0
Android Security

Presentation By,
Midhun P G
8th Nov, 2013
WALK THROUGH


Android Basics






Android Security Model














Application Sandboxing
Permission...
Android Basics
There are 4 billion mobile phones among 7 billion
people in the world
 Android owns the crown among its competitors
 The...
Android uses a kind of UNIX sandboxing method
to run its applications
 Applications uses IPC mechanisms to
communicate am...
ANDROID VERSIONS
ANDROID SOFTWARE STACK
Android Security Model


Unix Sandboxing



Each application have its own user name and
memory space



One app cannot access resources of oth...
Android permissions protect
-- Access to sensitive APIs
-- Access to content providers
-- Inter- and intra-application com...
What is an Android Application…?
WHAT IS AN ANDROID APPLICATION…?


Android applications are composed of one or more
application components
Activities
 S...
ACTIVITIES
SERVICES
BROADCAST RECEIVERS
CONTENT PROVIDERS
INTENTS & INTENT FILTERS
MANIFEST FILE
COMPONENT PERMISSION


Components can be made accessible to other
applications (exported) or be made private
Default is p...
REQUESTING PERMISSIONS
Android more secure than IOS??
Eric Schmidt made a comment that Android is
more secure than IOS.
The comment only prompted laughter from the crowd


Google backed up their chairman, stating that only
0.001% of installed apps are malicious.



They provided data for i...
Multiple Layers of Android security
Android Malwares
Android Is Secure...Users Aren‘t
 Google can't count malware it doesn't see
 Android has defenses...to protect itself, n...
How effective are mobile anti-viruses…?


No, Mobile Anti-Malware Utilities for Android are
Not Perfect, or Even the Same Protection You Get
on the Desktop



Y...
How Do You Protect Yourself…?
LEARN TO TELL IF AN ANDROID APP IS
MALWARE BEFORE YOU INSTALL IT


Take a look at app store reviews



Pay attention to ...
ANDROID ROOTING


Android rooting is the process of allowing users
of smartphones, tablets, and other devices running
the Android mobile ...
GENERAL ROOTING TERMS
Root
 ROM
 Kernel
 Flash
 Brick
 Bootloader
 Recovery
 ADB

"Rooting" vs. "jailbreaking"


In the tightly-controlled iOS world, technical
restrictions prevent
installing or booting into a modified or entirely n...
Android Market
OPEN SECURITY ISSUES IN ANDROID
PLATFORM
OPEN SECURITY ISSUES






Malicious Applications
 Rooting Exploits
 SMS Fraud
 Rapid Malware Production
Dynamic Ana...
OTHER OPEN PROBLEMS


Hard to separate malicious code from benign
 Poor Application Verification
 Obfuscation
 Dynamic...
TOP 7 VULNERABILITIES ANDROID
APPLICATION DEVELOPERS JUMP INTO
Unauthorized Intent Receipt
 Intent Spoofing
 Insecure St...
SOME SOLUTIONS…
Bouncer
 Taintdroid
 Droidbox
 Mercury Framework
 Androguard
 Apktool
 Dex2Jar
 Dexdump
 … and muc...
ANDROID APPLICATION
VULNERABILITY SCANNER TOOLKIT


Vulnerabilities in Android applications
Intent Spoofing (Confused-deputy Vulnerability)
 Insecure Storage (Cross-appli...


http://securityresearch.in/index.php/mobile/androidapplication-vulnerability-scanner-toolkit
SOME TIPS TO KEEP YOUR DATA SECURE


Always use encryption (whatsapp)



Never download apps from unsolicited emails and...
Android security
Android security
Android security
Android security
Android security
Android security
Android security
Android security
Android security
Android security
Android security
Android security
Android security
Android security
Android security
Android security
Upcoming SlideShare
Loading in...5
×

Android security

1,587

Published on

Published in: Education, Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,587
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
260
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

Transcript of "Android security"

  1. 1. Android Security Presentation By, Midhun P G 8th Nov, 2013
  2. 2. WALK THROUGH  Android Basics     Android Security Model            Application Sandboxing Permission Model What is an Android application?     Introduction Versions Android Stack Application Components Manifest file Requesting Permissions Android more secure than IOS?? Multiple Layers of Android security Android Malwares How effective are mobile anti-viruses Android Rooting Android Market Android Application Vulnerability Scanner Toolkit Open Security issues in Android platform Top 7 Vulnerabilities Android Application Developers May Jump Into
  3. 3. Android Basics
  4. 4. There are 4 billion mobile phones among 7 billion people in the world  Android owns the crown among its competitors  The use of smartphones for financial transactions and storing private information is increasing  Losing the mobile phone is more worse than losing wallets  Securing the data residing in mobiles is of prime importance. 
  5. 5. Android uses a kind of UNIX sandboxing method to run its applications  Applications uses IPC mechanisms to communicate among each other  These IPC mechanisms uses concept of endpoints  All the configuration parameters and the security parameters of an application are defined in a file called AndroidManifest.xml 
  6. 6. ANDROID VERSIONS
  7. 7. ANDROID SOFTWARE STACK
  8. 8. Android Security Model
  9. 9.  Unix Sandboxing  Each application have its own user name and memory space  One app cannot access resources of other app  Android permission enforcement
  10. 10. Android permissions protect -- Access to sensitive APIs -- Access to content providers -- Inter- and intra-application communication
  11. 11. What is an Android Application…?
  12. 12. WHAT IS AN ANDROID APPLICATION…?  Android applications are composed of one or more application components Activities  Services  Broadcast Receivers  Content Providers  Each component performs a different role in the overall application behavior, and each one can be activated individually (even by other applications)  The manifest file must declare all components in the application and should also declare all application requirements. 
  13. 13. ACTIVITIES
  14. 14. SERVICES
  15. 15. BROADCAST RECEIVERS
  16. 16. CONTENT PROVIDERS
  17. 17. INTENTS & INTENT FILTERS
  18. 18. MANIFEST FILE
  19. 19. COMPONENT PERMISSION  Components can be made accessible to other applications (exported) or be made private Default is private   Converted to public when component is registered to receive an implicit intents    Components can be protected by permission
  20. 20. REQUESTING PERMISSIONS
  21. 21. Android more secure than IOS??
  22. 22. Eric Schmidt made a comment that Android is more secure than IOS.
  23. 23. The comment only prompted laughter from the crowd
  24. 24.  Google backed up their chairman, stating that only 0.001% of installed apps are malicious.  They provided data for it.
  25. 25. Multiple Layers of Android security
  26. 26. Android Malwares
  27. 27. Android Is Secure...Users Aren‘t  Google can't count malware it doesn't see  Android has defenses...to protect itself, not your data  Many of Android's defenses are bypassed with a few taps, or by users  unauthorized sources  Rooting  What else.. ? 
  28. 28. How effective are mobile anti-viruses…?
  29. 29.  No, Mobile Anti-Malware Utilities for Android are Not Perfect, or Even the Same Protection You Get on the Desktop  You can't just install a mobile security suite on your Android phone and assume you'll be safe regardless of what you do.  The real weapon you have against Android malware is common sense.
  30. 30. How Do You Protect Yourself…?
  31. 31. LEARN TO TELL IF AN ANDROID APP IS MALWARE BEFORE YOU INSTALL IT  Take a look at app store reviews  Pay attention to the permissions an app requests  Check the developer's other apps  Don't install applications from unusual or suspicious sources  Keep a close watch on SMS and data activity
  32. 32. ANDROID ROOTING
  33. 33.  Android rooting is the process of allowing users of smartphones, tablets, and other devices running the Android mobile operating system to attain privileged control (known as "root access") within Android's subsystem.
  34. 34. GENERAL ROOTING TERMS Root  ROM  Kernel  Flash  Brick  Bootloader  Recovery  ADB 
  35. 35. "Rooting" vs. "jailbreaking"
  36. 36.  In the tightly-controlled iOS world, technical restrictions prevent installing or booting into a modified or entirely new operating system (a "locked bootloader" prevents this)  sideloading unsigned applications onto the device  user-installed apps from having root privileges (and are run in a secure sandboxed environment)   Bypassing all these restrictions together constitute the expansive term "jailbreaking" of Apple devices
  37. 37. Android Market
  38. 38. OPEN SECURITY ISSUES IN ANDROID PLATFORM
  39. 39. OPEN SECURITY ISSUES    Malicious Applications  Rooting Exploits  SMS Fraud  Rapid Malware Production Dynamic Analysis  Sandbox  Real-time Monitoring  Mobile Specific Features Static Analysis  Permissions  Data Flow  Control Flow  Browser Attacks  Phishing  Click Through  Mobile Botnets  Epidemic Spread  Attacking Network Services  Tracking Uninfected Devices  User Education  Ignoring Permissions  Phishing  Improperly Rooting Devices  Alternative Markets
  40. 40. OTHER OPEN PROBLEMS  Hard to separate malicious code from benign  Poor Application Verification  Obfuscation  Dynamic code loading  Limited availability of tools  Repackaging  Resources for Understanding Android Security
  41. 41. TOP 7 VULNERABILITIES ANDROID APPLICATION DEVELOPERS JUMP INTO Unauthorized Intent Receipt  Intent Spoofing  Insecure Storage  Insecure Network Communication  SQL Injection  Over Privileged Applications  Persistent Messages: Sticky Broadcasts 
  42. 42. SOME SOLUTIONS… Bouncer  Taintdroid  Droidbox  Mercury Framework  Androguard  Apktool  Dex2Jar  Dexdump  … and much more … 
  43. 43. ANDROID APPLICATION VULNERABILITY SCANNER TOOLKIT
  44. 44.  Vulnerabilities in Android applications Intent Spoofing (Confused-deputy Vulnerability)  Insecure Storage (Cross-application Data Stealing Vulnerability)  Over Privileged Applications  Debuggable Applications  No tool available for finding and fixing vulnerabilities in Android applications  Sensitive user data is getting leaked due to insecure applications 
  45. 45.  http://securityresearch.in/index.php/mobile/androidapplication-vulnerability-scanner-toolkit
  46. 46. SOME TIPS TO KEEP YOUR DATA SECURE  Always use encryption (whatsapp)  Never download apps from unsolicited emails and texts (malware)  Always check apps permissions (confused-deputy attacks, malware)  Monitor your data and messages
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×