Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Introduction to Android Development and Security


Published on

Introduced basic concepts of Android application and some security concerned labs

Published in: Technology

Introduction to Android Development and Security

  1. An Introduction to Android Development and SecurityKun
  2. Android & Me• I’m a first-year graduate student.• I developed my first Android APP——BloGeo two years ago.• I’ve been an Android user for two years.• Now I’ve just started to learn Android security.
  3. Outline• Introduction to Android – Brief history – Architecture• Android Development – Environment – Programming framework – Building and running process – Case Study• Overview of Android Security Feature• Android Security Lab (by Security Compass)• My Future Study
  4. Brief History• Written by Andy Rubin(founder of Android Inc.)• Acquired by Google in 2005• Android 1.0 released in 2007• Android 4.0 released in 2011• 52.5% of global mobile users
  5. Brief Introduction• First complete, open and free mobile platform• Operating System – Mobile device optimized Linux kernel 2.6• Application framework – Mainly Java-based – Running on Dalvik virtual machine featuring JIT compilation• Key applications – Gmail, Maps, Contacts, Market and etc.
  6. Architecture
  7. Developing Environment• Totally free-of-charge – Open source – Eclipse with ADT plugin – SDK tools with an emulator – Android market• Dev guide –
  8. Android SDK Updater & AVD
  9. Android emulator
  10. Dalvik Debug Monitor
  11. Application Framework Overview• Components – Activities – Views – Intents – Services – Content providers – Broadcast receivers• Resources• Manifest File
  12. Activities• An activity is a single, focused thing that the user can do• Typically correspond to one UI screen• Activities are stacked like a deck of cards• Active activity is placed on top
  13. Activity Lifecycle• 4 states – Active – Paused(visible, not active) – Stopped(invisible) – Destroyed• Call back functions – onCreate & onDestroy – onStart & onStop & onRestart – onResume & onPause
  14. Hello World Activity
  15. Views• Views are GUI controls(E.g. TextView, EditText, Button)• Activity windows consist of views and viewgroups• Organized as trees to build up GUIs• Operations we can perform on views – Set properties: Use function or define in the XML layout files to load. – Set focus – Set up listener – Set visibility – Draw anything we like• We can use Layout to help place views – E.g. LinearLayout, TableLayout, AbsoluteLayout – Use function or define in the XML layout files
  16. Hello World using Layout XML Files
  17. Example Views
  18. Intents• Intents are used to exchange data between Activities or Applications• Think of Intents as a verb and object; a description of what you want done – E.g. VIEW, CALL, PLAY etc..• Describes what the application wants• Provides late runtime binding
  19. Services• Services run in the background• Don’t interact with the user• Run on the main thread of the process
  20. Content Providers• Content providers store and retrieve data and make it accessible to all applications• It is the only way to share data across packages• The backend is SQLite• They are linked to clients• Data exposed as a unique URI
  21. Resources• Resources are images , strings and etc.• Externalize resources from application code• SDK will generate codes to map a resource to an id, we can use static class R to get resources• Layout xml files are also resources
  22. Manifest File• Control file that tells the system what to do and how the top-level components are related• It’s the “glue” that actually specifies which intents your activities receive• Specifies permissions
  23. Building and Running• Android package format – Bundle a few files into a file(.apk) – Just a zip file – Classes.dex is core file – compiled java classes – Use ‘DX’ tool to convert Java *.class to Dalvik bytecode *.dex
  24. Building and Running
  25. Building and Running• DEX process flow
  26. Building and Running• Simplified Process Diagram
  27. Developing Process• Create your own android project• Design the UI• Externalize resources• React to events• Run the application
  28. BloGeo
  29. Android Security Overview• Goals – Protect user data – Protect system resources (including the network) – Provide application isolation• Android security features provided – Robust security at the OS level through the Linux kernel – Mandatory application sandbox for all applications – Secure interprocess communication – Application signing – Application-defined and user-granted permissions
  30. Android Security Overview(cont.)• Application Sandbox: Kernel Level – Each Application has a user ID(UID) to run• Interprocess Communication – Binder • A lightweight capability-based remote procedure call mechanism designed for high performance when performing in-process and cross-process calls. – Intents – ContentProviders• Application signing
  31. Android Security Overview(cont.)• Application-defined and user-granted permissions – Camera functions – Location data (GPS) – Bluetooth functions – Telephony functions – SMS/MMS functions – Network
  32. ExploitMe Mobile Android Labs• By Security Compass – information security consulting firm – specializing in secure software development and training• An open source project demonstrating Android mobile hacking• A bank transfer mobile client• Server written in python(http/https)• 8 Labs
  33. Lab 1: Secure connections• python• emulator.exe -avd emu -tcpdump test.cap• Solution: python --ssl --port 8443
  34. Lab 2 - Parameter Manipulation• emulator @YOUR_AVD_NAME --http-proxy localhost:8008• http postSolution:
  35. Lab 3 - Insecure file storage File creation mode: the default mode, where the created file can only beSolution: accessed by the calling application (or all applications sharing the same user ID).
  36. Lab 4 - Secure Logging Solution:• adb logcat Be aware of what you are logging and only log non-sensitive information.
  37. Lab 5 - Basic Encryption
  38. Lab 5 - Basic Encryption(cont.)
  39. Lab 6 - Advanced Encryption• apktool – It is a tool for reengineering 3rd party, closed, binary Android apps. – It can decode resources to nearly original form and rebuild them after making some modifications.
  40. Lab 6 - Advanced Encryption(cont.)• apktool d BasicEncryptionSolution.apk export
  41. Lab 6 - Advanced Encryption(cont.)
  42. Lab 6 - Advanced Encryption(cont.)• Smali – Smali is an assembler for the dex format used by dalvik
  43. Lab 6 - Advanced Encryption(cont.)
  44. Lab 7 - Memory Protection
  45. Lab 7 - Memory Protection• hprof-conv source dest – Convert dex memory dump format to Java format• Use MAT(memory analyzer tool) to browse it
  46. Lab 7 - Memory Protection(cont.)
  47. Lab 7 - Memory Protection(cont.)
  48. Lab 8 - Client-side Password complexity
  49. Future Study Android Reverse Engineering!I hope I can show you some more hacking examples next time.
  50. Thanks! Q&A