Presentation is loading. Please wait.

Presentation is loading. Please wait.

Arpit Jain Mtech2. Outline Introduction Attacks Solution Experimental Evaluation References.

Published byGwendoline Carter Modified over 9 years ago

Similar presentations

Presentation on theme: "Arpit Jain Mtech2. Outline Introduction Attacks Solution Experimental Evaluation References."— Presentation transcript:

1 Arpit Jain Mtech2

2 Outline Introduction Attacks Solution Experimental Evaluation References

3 Attacks in Android Android uses sandbox model and permission based label to avoid malware attacks. Permissions assigned to an application restricts the operation application can perform on smart phone. But still vulnerable to geinimi, a type of Trojan which packages with the legitimate applications and takes extra permissions then would have been required by that application without trojan.

4 Permissions

5 Solution Security based Model: SD figure- represents the risk level of permission pairs SD Rules- defines how to determine SD of certain permission pairs. And based on this SD figure decides whether to allow application.

6 Types of SD Safe SD represents a safe combination of security permissions that has a threat point of 0. Normal SD means a permission pair has no clear security threat with a threat point of 1. Dangerous SD with a threat point of 5 indicates a permission combination may have threat. Severe dangerous SD with a threat point of 25 means a permission pair with serious threat to the mobile phone security.

7 Classification of Security Permission When analyzing the Android security permission list, we can classify them by their functions. For example: READ_SMS, RECEIVE_SMS, SEND_SMS, WRITE SMS, BROADCAST_SMS permissions all related to the SMS function.

8 Measuring SD dc- closed SD of the application, dij and djk – related unclosed SD, subscript i and k represent the different permission of the two pairs, and subscript j represents the same permission of the two pairs. G stands for the number of classifications the application used.

9 Using SD model

10 Evaluation Result Test with 100 of Applications, found major having threat around 20. The application affected by Geinimi get a threat point over 500

11 References [1]A. Shabtai, Y. Fledel, U. Kanonov, et al. “Google Android: A Comprehensive Security assessment”, IEEE Security and Privacy. [2] X. Zhang, O. Aciiçmez, and J. Seifert. “A Trusted Mobile Phone Reference Architecture via Secure Kernel”. In Proceedings of ACM workshop on Scalable Trusted Computing, November 2007.

Download ppt "Arpit Jain Mtech2. Outline Introduction Attacks Solution Experimental Evaluation References."

Similar presentations

An Example of an Android Security Extension YAASE - Yet Another Android Security Extension.

An Example of an Android Security Extension YAASE - Yet Another Android Security Extension.
Roman Schlegel City University of Hong Kong Kehuan Zhang Xiaoyong Zhou Mehool Intwala Apu Kapadia XiaoFeng Wang Indiana University Bloomington NDSS SYMPOSIUM.

Roman Schlegel City University of Hong Kong Kehuan Zhang Xiaoyong Zhou Mehool Intwala Apu Kapadia XiaoFeng Wang Indiana University Bloomington NDSS SYMPOSIUM.
Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee 2007. 04. 23.

Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee
Defending against Sniffing Attacks on Mobile Phones Liang Cai (University of California, Davis), Sridhar Machiraju (Sprint Applied Research), Hao Chen.

Defending against Sniffing Attacks on Mobile Phones Liang Cai (University of California, Davis), Sridhar Machiraju (Sprint Applied Research), Hao Chen.
U.S. Department of Energy Pacific Northwest National Laboratory July 2004 Presented by Jeffery Mauth Pacific Northwest National Laboratory

U.S. Department of Energy Pacific Northwest National Laboratory July 2004 Presented by Jeffery Mauth Pacific Northwest National Laboratory
Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.

Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.
SAFETYCHECK Eric Hatch | David Allen |Bailee Lucas| Austin Rhodes.

SAFETYCHECK Eric Hatch | David Allen |Bailee Lucas| Austin Rhodes.
OneDrive for Business Introduction First Time Use First Time Use Access from Computer Access from Computer Access from Internet Access from Internet Access.

OneDrive for Business Introduction First Time Use First Time Use Access from Computer Access from Computer Access from Internet Access from Internet Access.
 Smartphone overview › Platform comparison  App Construction  Smartphone malware and viruses  Security threats  Keeping your Smartphone clean.

 Smartphone overview › Platform comparison  App Construction  Smartphone malware and viruses  Security threats  Keeping your Smartphone clean.
KB-IDS. Academic Advisor: Dr. Yuval Elovici Technical Advisor: Asaf Shabtai Team Members: Eliya Rahamim Elad Ankry Uri Kanonov.

KB-IDS. Academic Advisor: Dr. Yuval Elovici Technical Advisor: Asaf Shabtai Team Members: Eliya Rahamim Elad Ankry Uri Kanonov.
Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S09761197.

Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S
William Enck, Machigar Ongtang, and Patrick McDaniel.

William Enck, Machigar Ongtang, and Patrick McDaniel.
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.

CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
Presentation By Deepak Katta

Presentation By Deepak Katta
Unsafe Exposure Analysis of Mobile In-App Advertisements Offense: Rachel Stonehirsch.

Unsafe Exposure Analysis of Mobile In-App Advertisements Offense: Rachel Stonehirsch.
Introduction to Mobile Malware

Introduction to Mobile Malware
Sophos Mobile Security

Sophos Mobile Security
A.C. Chen ADL M Zubair Rafique Muhammad Khurram Khan Khaled Alghathbar Muddassar Farooq The 8th FTRA International Conference on Secure and.

A.C. Chen ADL M Zubair Rafique Muhammad Khurram Khan Khaled Alghathbar Muddassar Farooq The 8th FTRA International Conference on Secure and.
Introduction Our Topic: Mobile Security Why is mobile security important?

Introduction Our Topic: Mobile Security Why is mobile security important?
2015. 4. 28 박 종 혁 컴퓨터 보안 및 운영체제 연구실 MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications,

박 종 혁 컴퓨터 보안 및 운영체제 연구실 MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications,

Similar presentations

Ads by Google