SlideShare a Scribd company logo

Project meeting: SVMP - Secure Virtual Mobile Platform

Yu-Hsin Hung
Yu-Hsin Hung

SVMP: https://svmp.github.io

Software
1 of 19
Download to read offline
SVMP: Secure Virtual Mobile Platform Yu-Hsin Hung
Introduction • https://svmp.github.io • Configuration: x86 Android VMs on x86 server • VM Platform: support KVM, VirtualBox, VMware… • Cloud Controller: support OpenStack, Amazon EC2… • Remote Protocol: WebRTC + SVMP Wire Protocol • Client: Android/iOS app • Storage (user data) is separated from VM
Components • Client Application: an unprivileged Android/iOS application with WebRTC peer connection and SVMP protocol messages, similar to clients for VNC and RDP • SVMP Overseer: receive login request, perform authentication, and manage VMs on the cloud • SVMP Server: routing input message from client connections to SVMP daemons running inside virtual devices • SVMP daemon: primary entry point of client user input to the virtual device • Virtual Device: Virtual Device Image (SVMP Gold Image) + User Data Volume • Cloud Controller: support OpenStack, Amazon EC2…
Architecture
Virtual Device Structure • The central SVMP daemon • Touch-screen input injection • Virtual sensors • Location update pub/sub • Notification and Intent forwarding and re-broadcast • Virtual frame buffer, video encoding, and streaming
Virtual Device Structure
SVMP Wire Protocol • SVMP/svmp-protocol-def repository • Request: client->server • Response: server->client • JSON Payload: a type attribute and up to one optional attribute associated with that subtype, e.g. {“type”:”ROTATIONINFO”,”rotationInfo":{"rotation":0}} • Protocol Buffers: protocols are defined using “Protocol Buffers” - Google's data interchange format, and Java class definitions are generated by protocol buffer compiler
SVMP daemon • SVMP/android_external_svmp_eventserver repository • An user-level Android background service, launched when BroadcastReceiver catches BOOT_COMPLETED Intent • EventServer: many handlers to handle different events (touch, sensor, notification…) • LogHandler: logcat message forwarding • DatabaseHandler: GPS location service subscription • WifiSpoofer: spoof that Wi-Fi connection is active • details in next few pages…
SVMP daemon • proxy socket: a Java server socket to listen events from client • sensor socket: initialized in init.rc as /dev/socket/svmp_sensors • Handlers: • SensorHandler • LocationHandler • IntentHandler • NotificationHandler • KeyHandler • ConfigHandler: only keyboard configurations • LauncherHandler: for single app mode
Touch&screen injection • EventServer.java • SCREENINFO packet: sync screen resolution • TOUCHEVENT packet: translate coordinates X, Y and inject by Android InputManager (native support) • ROTATION_INFO packet: rotation info is injected by sending custom broadcast ROTATION_CHANGED_ACTION, received by modified framework
IntentHandler • IntentHandler.java • Android Intent: an abstract description of an operation to be performed • Currently support two kinds of intent forwarding • outgoing call: forward ACTION_NEW_OUTGOING_CALL from server to client and dial using client’s SIM card • activity action: forward ACTION_VIEW from client to server and open URL inside the VM
LocationHandler • LocationHandler.java • Android natively support mocked location • Catch custom Intent LOCATION_SUBSCRIBE_ACTION (sent by modified framework) and forward location request to client • Maintain location subscription in DatabaseHandler (single- shot or not) • Inject client’s GPS location to VM by spoofing test provider LocationManager.setTestProviderLocation()
NotificationHandler • NotificationHandler.java • catch custom Intent INTERCEPT_NOTIFICATION_ACTION • use Java Reflection to extract text elements and icons from RemoteViews and forward notification to client
SensorHandler • BaseServer.java • SENSOREVENT packet: forwarded to /dev/socket/ svmp_sensors socket • Client keep listening to all the available sensors • Use delay time mechanism to prevent spammy sensor messages • SVMP HAL module libsensors listens on the svmp_sensors socket then processes the actual sensor events, the HAL interfaces are defined in AOSP hardware/sensors.h
Android client • WebRTC: video & audio streaming • Corresponding handlers to deal with SVMP daemon • TouchHandler • RotationHandler • KeyHandler • ConfigHandler • NotificationHandler • SensorHandler • …
Android Framework modification • InputManagerService.java • Natively support injecting key events (KeyHandler.java in SVMP daemon) • Create a BroadcastReceiver to listen custom intent for hard keyboard, attach two virtual keyboards when hard keyboard attached to client • NotificationManager.java • Intercept notification by preventing enqueue it and send a INTERCEPT_NOTIFICATION broadcast, caught by SVMP daemon
Android Framework modification • WindowOrientationListener.java • Create a BroadcastReceiver to listen custom ROTATION_CHANGED intent and inject the rotation info • LocationManager.java • Intercept location request and send a LOCATION_SUBSCRIBE_ACTION broadcast, caught by SVMP daemon then redirected to client
Android System Core modification • BatteryMonitor.cpp • Battery injection • Battery status is always charging • Battery health is always good • Battery level is always 100%
Android Device Driver • Lots of things, still tracing… • Virtual Frame Buffer • VM write frame to VFB device instead of real video device • Android surfaceflinger library generates a VSYNC event when writing • When VSYNC event occurs, each frame is fed into the WebRTC subsystem • Virtual Sensors: libsensors/sensors.cpp • Re-implement the interface defined by AOSP

Recommended

Nokia Qt SDK in action - Qt developer days 2010
Nokia Qt SDK in action - Qt developer days 2010Nokia Qt SDK in action - Qt developer days 2010
Nokia Qt SDK in action - Qt developer days 2010Nokia
 
Real time websites and mobile apps with SignalR
Real time websites and mobile apps with SignalRReal time websites and mobile apps with SignalR
Real time websites and mobile apps with SignalRRoy Cornelissen
 
Iñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoup
Iñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoupIñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoup
Iñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoupIñaki Baz Castillo
 
signalr
signalrsignalr
signalrOwen Chen
 
Asynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.js
Asynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.jsAsynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.js
Asynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.jsChristian Heindel
 
FRED: A Hosted Data Flow Platform for the IoT
FRED: A Hosted Data Flow Platform for the IoTFRED: A Hosted Data Flow Platform for the IoT
FRED: A Hosted Data Flow Platform for the IoTMichael Blackstock
 
Realtime web experience with signalR
Realtime web experience with signalRRealtime web experience with signalR
Realtime web experience with signalRRan Wahle
 
Supporting Hyper-V 3.0 on Apache CloudStack
Supporting Hyper-V 3.0 on Apache CloudStackSupporting Hyper-V 3.0 on Apache CloudStack
Supporting Hyper-V 3.0 on Apache CloudStackDonal Lafferty
 

Recommended

Nokia Qt SDK in action - Qt developer days 2010
Nokia Qt SDK in action - Qt developer days 2010Nokia Qt SDK in action - Qt developer days 2010
Nokia Qt SDK in action - Qt developer days 2010Nokia
 
Real time websites and mobile apps with SignalR
Real time websites and mobile apps with SignalRReal time websites and mobile apps with SignalR
Real time websites and mobile apps with SignalRRoy Cornelissen
 
Iñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoup
Iñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoupIñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoup
Iñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoupIñaki Baz Castillo
 
signalr
signalrsignalr
signalrOwen Chen
 
Asynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.js
Asynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.jsAsynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.js
Asynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.jsChristian Heindel
 
FRED: A Hosted Data Flow Platform for the IoT
FRED: A Hosted Data Flow Platform for the IoTFRED: A Hosted Data Flow Platform for the IoT
FRED: A Hosted Data Flow Platform for the IoTMichael Blackstock
 
Realtime web experience with signalR
Realtime web experience with signalRRealtime web experience with signalR
Realtime web experience with signalRRan Wahle
 
Supporting Hyper-V 3.0 on Apache CloudStack
Supporting Hyper-V 3.0 on Apache CloudStackSupporting Hyper-V 3.0 on Apache CloudStack
Supporting Hyper-V 3.0 on Apache CloudStackDonal Lafferty
 
Docker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote APIDocker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote APIbcantrill
 
ASP.NET MVC 5 and SignalR 2
ASP.NET MVC 5 and SignalR 2ASP.NET MVC 5 and SignalR 2
ASP.NET MVC 5 and SignalR 2Jaliya Udagedara
 
Real time Communication with Signalr (Android Client)
Real time Communication with Signalr (Android Client)Real time Communication with Signalr (Android Client)
Real time Communication with Signalr (Android Client)Deepak Gupta
 
Actors or Not: Async Event Architectures
Actors or Not: Async Event ArchitecturesActors or Not: Async Event Architectures
Actors or Not: Async Event ArchitecturesYaroslav Tkachenko
 
Ovations AWS pop-up loft 2019 Technical presentation
Ovations AWS pop-up loft 2019 Technical presentationOvations AWS pop-up loft 2019 Technical presentation
Ovations AWS pop-up loft 2019 Technical presentationGeanBoegman
 
Terence Barr - beyond smartphones - 24mai2011
Terence Barr - beyond smartphones - 24mai2011Terence Barr - beyond smartphones - 24mai2011
Terence Barr - beyond smartphones - 24mai2011Agora Group
 
Under The Hood
Under The HoodUnder The Hood
Under The Hoodtdesaintmartin
 
SignalR powered real-time x-plat mobile apps!
SignalR powered real-time x-plat mobile apps!SignalR powered real-time x-plat mobile apps!
SignalR powered real-time x-plat mobile apps!Sam Basu
 
20150531 virtualizatino station 2.0 partner's day
20150531 virtualizatino station 2.0 partner's day20150531 virtualizatino station 2.0 partner's day
20150531 virtualizatino station 2.0 partner's dayqnapivan
 
Virtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of CloudVirtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of CloudNishant Munjal
 
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...Damir Dobric
 
20120306 dublin js
20120306 dublin js20120306 dublin js
20120306 dublin jsRichard Rodger
 
Secure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailSecure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailPriti Desai
 
Xtopia2010 wp7
Xtopia2010 wp7Xtopia2010 wp7
Xtopia2010 wp7Dr. Frank Prengel
 
Developing for Chromecast on Android
Developing for Chromecast on AndroidDeveloping for Chromecast on Android
Developing for Chromecast on AndroidKurt Mbanje
 
ANZ Dev Lounge Session - Feb 2017
ANZ Dev Lounge Session - Feb 2017ANZ Dev Lounge Session - Feb 2017
ANZ Dev Lounge Session - Feb 2017Amazon Web Services
 
Wcf Overview
Wcf OverviewWcf Overview
Wcf OverviewAmit Narula
 
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...confluent
 
Wifi direct p2p app
Wifi direct p2p appWifi direct p2p app
Wifi direct p2p appgeniushkg
 
Serverless everywhere
Serverless everywhereServerless everywhere
Serverless everywhereAymeric Weinbach
 
IoT/M2M Security
IoT/M2M SecurityIoT/M2M Security
IoT/M2M SecurityYu-Hsin Hung
 
Android Binder IPC for Linux
Android Binder IPC for LinuxAndroid Binder IPC for Linux
Android Binder IPC for LinuxYu-Hsin Hung
 

More Related Content

Similar to Project meeting: SVMP - Secure Virtual Mobile Platform

Docker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote APIDocker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote APIbcantrill
 
ASP.NET MVC 5 and SignalR 2
ASP.NET MVC 5 and SignalR 2ASP.NET MVC 5 and SignalR 2
ASP.NET MVC 5 and SignalR 2Jaliya Udagedara
 
Real time Communication with Signalr (Android Client)
Real time Communication with Signalr (Android Client)Real time Communication with Signalr (Android Client)
Real time Communication with Signalr (Android Client)Deepak Gupta
 
Actors or Not: Async Event Architectures
Actors or Not: Async Event ArchitecturesActors or Not: Async Event Architectures
Actors or Not: Async Event ArchitecturesYaroslav Tkachenko
 
Ovations AWS pop-up loft 2019 Technical presentation
Ovations AWS pop-up loft 2019 Technical presentationOvations AWS pop-up loft 2019 Technical presentation
Ovations AWS pop-up loft 2019 Technical presentationGeanBoegman
 
Terence Barr - beyond smartphones - 24mai2011
Terence Barr - beyond smartphones - 24mai2011Terence Barr - beyond smartphones - 24mai2011
Terence Barr - beyond smartphones - 24mai2011Agora Group
 
SignalR powered real-time x-plat mobile apps!
SignalR powered real-time x-plat mobile apps!SignalR powered real-time x-plat mobile apps!
SignalR powered real-time x-plat mobile apps!Sam Basu
 
20150531 virtualizatino station 2.0 partner's day
20150531 virtualizatino station 2.0 partner's day20150531 virtualizatino station 2.0 partner's day
20150531 virtualizatino station 2.0 partner's dayqnapivan
 
Virtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of CloudVirtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of CloudNishant Munjal
 
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...Damir Dobric
 
Secure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailSecure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailPriti Desai
 
Developing for Chromecast on Android
Developing for Chromecast on AndroidDeveloping for Chromecast on Android
Developing for Chromecast on AndroidKurt Mbanje
 
ANZ Dev Lounge Session - Feb 2017
ANZ Dev Lounge Session - Feb 2017ANZ Dev Lounge Session - Feb 2017
ANZ Dev Lounge Session - Feb 2017Amazon Web Services
 
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...confluent
 
Wifi direct p2p app
Wifi direct p2p appWifi direct p2p app
Wifi direct p2p appgeniushkg
 

Similar to Project meeting: SVMP - Secure Virtual Mobile Platform (20)

Docker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote APIDocker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote API
 
ASP.NET MVC 5 and SignalR 2
ASP.NET MVC 5 and SignalR 2ASP.NET MVC 5 and SignalR 2
ASP.NET MVC 5 and SignalR 2
 
Real time Communication with Signalr (Android Client)
Real time Communication with Signalr (Android Client)Real time Communication with Signalr (Android Client)
Real time Communication with Signalr (Android Client)
 
Actors or Not: Async Event Architectures
Actors or Not: Async Event ArchitecturesActors or Not: Async Event Architectures
Actors or Not: Async Event Architectures
 
Ovations AWS pop-up loft 2019 Technical presentation
Ovations AWS pop-up loft 2019 Technical presentationOvations AWS pop-up loft 2019 Technical presentation
Ovations AWS pop-up loft 2019 Technical presentation
 
Terence Barr - beyond smartphones - 24mai2011
Terence Barr - beyond smartphones - 24mai2011Terence Barr - beyond smartphones - 24mai2011
Terence Barr - beyond smartphones - 24mai2011
 
Under The Hood
Under The HoodUnder The Hood
Under The Hood
 
SignalR powered real-time x-plat mobile apps!
SignalR powered real-time x-plat mobile apps!SignalR powered real-time x-plat mobile apps!
SignalR powered real-time x-plat mobile apps!
 
20150531 virtualizatino station 2.0 partner's day
20150531 virtualizatino station 2.0 partner's day20150531 virtualizatino station 2.0 partner's day
20150531 virtualizatino station 2.0 partner's day
 
Virtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of CloudVirtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of Cloud
 
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
 
20120306 dublin js
20120306 dublin js20120306 dublin js
20120306 dublin js
 
Secure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailSecure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrail
 
Xtopia2010 wp7
Xtopia2010 wp7Xtopia2010 wp7
Xtopia2010 wp7
 
Developing for Chromecast on Android
Developing for Chromecast on AndroidDeveloping for Chromecast on Android
Developing for Chromecast on Android
 
ANZ Dev Lounge Session - Feb 2017
ANZ Dev Lounge Session - Feb 2017ANZ Dev Lounge Session - Feb 2017
ANZ Dev Lounge Session - Feb 2017
 
Wcf Overview
Wcf OverviewWcf Overview
Wcf Overview
 
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
 
Wifi direct p2p app
Wifi direct p2p appWifi direct p2p app
Wifi direct p2p app
 
Serverless everywhere
Serverless everywhereServerless everywhere
Serverless everywhere
 

More from Yu-Hsin Hung

Android Binder IPC for Linux
Android Binder IPC for LinuxAndroid Binder IPC for Linux
Android Binder IPC for LinuxYu-Hsin Hung
 
Project meeting: Android Graphics Architecture Overview
Project meeting: Android Graphics Architecture OverviewProject meeting: Android Graphics Architecture Overview
Project meeting: Android Graphics Architecture OverviewYu-Hsin Hung
 
Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...
Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...
Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...Yu-Hsin Hung
 
Group meeting: TaintPipe - Pipelined Symbolic Taint Analysis
Group meeting: TaintPipe - Pipelined Symbolic Taint AnalysisGroup meeting: TaintPipe - Pipelined Symbolic Taint Analysis
Group meeting: TaintPipe - Pipelined Symbolic Taint AnalysisYu-Hsin Hung
 
Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...
Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...
Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...Yu-Hsin Hung
 
Group meeting: Identifying Information Disclosure in Web Applications with Re...
Group meeting: Identifying Information Disclosure in Web Applications with Re...Group meeting: Identifying Information Disclosure in Web Applications with Re...
Group meeting: Identifying Information Disclosure in Web Applications with Re...Yu-Hsin Hung
 
DockerVC Hackathon Presentation
DockerVC Hackathon PresentationDockerVC Hackathon Presentation
DockerVC Hackathon PresentationYu-Hsin Hung
 

More from Yu-Hsin Hung (8)

IoT/M2M Security
IoT/M2M SecurityIoT/M2M Security
IoT/M2M Security
 
Android Binder IPC for Linux
Android Binder IPC for LinuxAndroid Binder IPC for Linux
Android Binder IPC for Linux
 
Project meeting: Android Graphics Architecture Overview
Project meeting: Android Graphics Architecture OverviewProject meeting: Android Graphics Architecture Overview
Project meeting: Android Graphics Architecture Overview
 
Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...
Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...
Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...
 
Group meeting: TaintPipe - Pipelined Symbolic Taint Analysis
Group meeting: TaintPipe - Pipelined Symbolic Taint AnalysisGroup meeting: TaintPipe - Pipelined Symbolic Taint Analysis
Group meeting: TaintPipe - Pipelined Symbolic Taint Analysis
 
Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...
Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...
Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...
 
Group meeting: Identifying Information Disclosure in Web Applications with Re...
Group meeting: Identifying Information Disclosure in Web Applications with Re...Group meeting: Identifying Information Disclosure in Web Applications with Re...
Group meeting: Identifying Information Disclosure in Web Applications with Re...
 
DockerVC Hackathon Presentation
DockerVC Hackathon PresentationDockerVC Hackathon Presentation
DockerVC Hackathon Presentation
 

Recently uploaded

Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 

Recently uploaded (20)

Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 

Project meeting: SVMP - Secure Virtual Mobile Platform

  • 1. SVMP: Secure Virtual Mobile Platform Yu-Hsin Hung
  • 2. Introduction • https://svmp.github.io • Configuration: x86 Android VMs on x86 server • VM Platform: support KVM, VirtualBox, VMware… • Cloud Controller: support OpenStack, Amazon EC2… • Remote Protocol: WebRTC + SVMP Wire Protocol • Client: Android/iOS app • Storage (user data) is separated from VM
  • 3. Components • Client Application: an unprivileged Android/iOS application with WebRTC peer connection and SVMP protocol messages, similar to clients for VNC and RDP • SVMP Overseer: receive login request, perform authentication, and manage VMs on the cloud • SVMP Server: routing input message from client connections to SVMP daemons running inside virtual devices • SVMP daemon: primary entry point of client user input to the virtual device • Virtual Device: Virtual Device Image (SVMP Gold Image) + User Data Volume • Cloud Controller: support OpenStack, Amazon EC2…
  • 5. Virtual Device Structure • The central SVMP daemon • Touch-screen input injection • Virtual sensors • Location update pub/sub • Notification and Intent forwarding and re-broadcast • Virtual frame buffer, video encoding, and streaming
  • 7. SVMP Wire Protocol • SVMP/svmp-protocol-def repository • Request: client->server • Response: server->client • JSON Payload: a type attribute and up to one optional attribute associated with that subtype, e.g. {“type”:”ROTATIONINFO”,”rotationInfo":{"rotation":0}} • Protocol Buffers: protocols are defined using “Protocol Buffers” - Google's data interchange format, and Java class definitions are generated by protocol buffer compiler
  • 8. SVMP daemon • SVMP/android_external_svmp_eventserver repository • An user-level Android background service, launched when BroadcastReceiver catches BOOT_COMPLETED Intent • EventServer: many handlers to handle different events (touch, sensor, notification…) • LogHandler: logcat message forwarding • DatabaseHandler: GPS location service subscription • WifiSpoofer: spoof that Wi-Fi connection is active • details in next few pages…
  • 9. SVMP daemon • proxy socket: a Java server socket to listen events from client • sensor socket: initialized in init.rc as /dev/socket/svmp_sensors • Handlers: • SensorHandler • LocationHandler • IntentHandler • NotificationHandler • KeyHandler • ConfigHandler: only keyboard configurations • LauncherHandler: for single app mode
  • 10. Touch&screen injection • EventServer.java • SCREENINFO packet: sync screen resolution • TOUCHEVENT packet: translate coordinates X, Y and inject by Android InputManager (native support) • ROTATION_INFO packet: rotation info is injected by sending custom broadcast ROTATION_CHANGED_ACTION, received by modified framework
  • 11. IntentHandler • IntentHandler.java • Android Intent: an abstract description of an operation to be performed • Currently support two kinds of intent forwarding • outgoing call: forward ACTION_NEW_OUTGOING_CALL from server to client and dial using client’s SIM card • activity action: forward ACTION_VIEW from client to server and open URL inside the VM
  • 12. LocationHandler • LocationHandler.java • Android natively support mocked location • Catch custom Intent LOCATION_SUBSCRIBE_ACTION (sent by modified framework) and forward location request to client • Maintain location subscription in DatabaseHandler (single- shot or not) • Inject client’s GPS location to VM by spoofing test provider LocationManager.setTestProviderLocation()
  • 13. NotificationHandler • NotificationHandler.java • catch custom Intent INTERCEPT_NOTIFICATION_ACTION • use Java Reflection to extract text elements and icons from RemoteViews and forward notification to client
  • 14. SensorHandler • BaseServer.java • SENSOREVENT packet: forwarded to /dev/socket/ svmp_sensors socket • Client keep listening to all the available sensors • Use delay time mechanism to prevent spammy sensor messages • SVMP HAL module libsensors listens on the svmp_sensors socket then processes the actual sensor events, the HAL interfaces are defined in AOSP hardware/sensors.h
  • 15. Android client • WebRTC: video & audio streaming • Corresponding handlers to deal with SVMP daemon • TouchHandler • RotationHandler • KeyHandler • ConfigHandler • NotificationHandler • SensorHandler • …
  • 16. Android Framework modification • InputManagerService.java • Natively support injecting key events (KeyHandler.java in SVMP daemon) • Create a BroadcastReceiver to listen custom intent for hard keyboard, attach two virtual keyboards when hard keyboard attached to client • NotificationManager.java • Intercept notification by preventing enqueue it and send a INTERCEPT_NOTIFICATION broadcast, caught by SVMP daemon
  • 17. Android Framework modification • WindowOrientationListener.java • Create a BroadcastReceiver to listen custom ROTATION_CHANGED intent and inject the rotation info • LocationManager.java • Intercept location request and send a LOCATION_SUBSCRIBE_ACTION broadcast, caught by SVMP daemon then redirected to client
  • 18. Android System Core modification • BatteryMonitor.cpp • Battery injection • Battery status is always charging • Battery health is always good • Battery level is always 100%
  • 19. Android Device Driver • Lots of things, still tracing… • Virtual Frame Buffer • VM write frame to VFB device instead of real video device • Android surfaceflinger library generates a VSYNC event when writing • When VSYNC event occurs, each frame is fed into the WebRTC subsystem • Virtual Sensors: libsensors/sensors.cpp • Re-implement the interface defined by AOSP