Presentation is loading. Please wait.

Presentation is loading. Please wait.

2011/12/20 1 Tongbo Luo, Hao Hao, Wenliang Du, Yifei Wang, and Heng Yin Syracuse University ACSAC 2011.

Published byStanley Jackson Modified over 8 years ago

Similar presentations

Presentation on theme: "2011/12/20 1 Tongbo Luo, Hao Hao, Wenliang Du, Yifei Wang, and Heng Yin Syracuse University ACSAC 2011."— Presentation transcript:

1 2011/12/20 YLJ@adlab 1 Tongbo Luo, Hao Hao, Wenliang Du, Yifei Wang, and Heng Yin Syracuse University ACSAC 2011

2 Agenda  Introduction  WebView  Threat Models  Attacks from Web Pages  Attack from Malicious Apps  Case Studies  Conclusion 2011/12/20 YLJ@adlab 2

3 Introduction  WebView - enabling smartphone and tablet (both in Android & iOS) apps to embed a simple but powerful browser inside them WebView  Two Web's security infrastructure are weakened  Trusted Computing Base (TCB) at the client side Trusted Computing Base (TCB)  Sandbox protection implemented by browsers 2011/12/20 YLJ@adlab 3

4 Introduction  Two objectives of Sandbox:  Same-Origin Policy(SOP) Same-Origin Policy(SOP)  Isolate web pages from the system and isolate the web pages of one origin from those of another 2011/12/20 YLJ@adlab 4

5 WebView(1/4)  WebView is a subclass of View, and it is used to display web pages  It enables apps to interact with the web content through its APIs  From apps to web pages  From web pages to apps  three types of interactions  Event monitoring  Invoke Java from JavaScript  Invoke JavaScript from Java 2011/12/20 YLJ@adlab 5

6 WebView(2/4)  Event monitoring 2011/12/20 YLJ@adlab 6

7 WebView(3/4)  Invoke Java from JavaScript 2011/12/20 YLJ@adlab 7

8 WebView(4/4)  Invoke JavaScript from Java 2011/12/20 YLJ@adlab 8

9 Threat Models  Attacks from Malicious Web Pages 2011/12/20 YLJ@adlab 9

10 Threat Models  Attacks from Malicious Apps 2011/12/20 YLJ@adlab 10

11 Attacks from Web Pages(1/3)  Through holes on the sandbox  all pages loaded in the WebView can call the same interface  DroidGap DroidGap  Still need permission 2011/12/20 YLJ@adlab 11

12 Attacks from Web Pages(2/3)  Through Frame Confusion 2011/12/20 YLJ@adlab 12 Public class CameraLauncher{ public void failPicture(String paramString){

13 Attacks from Web Pages(3/3)  Through Frame Confusion 2011/12/20 YLJ@adlab 13

14 Attack from Malicious Apps(1/3)  JavaScript Injection  Event Sniffing and Hijacking 2011/12/20 YLJ@adlab 14

15 Attack from Malicious Apps(2/3)  JavaScript Injection  Android app can inject arbitrary JavaScript code into the pages loaded by the WebView component.  Extracting Information From WebView 2011/12/20 YLJ@adlab 15

16 Attack from Malicious Apps(3/3)  Event Sniffing and Hijacking  WebView exposes an umber of hooks to Android apps, allowing them to intercept events, and potentially change the consequences of events.  redirct URL 2011/12/20 YLJ@adlab 16

17 Case Studies  The goal is not to look for malicious or vulnerable apps, but instead to study how Android apps use WebView.  Usage of WebViewUsage of WebView  Usage of the WebView Hooks Usage of the WebView Hooks  Usage of addJavascriptInterface Usage of addJavascriptInterface  Dex2jarDex2jar 2011/12/20 YLJ@adlab 17

18 Conclusion  In our on-going work, we are developing solutions to secure WebView  The goal is to defend against the attacks on WebView by building desirable security features in WebView. 2011/12/20 YLJ@adlab 18

19 2011/12/20 YLJ@adlab 19

20 2011/12/20 YLJ@adlab 20

21 2011/12/20 YLJ@adlab 21

Download ppt "2011/12/20 1 Tongbo Luo, Hao Hao, Wenliang Du, Yifei Wang, and Heng Yin Syracuse University ACSAC 2011."

Similar presentations

Code Injection Attacks on HTML5-based Mobile Apps

Code Injection Attacks on HTML5-based Mobile Apps
Presented by Vaibhav Rastogi. Current browsers try to separate host system from Web Websites evolved into web applications Lot of private data on the.

Presented by Vaibhav Rastogi. Current browsers try to separate host system from Web Websites evolved into web applications Lot of private data on the.
Xiao Zhang and Wenliang Du Dept. of Electrical Engineering & Computer Science Syracuse University.

Xiao Zhang and Wenliang Du Dept. of Electrical Engineering & Computer Science Syracuse University.
Syracuse University, New York, USA

Syracuse University, New York, USA
Code Injection Attacks on HTML5-based Mobile Apps: Characterization, Detection and Mitigation Xing Jin, Xunchao Hu, Kailiang Ying, Wenliang Du, Heng Yin,

Code Injection Attacks on HTML5-based Mobile Apps: Characterization, Detection and Mitigation Xing Jin, Xunchao Hu, Kailiang Ying, Wenliang Du, Heng Yin,
Web Trust Boundaries and Security Vulnerabilities Haris Volos and Hidayat Teonadi CS739 – Distributed Systems.

Web Trust Boundaries and Security Vulnerabilities Haris Volos and Hidayat Teonadi CS739 – Distributed Systems.
Chrome Extentions Vulnerabilities. Introduction Google Chrome Browser Chrome OS Platform Chrome Web Store Applications Open Source Platform.

Chrome Extentions Vulnerabilities. Introduction Google Chrome Browser Chrome OS Platform Chrome Web Store Applications Open Source Platform.
Smartphone Apps Development Team Weiqing Li Lijun Zhu Man Li.

Smartphone Apps Development Team Weiqing Li Lijun Zhu Man Li.
An Evaluation of the Google Chrome Extension Security Architecture

An Evaluation of the Google Chrome Extension Security Architecture
Team Members: Brad Stancel,

Team Members: Brad Stancel,
Delivering the multiagent technology to end-users through the web D. Mitrović 1, M. Ivanović 1, C. Bădică 2 1 University of Novi Sad, Serbia 2 University.

Delivering the multiagent technology to end-users through the web D. Mitrović 1, M. Ivanović 1, C. Bădică 2 1 University of Novi Sad, Serbia 2 University.
A Large-Scale Study of Mobile Web App Security Patrick Mutchler, Adam Doupe, John Mitchell, Chris Kruegel, Giovanni Vigna.

A Large-Scale Study of Mobile Web App Security Patrick Mutchler, Adam Doupe, John Mitchell, Chris Kruegel, Giovanni Vigna.
MSc. Publishing on WWW JavaScript. What is JavaScript? A scripting language devised by Netscape Adds functionality to web pages by: Embedding code into.

MSc. Publishing on WWW JavaScript. What is JavaScript? A scripting language devised by Netscape Adds functionality to web pages by: Embedding code into.
ACTIVE X By Ethan Huang. OUTLINE What is ActiveX? Component of ActiveX Why ActiveX? ActiveX and Java Security Issue.

ACTIVE X By Ethan Huang. OUTLINE What is ActiveX? Component of ActiveX Why ActiveX? ActiveX and Java Security Issue.
It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.

It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.
CS 290C: Formal Models for Web Software Lecture 1: Introduction Instructor: Tevfik Bultan.

CS 290C: Formal Models for Web Software Lecture 1: Introduction Instructor: Tevfik Bultan.
Security of Mobile Applications Vitaly Shmatikov CS 6431.

Security of Mobile Applications Vitaly Shmatikov CS 6431.
Aaron Blankstein and Michael J. Freedman Princeton University Tuan Tran.

Aaron Blankstein and Michael J. Freedman Princeton University Tuan Tran.
Development of mobile applications using PhoneGap and HTML 5

Development of mobile applications using PhoneGap and HTML 5
1 Subspace: Secure Cross Domain Communication for Web Mashups Collin Jackson and Helen J. Wang Mamadou H. Diallo.

1 Subspace: Secure Cross Domain Communication for Web Mashups Collin Jackson and Helen J. Wang Mamadou H. Diallo.

Similar presentations

Ads by Google