Android security
Upcoming SlideShare
Loading in...5

Android security






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Android security Android security Presentation Transcript

  • Mohammed Alharbi
  • What is Android?•Android is a software stackfor mobile devices thatincludes an operating system•Developed by Google andOpen Handset Alliance ‘OHA’•Android platform using theJava programming language•Largest market share ,more thanSymbian and IOS
  • Application Components• Activities: An activity represents a single screen with a user interface.• Services: It is runs in the background .• Broadcast receivers: Responds to system-wide broadcast announcements.• Content providers: It is manages a shared set of application data.
  • Types of threats• Malware apps: The idea is to lure users into downloading a free or heavily discounted game, get them to launch it, and clandestinely install malware behind their back.• Drive-by exploits: The idea is to lure Android users to visit a website containing code that exploits a known weakness in a browser.
  • • Web Browser Vulnerability • available as of October 22, 2008. • Can affect any information browser have access on them.• GappII • The service runs behind the scene and monitors the status of current phone screen. • can be remotely controlled to install additional apps without user’s knowledge.
  • • UpdtKiller • Upload victims’ personal information and retrieve commands from a remote control and command (C&C) server. • Block antivirus software processes so that viruses can’t be detected.• UpdtBot • UpdtBot registers a remote Command and Control (C&C) server. • Can send text messages, make phone calls, and download and install apps.
  • Security Mechanism in AndroidSandboxes Each application is associated with a different UID. Every application runs in its own Linux process. Each process runs on its own Java VM. Application’s directory is only available to the application.
  • Security Mechanism in AndroidPermissions• Any application needs explicit permissions to access the components of other applications.• These permissions are set by the package installer.
  • Security Mechanism in AndroidSignatures  Any Android application must be signed with a certificate whose private key is held by the developer.  Identify the codes author.  Detect if the application has changed.  Establish trust between applications.
  • How to protect ourselves• Download Apps Only from Trusted Sources• Always check app permissions. Whenever you download or update an app, you get a list of permissions for it.• Dont View Sensitive Information on Public Wi-Fi• Put a malware and antivirus scanner on your phone.• Protect Your Phone with a Password
  • Conclusion• Android has a unique security model, which focuses on putting the user in control of the device.• It is balance between security and usability.
  • Thank you ….