Presentation is loading. Please wait.

Presentation is loading. Please wait.

Android Security Extensions. Android Security Model Main objective is simplicity Users should not be bothered Does the user care? Most do not care…until.

Published byRandall King Modified over 8 years ago

Similar presentations

Presentation on theme: "Android Security Extensions. Android Security Model Main objective is simplicity Users should not be bothered Does the user care? Most do not care…until."— Presentation transcript:

1 Android Security Extensions

2 Android Security Model Main objective is simplicity Users should not be bothered Does the user care? Most do not care…until its too late But We do It needs a more advanced security mechanism

3 Who is in charge of Security? It depends on the device use Personal use: then the user is in charge Work use: the security admin of the company BYOD: both The user for the private/personal part The security admin for the work part Google: they are in charge They control the platform The App developers Not as much as you think

4 Able to change your mind? The authority that is in charge should be allowed to change security policies/settings This should be done By using the device Remotely No side effects on the apps installed With the current model it is not possible Most apps crash when operations are denied

5 Defining Malware Any software that can disrupt normal activities Any software that does not behave as declared Any software that compromises some properties Privacy Confidentiality Reliability …

6 Poorly Designed Apps If not designed properly, apps can (unintentionally): Deplete your resources (battery, data, etc.) Expose resources (internet, location, etc.)

7 Over-Privileged Apps Apps (developers) can ask for any combination of permissions Users can either install the apps (granting permissions) or not install at all Combinations of permissions such as Internet and Locations SMS Local Storage Can result in information leakage

8 Privilege Escalation Attacks “An adversary tries to escalate privileges to get unauthorised access to protected resources” Confused deputy attack Leverage the vulnerability of a benign application Colluding attacks More applications collaborate to get an objectionable set of permissions Android does not deal with transitive privilege usage Allows applications to bypass restrictions imposed by their sandboxes An application with less permissions (a non-privileged caller) is not restricted to access components of a more privileged application (a privileged callee) by default.

9 Privilege Escalation Attacks Data from component CA1 can reach component CC1 indirectly, via the CB1 component CB1 is able to access CC1 component since the application B and consequently all its components are granted p1 permission

10 Privilege Escalation Attacks Application B must enforce additional checks on permissions to ensure that the application calling CB1 component is granted a permission p1 Reference monitor hooks included in the code of the component The task to perform these checks is delegated to application developers instead of being enforced by the system in a centralized way

11 Android Security Extensions

12 Fine-grained Security Policy Saint (ACSAC ‘09) Allows app developers to protect their applications from being misused APEX (ASIACCS ‘10) Circumvent the All-or-Nothing approach of Android permission granting Porscha (ACSAC ‘10) Support for DRM-like policies for phone data CRePE (ISC ’10) Enforcement of context-related policies

13 Data Filtering and Tainting MockDroid (HotMobile ‘11) Limiting the access to the data TISSA (Trust ‘11) Substituting the reply from content providers TaintDroid (OSDI ’10) Labelling of data for preventing data leakage

14 Protection against Privilege Escalation QUIRE (USENIX Security Symposium ‘11) Effective against confused deputy attacks Tracing of IPC chain to check if all apps have the right to access a resource However It requires that apps have to use modified API It does not solve the problem of colluding apps

15 Protection against Privilege Escalation AppFence (TR 11 Uni Washington and MS Research) Based on TaintDroid for taint capability It supports data shadowing and protects from data exfiltration However Effective only against confused deputy attack

16 Protection against Privilege Escalation XManDroid (TR 11) Real-time IPC monitoring System state of the app communications for potential spread of privileges However No control outside the IPC channels (i.e. Internet access)

17 What is missing? No modifications to Android API No trust on apps Control over IPC and system-level calls (internet) Data filtering capabilities Tuneable

18 That is why they came up with …Yet Another Android Security Extension

19 Readings Davi, Lucas, et al. "Privilege escalation attacks on android." Information Security. Springer Berlin Heidelberg, 2011. 346- 360.

20 Questions?

Download ppt "Android Security Extensions. Android Security Model Main objective is simplicity Users should not be bothered Does the user care? Most do not care…until."

Similar presentations

Operating System Security

Operating System Security
Xiao Zhang and Wenliang Du Dept. of Electrical Engineering & Computer Science Syracuse University.

Xiao Zhang and Wenliang Du Dept. of Electrical Engineering & Computer Science Syracuse University.
Aurasium: Practical Policy Enforcement for Android Applications

Aurasium: Practical Policy Enforcement for Android Applications
An Example of an Android Security Extension YAASE - Yet Another Android Security Extension.

An Example of an Android Security Extension YAASE - Yet Another Android Security Extension.
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Aurasium: Practical Policy Enforcement for Android Applications By Yaoqi USENIX Security Symposium 2012.

Aurasium: Practical Policy Enforcement for Android Applications By Yaoqi USENIX Security Symposium 2012.
Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel Department of Computer Science and Engineering The Pennsylvania State University ACSCA.

Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel Department of Computer Science and Engineering The Pennsylvania State University ACSCA.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.

Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.
Automated Remote Repair for Mobile Malware Yacin Nadji, Jonathon Giffin, Patrick Traynor Georgia Institute of Technology ACSAC’ 11.

Automated Remote Repair for Mobile Malware Yacin Nadji, Jonathon Giffin, Patrick Traynor Georgia Institute of Technology ACSAC’ 11.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.

Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson.

Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson.
The Most Dangerous Code in the Browser Stefan Heule, Devon Rifkin, Alejandro Russo, Deian Stefan Stanford University, Chalmers University of Technology.

The Most Dangerous Code in the Browser Stefan Heule, Devon Rifkin, Alejandro Russo, Deian Stefan Stanford University, Chalmers University of Technology.
Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.

Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.
Chapter 2 Access Control Fundamentals. Chapter Overview Protection Systems Mandatory Protection Systems Reference Monitors Definition of a Secure Operating.

Chapter 2 Access Control Fundamentals. Chapter Overview Protection Systems Mandatory Protection Systems Reference Monitors Definition of a Secure Operating.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Security of Mobile Applications Vitaly Shmatikov CS 6431.

Security of Mobile Applications Vitaly Shmatikov CS 6431.
Term 2, 2011 Week 3. CONTENTS Network security Security threats – Accidental threats – Deliberate threats – Power surge Usernames and passwords Firewalls.

Term 2, 2011 Week 3. CONTENTS Network security Security threats – Accidental threats – Deliberate threats – Power surge Usernames and passwords Firewalls.
Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.

Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Similar presentations

Ads by Google