Android security

309 views
291 views

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
309
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
10
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Android security

  1. 1. Mohammed Alharbi
  2. 2. What is Android?•Android is a software stackfor mobile devices thatincludes an operating system•Developed by Google andOpen Handset Alliance ‘OHA’•Android platform using theJava programming language•Largest market share ,more thanSymbian and IOS
  3. 3. Application Components• Activities: An activity represents a single screen with a user interface.• Services: It is runs in the background .• Broadcast receivers: Responds to system-wide broadcast announcements.• Content providers: It is manages a shared set of application data.
  4. 4. Types of threats• Malware apps: The idea is to lure users into downloading a free or heavily discounted game, get them to launch it, and clandestinely install malware behind their back.• Drive-by exploits: The idea is to lure Android users to visit a website containing code that exploits a known weakness in a browser.
  5. 5. • Web Browser Vulnerability • available as of October 22, 2008. • Can affect any information browser have access on them.• GappII • The service runs behind the scene and monitors the status of current phone screen. • can be remotely controlled to install additional apps without user’s knowledge.
  6. 6. • UpdtKiller • Upload victims’ personal information and retrieve commands from a remote control and command (C&C) server. • Block antivirus software processes so that viruses can’t be detected.• UpdtBot • UpdtBot registers a remote Command and Control (C&C) server. • Can send text messages, make phone calls, and download and install apps.
  7. 7. Security Mechanism in AndroidSandboxes Each application is associated with a different UID. Every application runs in its own Linux process. Each process runs on its own Java VM. Application’s directory is only available to the application.
  8. 8. Security Mechanism in AndroidPermissions• Any application needs explicit permissions to access the components of other applications.• These permissions are set by the package installer.
  9. 9. Security Mechanism in AndroidSignatures  Any Android application must be signed with a certificate whose private key is held by the developer.  Identify the codes author.  Detect if the application has changed.  Establish trust between applications.
  10. 10. How to protect ourselves• Download Apps Only from Trusted Sources• Always check app permissions. Whenever you download or update an app, you get a list of permissions for it.• Dont View Sensitive Information on Public Wi-Fi• Put a malware and antivirus scanner on your phone.• Protect Your Phone with a Password
  11. 11. Conclusion• Android has a unique security model, which focuses on putting the user in control of the device.• It is balance between security and usability.
  12. 12. Thank you ….

×