recovery. Trigger The user asked to perform a recovery. Preconditions The applications designed to be recovered has a backup on the server. Flow of Events # Actor System 1 Asks to do a recovery. 2 The agent performs login, and asks for applications list 3 device is reverted to the factory settings. 4 A list of applications that have backups is presented to the user. Chooses specific apps to be recovered 6 Agent asks for specific apps from the server. 7 Server sends relevant applications and data 8 Agent sends confirmation to the server 9 Agent performs recovery of the desired apps. 10 Agent informs the user of a successful recovery. Post-conditions The applications have been recovered. Alternative flows and exceptions 5.a The agent receives a corrupted file from the server (e.g. due to connection problems). The agent request for resending of the information from the server.

27 Use case: Hand-set Recovery

28 Handle Android Malware Detection Threats detection application, owner
Use case: Handle Android malware detection Handle Android Malware Detection Use Case ID 6 Primary Actor Threats detection application, owner Brief Description The Threats detection system detects an infection in a specific application stored on it. Trigger The threats detection system runs threats detection software, which detected an infection in an application and notified the agent about it. Preconditions The Threats detection system is active, server is active and the database contains applications. Flow of Events # Actors System 1 Sends a notification about an infected application 2 Server finds the infected application id inside the database (according to it's status – "INFECTED") 3 Locates all device owners ids which installed this application 4 The server adds the application details to the malicious applications table 5 Sends notification to all of the relevant device owners, instructing them to recover their device to previous state. The server asks the device owners if they want the malicious application to be on their recovery list for future recoveries Post-conditions All of the relevant device owners received a notification about the threat that was detected The device owners choose whether or not to keep the malicious application in their recovery lists. The infected application was documented and handled by the server

29 Use case: Handle Android malware detection

30 Use case: Manager Login
Use Case ID 7 Primary Actor System Manager Brief Description The manager login to the server in order to get information stored Trigger The manager asks to login Preconditions The server is active, the GUI application is on. Flow of Events # Actor System 1 Manager hit the login button 2 The server asks the manager for a username and password 3 Enters the relevant details and confirms 4 The server confirms username and password using the DB 5 Server sends confirmation to the GUI Post-conditions The manager is logged in Alternative flows and exceptions 4.a - the server finds that the login data hasn’t matched the data stored inside the database - the server notifies the user and goes back to step 2.

31 Use case: Manager Login

32 Use case: Produce Reports
Use Case ID 8 Primary Actor System Manager Brief Description The system manager asks the server to produce reports based on the data stored in the database. The reports could include: owners data, application data, roll-back data. Trigger The system manager asks for a report Preconditions The system manager started the server GUI application. Flow of Events # Actors System 1 Sends a request to produce report with query data 2 Server uses the query data and gets the desired information 3 Server displays the requested report Post-conditions The desired report is presented

33 Use case: Produce Reports

34 System Constraints Platform constraints Eclipse IDE
SE project constraints If a device will be unavailable we will have to work on an emulator. If there will be no threat detection program we will build a simulation of one.

35 Risks The system that we are developing require root permissions of the Android OS, which are not granted naturally. The solution: There are known methods that will allow us to get Root Privileges.

36 The End

Download ppt "Motivation. Part of Deutsche Telekom project:"

Similar presentations

09/04/2015Unit 2 (b) Back-Office processes Unit 2 Assessment Criteria (b) 10 marks.

09/04/2015Unit 2 (b) Back-Office processes Unit 2 Assessment Criteria (b) 10 marks.
The Simple Secure Solution for protecting your mobile phone data Continue to next screen.

The Simple Secure Solution for protecting your mobile phone data Continue to next screen.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
INVESTMENT GAME IN SOCIAL NETWORK Academic Advisor: Dr. Yuval Alovici Professional Advisor: Dr. Mayer Goldberg Team Members: Ido Bercovich Dikla Mordechay.

INVESTMENT GAME IN SOCIAL NETWORK Academic Advisor: Dr. Yuval Alovici Professional Advisor: Dr. Mayer Goldberg Team Members: Ido Bercovich Dikla Mordechay.
Conversation Form l One path through a use case that emphasizes interactions between an actor and the system l Can show optional and repeated actions l.

Conversation Form l One path through a use case that emphasizes interactions between an actor and the system l Can show optional and repeated actions l.
SOCIAL NETWORK INFORMATION CONSOLIDATION Developers:  Klasquin Tomer  Nisimov Yaron  Rabih Erez Advisors:  Academic: Prof. Elovici Yuval  Technical:

SOCIAL NETWORK INFORMATION CONSOLIDATION Developers:  Klasquin Tomer  Nisimov Yaron  Rabih Erez Advisors:  Academic: Prof. Elovici Yuval  Technical:
Multi-criteria infrastructure for location-based applications Shortly known as: Localization Platform Ronen Abraham Ido Cohen Yuval Efrati Tomer Sole'

Multi-criteria infrastructure for location-based applications Shortly known as: Localization Platform Ronen Abraham Ido Cohen Yuval Efrati Tomer Sole'
People Technical AdvisorsAcademic AdvisorFinal Project By Prof. Shlomi Dolev Prof. Ehud Gudes Boaz Hilemsky Dr. Aryeh Kontorovich Moran Cohavi Gil Sadis.

People Technical AdvisorsAcademic AdvisorFinal Project By Prof. Shlomi Dolev Prof. Ehud Gudes Boaz Hilemsky Dr. Aryeh Kontorovich Moran Cohavi Gil Sadis.
Background Background Problem domain Current situation Proposed solution System architecture Functional requirements Non-functional requirements Major.

Background Background Problem domain Current situation Proposed solution System architecture Functional requirements Non-functional requirements Major.
KB-IDS. Academic Advisor: Dr. Yuval Elovici Technical Advisor: Asaf Shabtai Team Members: Eliya Rahamim Elad Ankry Uri Kanonov.

KB-IDS. Academic Advisor: Dr. Yuval Elovici Technical Advisor: Asaf Shabtai Team Members: Eliya Rahamim Elad Ankry Uri Kanonov.
(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.

(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.
1 Windows Oriented Mobile IP solution For transparent routing of IP datagram's to Windows oriented mobile nodes.

1 Windows Oriented Mobile IP solution For transparent routing of IP datagram's to Windows oriented mobile nodes.
SmartSQL AlfaTech Software Solutions Application Requirements Document  Radi Bekker  Vladimir Goldman  Marina Shaevich  Alexander Shapiro Team Members:

SmartSQL AlfaTech Software Solutions Application Requirements Document  Radi Bekker  Vladimir Goldman  Marina Shaevich  Alexander Shapiro Team Members:
Academic Advisor: Dr. Yuval Elovici Professional Advisor: Yuri Granovsky Team: Yuri Manusov Yevgeny Fishman Boris Umansky.

Academic Advisor: Dr. Yuval Elovici Professional Advisor: Yuri Granovsky Team: Yuri Manusov Yevgeny Fishman Boris Umansky.
Company: Deutsche Telekom Academic advisor: Yuval Elovici Technical advisor: Assaf Shabtai Project Team:Limor Segev Eran Frieman Carmel Karni Limor Segev,

Company: Deutsche Telekom Academic advisor: Yuval Elovici Technical advisor: Assaf Shabtai Project Team:Limor Segev Eran Frieman Carmel Karni Limor Segev,
New UI Changes for Endpoint Security in LDMS 9.6 SP2.

New UI Changes for Endpoint Security in LDMS 9.6 SP2.
Copyright © 2013 FingerTec Worldwide Sdn.Bhd. All rights reserved.

Copyright © 2013 FingerTec Worldwide Sdn.Bhd. All rights reserved.
Generic Simulator for Users' Movements and Behavior in Collaborative Systems.

Generic Simulator for Users' Movements and Behavior in Collaborative Systems.
===!§ Deutsche Telekom THE UTC-IMON PROJECT Users and Terminals Characterization, Identification and Monitoring On a Net Net Anomaly Detection System.

===!"§ Deutsche Telekom THE UTC-IMON PROJECT Users and Terminals Characterization, Identification and Monitoring On a Net Net Anomaly Detection System.
Bonrix Track & Trace System A GPS Based Vehicle Tracing System (SMS, GPRS/3G, Offline) Bonrix Software Systems Ahmedabad (INDIA) Website:

Bonrix Track & Trace System A GPS Based Vehicle Tracing System (SMS, GPRS/3G, Offline) Bonrix Software Systems Ahmedabad (INDIA) Website:

Similar presentations

Ads by Google