SlideShare a Scribd company logo

Project meeting: SVMP - Secure Virtual Mobile Platform

Yu-Hsin Hung
Yu-Hsin Hung

SVMP is a platform that allows running Android VMs securely in virtual devices on a server. It uses WebRTC for video/audio streaming and a custom protocol for other inputs. The main components are a client app, overseer, server, and SVMP daemon running in each VM. The daemon handles inputs like touch, sensors, notifications which are forwarded from the client. The Android framework and drivers were modified to support virtual sensors and inputs by intercepting and redirecting certain system calls and intents. This allows the VM to behave like a real mobile device controlled remotely by the client.

Software
1 of 19
Download to read offline
SVMP: Secure Virtual Mobile Platform Yu-Hsin Hung
Introduction • https://svmp.github.io • Configuration: x86 Android VMs on x86 server • VM Platform: support KVM, VirtualBox, VMware… • Cloud Controller: support OpenStack, Amazon EC2… • Remote Protocol: WebRTC + SVMP Wire Protocol • Client: Android/iOS app • Storage (user data) is separated from VM
Components • Client Application: an unprivileged Android/iOS application with WebRTC peer connection and SVMP protocol messages, similar to clients for VNC and RDP • SVMP Overseer: receive login request, perform authentication, and manage VMs on the cloud • SVMP Server: routing input message from client connections to SVMP daemons running inside virtual devices • SVMP daemon: primary entry point of client user input to the virtual device • Virtual Device: Virtual Device Image (SVMP Gold Image) + User Data Volume • Cloud Controller: support OpenStack, Amazon EC2…
Architecture
Virtual Device Structure • The central SVMP daemon • Touch-screen input injection • Virtual sensors • Location update pub/sub • Notification and Intent forwarding and re-broadcast • Virtual frame buffer, video encoding, and streaming
Virtual Device Structure
SVMP Wire Protocol • SVMP/svmp-protocol-def repository • Request: client->server • Response: server->client • JSON Payload: a type attribute and up to one optional attribute associated with that subtype, e.g. {“type”:”ROTATIONINFO”,”rotationInfo":{"rotation":0}} • Protocol Buffers: protocols are defined using “Protocol Buffers” - Google's data interchange format, and Java class definitions are generated by protocol buffer compiler
SVMP daemon • SVMP/android_external_svmp_eventserver repository • An user-level Android background service, launched when BroadcastReceiver catches BOOT_COMPLETED Intent • EventServer: many handlers to handle different events (touch, sensor, notification…) • LogHandler: logcat message forwarding • DatabaseHandler: GPS location service subscription • WifiSpoofer: spoof that Wi-Fi connection is active • details in next few pages…
SVMP daemon • proxy socket: a Java server socket to listen events from client • sensor socket: initialized in init.rc as /dev/socket/svmp_sensors • Handlers: • SensorHandler • LocationHandler • IntentHandler • NotificationHandler • KeyHandler • ConfigHandler: only keyboard configurations • LauncherHandler: for single app mode
Touch&screen injection • EventServer.java • SCREENINFO packet: sync screen resolution • TOUCHEVENT packet: translate coordinates X, Y and inject by Android InputManager (native support) • ROTATION_INFO packet: rotation info is injected by sending custom broadcast ROTATION_CHANGED_ACTION, received by modified framework
IntentHandler • IntentHandler.java • Android Intent: an abstract description of an operation to be performed • Currently support two kinds of intent forwarding • outgoing call: forward ACTION_NEW_OUTGOING_CALL from server to client and dial using client’s SIM card • activity action: forward ACTION_VIEW from client to server and open URL inside the VM
LocationHandler • LocationHandler.java • Android natively support mocked location • Catch custom Intent LOCATION_SUBSCRIBE_ACTION (sent by modified framework) and forward location request to client • Maintain location subscription in DatabaseHandler (single- shot or not) • Inject client’s GPS location to VM by spoofing test provider LocationManager.setTestProviderLocation()
NotificationHandler • NotificationHandler.java • catch custom Intent INTERCEPT_NOTIFICATION_ACTION • use Java Reflection to extract text elements and icons from RemoteViews and forward notification to client
SensorHandler • BaseServer.java • SENSOREVENT packet: forwarded to /dev/socket/ svmp_sensors socket • Client keep listening to all the available sensors • Use delay time mechanism to prevent spammy sensor messages • SVMP HAL module libsensors listens on the svmp_sensors socket then processes the actual sensor events, the HAL interfaces are defined in AOSP hardware/sensors.h
Android client • WebRTC: video & audio streaming • Corresponding handlers to deal with SVMP daemon • TouchHandler • RotationHandler • KeyHandler • ConfigHandler • NotificationHandler • SensorHandler • …
Android Framework modification • InputManagerService.java • Natively support injecting key events (KeyHandler.java in SVMP daemon) • Create a BroadcastReceiver to listen custom intent for hard keyboard, attach two virtual keyboards when hard keyboard attached to client • NotificationManager.java • Intercept notification by preventing enqueue it and send a INTERCEPT_NOTIFICATION broadcast, caught by SVMP daemon
Android Framework modification • WindowOrientationListener.java • Create a BroadcastReceiver to listen custom ROTATION_CHANGED intent and inject the rotation info • LocationManager.java • Intercept location request and send a LOCATION_SUBSCRIBE_ACTION broadcast, caught by SVMP daemon then redirected to client
Android System Core modification • BatteryMonitor.cpp • Battery injection • Battery status is always charging • Battery health is always good • Battery level is always 100%
Android Device Driver • Lots of things, still tracing… • Virtual Frame Buffer • VM write frame to VFB device instead of real video device • Android surfaceflinger library generates a VSYNC event when writing • When VSYNC event occurs, each frame is fed into the WebRTC subsystem • Virtual Sensors: libsensors/sensors.cpp • Re-implement the interface defined by AOSP

Recommended

Nokia Qt SDK in action - Qt developer days 2010
Nokia Qt SDK in action - Qt developer days 2010Nokia Qt SDK in action - Qt developer days 2010
Nokia Qt SDK in action - Qt developer days 2010
Nokia
 
Real time websites and mobile apps with SignalR
Real time websites and mobile apps with SignalRReal time websites and mobile apps with SignalR
Real time websites and mobile apps with SignalR
Roy Cornelissen
 
Iñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoup
Iñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoupIñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoup
Iñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoup
Iñaki Baz Castillo
 
signalr
signalrsignalr
signalr
Owen Chen
 
Asynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.js
Asynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.jsAsynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.js
Asynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.js
Christian Heindel
 
FRED: A Hosted Data Flow Platform for the IoT
FRED: A Hosted Data Flow Platform for the IoTFRED: A Hosted Data Flow Platform for the IoT
FRED: A Hosted Data Flow Platform for the IoT
Michael Blackstock
 
Realtime web experience with signalR
Realtime web experience with signalRRealtime web experience with signalR
Realtime web experience with signalR
Ran Wahle
 
Supporting Hyper-V 3.0 on Apache CloudStack
Supporting Hyper-V 3.0 on Apache CloudStackSupporting Hyper-V 3.0 on Apache CloudStack
Supporting Hyper-V 3.0 on Apache CloudStack
Donal Lafferty
 

Recommended

Nokia Qt SDK in action - Qt developer days 2010
Nokia Qt SDK in action - Qt developer days 2010Nokia Qt SDK in action - Qt developer days 2010
Nokia Qt SDK in action - Qt developer days 2010
Nokia
 
Real time websites and mobile apps with SignalR
Real time websites and mobile apps with SignalRReal time websites and mobile apps with SignalR
Real time websites and mobile apps with SignalR
Roy Cornelissen
 
Iñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoup
Iñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoupIñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoup
Iñaki Baz - CommCon 2018 | Building multy-party video apps with mediasoup
Iñaki Baz Castillo
 
signalr
signalrsignalr
signalr
Owen Chen
 
Asynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.js
Asynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.jsAsynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.js
Asynchrone Echtzeitanwendungen für SharePoint mit SignalR und knockout.js
Christian Heindel
 
FRED: A Hosted Data Flow Platform for the IoT
FRED: A Hosted Data Flow Platform for the IoTFRED: A Hosted Data Flow Platform for the IoT
FRED: A Hosted Data Flow Platform for the IoT
Michael Blackstock
 
Realtime web experience with signalR
Realtime web experience with signalRRealtime web experience with signalR
Realtime web experience with signalR
Ran Wahle
 
Supporting Hyper-V 3.0 on Apache CloudStack
Supporting Hyper-V 3.0 on Apache CloudStackSupporting Hyper-V 3.0 on Apache CloudStack
Supporting Hyper-V 3.0 on Apache CloudStack
Donal Lafferty
 
Docker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote APIDocker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote API
bcantrill
 
ASP.NET MVC 5 and SignalR 2
ASP.NET MVC 5 and SignalR 2ASP.NET MVC 5 and SignalR 2
ASP.NET MVC 5 and SignalR 2
Jaliya Udagedara
 
Real time Communication with Signalr (Android Client)
Real time Communication with Signalr (Android Client)Real time Communication with Signalr (Android Client)
Real time Communication with Signalr (Android Client)
Deepak Gupta
 
Actors or Not: Async Event Architectures
Actors or Not: Async Event ArchitecturesActors or Not: Async Event Architectures
Actors or Not: Async Event Architectures
Yaroslav Tkachenko
 
Ovations AWS pop-up loft 2019 Technical presentation
Ovations AWS pop-up loft 2019 Technical presentationOvations AWS pop-up loft 2019 Technical presentation
Ovations AWS pop-up loft 2019 Technical presentation
GeanBoegman
 
Terence Barr - beyond smartphones - 24mai2011
Terence Barr - beyond smartphones - 24mai2011Terence Barr - beyond smartphones - 24mai2011
Terence Barr - beyond smartphones - 24mai2011
Agora Group
 
Under The Hood
Under The HoodUnder The Hood
Under The Hood
tdesaintmartin
 
SignalR powered real-time x-plat mobile apps!
SignalR powered real-time x-plat mobile apps!SignalR powered real-time x-plat mobile apps!
SignalR powered real-time x-plat mobile apps!
Sam Basu
 
20150531 virtualizatino station 2.0 partner's day
20150531 virtualizatino station 2.0 partner's day20150531 virtualizatino station 2.0 partner's day
20150531 virtualizatino station 2.0 partner's day
qnapivan
 
Virtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of CloudVirtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of Cloud
Nishant Munjal
 
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
Damir Dobric
 
20120306 dublin js
20120306 dublin js20120306 dublin js
20120306 dublin js
Richard Rodger
 
Secure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailSecure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrail
Priti Desai
 
Xtopia2010 wp7
Xtopia2010 wp7Xtopia2010 wp7
Xtopia2010 wp7
Dr. Frank Prengel
 
Developing for Chromecast on Android
Developing for Chromecast on AndroidDeveloping for Chromecast on Android
Developing for Chromecast on Android
Kurt Mbanje
 
ANZ Dev Lounge Session - Feb 2017
ANZ Dev Lounge Session - Feb 2017ANZ Dev Lounge Session - Feb 2017
ANZ Dev Lounge Session - Feb 2017
Amazon Web Services
 
Wcf Overview
Wcf OverviewWcf Overview
Wcf Overview
Amit Narula
 
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
confluent
 
Wifi direct p2p app
Wifi direct p2p appWifi direct p2p app
Wifi direct p2p app
geniushkg
 
Serverless everywhere
Serverless everywhereServerless everywhere
Serverless everywhere
Aymeric Weinbach
 
IoT/M2M Security
IoT/M2M SecurityIoT/M2M Security
IoT/M2M Security
Yu-Hsin Hung
 
Android Binder IPC for Linux
Android Binder IPC for LinuxAndroid Binder IPC for Linux
Android Binder IPC for Linux
Yu-Hsin Hung
 

More Related Content

Similar to Project meeting: SVMP - Secure Virtual Mobile Platform

Docker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote APIDocker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote API
bcantrill
 
ASP.NET MVC 5 and SignalR 2
ASP.NET MVC 5 and SignalR 2ASP.NET MVC 5 and SignalR 2
ASP.NET MVC 5 and SignalR 2
Jaliya Udagedara
 
Real time Communication with Signalr (Android Client)
Real time Communication with Signalr (Android Client)Real time Communication with Signalr (Android Client)
Real time Communication with Signalr (Android Client)
Deepak Gupta
 
Actors or Not: Async Event Architectures
Actors or Not: Async Event ArchitecturesActors or Not: Async Event Architectures
Actors or Not: Async Event Architectures
Yaroslav Tkachenko
 
Ovations AWS pop-up loft 2019 Technical presentation
Ovations AWS pop-up loft 2019 Technical presentationOvations AWS pop-up loft 2019 Technical presentation
Ovations AWS pop-up loft 2019 Technical presentation
GeanBoegman
 
Terence Barr - beyond smartphones - 24mai2011
Terence Barr - beyond smartphones - 24mai2011Terence Barr - beyond smartphones - 24mai2011
Terence Barr - beyond smartphones - 24mai2011
Agora Group
 
Under The Hood
Under The HoodUnder The Hood
Under The Hood
tdesaintmartin
 
SignalR powered real-time x-plat mobile apps!
SignalR powered real-time x-plat mobile apps!SignalR powered real-time x-plat mobile apps!
SignalR powered real-time x-plat mobile apps!
Sam Basu
 
20150531 virtualizatino station 2.0 partner's day
20150531 virtualizatino station 2.0 partner's day20150531 virtualizatino station 2.0 partner's day
20150531 virtualizatino station 2.0 partner's day
qnapivan
 
Virtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of CloudVirtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of Cloud
Nishant Munjal
 
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
Damir Dobric
 
20120306 dublin js
20120306 dublin js20120306 dublin js
20120306 dublin js
Richard Rodger
 
Secure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailSecure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrail
Priti Desai
 
Xtopia2010 wp7
Xtopia2010 wp7Xtopia2010 wp7
Xtopia2010 wp7
Dr. Frank Prengel
 
Developing for Chromecast on Android
Developing for Chromecast on AndroidDeveloping for Chromecast on Android
Developing for Chromecast on Android
Kurt Mbanje
 
ANZ Dev Lounge Session - Feb 2017
ANZ Dev Lounge Session - Feb 2017ANZ Dev Lounge Session - Feb 2017
ANZ Dev Lounge Session - Feb 2017
Amazon Web Services
 
Wcf Overview
Wcf OverviewWcf Overview
Wcf Overview
Amit Narula
 
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
confluent
 
Wifi direct p2p app
Wifi direct p2p appWifi direct p2p app
Wifi direct p2p app
geniushkg
 
Serverless everywhere
Serverless everywhereServerless everywhere
Serverless everywhere
Aymeric Weinbach
 

Similar to Project meeting: SVMP - Secure Virtual Mobile Platform (20)

Docker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote APIDocker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote API
 
ASP.NET MVC 5 and SignalR 2
ASP.NET MVC 5 and SignalR 2ASP.NET MVC 5 and SignalR 2
ASP.NET MVC 5 and SignalR 2
 
Real time Communication with Signalr (Android Client)
Real time Communication with Signalr (Android Client)Real time Communication with Signalr (Android Client)
Real time Communication with Signalr (Android Client)
 
Actors or Not: Async Event Architectures
Actors or Not: Async Event ArchitecturesActors or Not: Async Event Architectures
Actors or Not: Async Event Architectures
 
Ovations AWS pop-up loft 2019 Technical presentation
Ovations AWS pop-up loft 2019 Technical presentationOvations AWS pop-up loft 2019 Technical presentation
Ovations AWS pop-up loft 2019 Technical presentation
 
Terence Barr - beyond smartphones - 24mai2011
Terence Barr - beyond smartphones - 24mai2011Terence Barr - beyond smartphones - 24mai2011
Terence Barr - beyond smartphones - 24mai2011
 
Under The Hood
Under The HoodUnder The Hood
Under The Hood
 
SignalR powered real-time x-plat mobile apps!
SignalR powered real-time x-plat mobile apps!SignalR powered real-time x-plat mobile apps!
SignalR powered real-time x-plat mobile apps!
 
20150531 virtualizatino station 2.0 partner's day
20150531 virtualizatino station 2.0 partner's day20150531 virtualizatino station 2.0 partner's day
20150531 virtualizatino station 2.0 partner's day
 
Virtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of CloudVirtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of Cloud
 
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
Realtime Messaging und verteilte Systeme mit SharePoint und Windows Azure Ser...
 
20120306 dublin js
20120306 dublin js20120306 dublin js
20120306 dublin js
 
Secure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailSecure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrail
 
Xtopia2010 wp7
Xtopia2010 wp7Xtopia2010 wp7
Xtopia2010 wp7
 
Developing for Chromecast on Android
Developing for Chromecast on AndroidDeveloping for Chromecast on Android
Developing for Chromecast on Android
 
ANZ Dev Lounge Session - Feb 2017
ANZ Dev Lounge Session - Feb 2017ANZ Dev Lounge Session - Feb 2017
ANZ Dev Lounge Session - Feb 2017
 
Wcf Overview
Wcf OverviewWcf Overview
Wcf Overview
 
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
Modern Cloud-Native Streaming Platforms: Event Streaming Microservices with K...
 
Wifi direct p2p app
Wifi direct p2p appWifi direct p2p app
Wifi direct p2p app
 
Serverless everywhere
Serverless everywhereServerless everywhere
Serverless everywhere
 

More from Yu-Hsin Hung

IoT/M2M Security
IoT/M2M SecurityIoT/M2M Security
IoT/M2M Security
Yu-Hsin Hung
 
Android Binder IPC for Linux
Android Binder IPC for LinuxAndroid Binder IPC for Linux
Android Binder IPC for Linux
Yu-Hsin Hung
 
Project meeting: Android Graphics Architecture Overview
Project meeting: Android Graphics Architecture OverviewProject meeting: Android Graphics Architecture Overview
Project meeting: Android Graphics Architecture Overview
Yu-Hsin Hung
 
Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...
Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...
Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...
Yu-Hsin Hung
 
Group meeting: TaintPipe - Pipelined Symbolic Taint Analysis
Group meeting: TaintPipe - Pipelined Symbolic Taint AnalysisGroup meeting: TaintPipe - Pipelined Symbolic Taint Analysis
Group meeting: TaintPipe - Pipelined Symbolic Taint Analysis
Yu-Hsin Hung
 
Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...
Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...
Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...
Yu-Hsin Hung
 
Group meeting: Identifying Information Disclosure in Web Applications with Re...
Group meeting: Identifying Information Disclosure in Web Applications with Re...Group meeting: Identifying Information Disclosure in Web Applications with Re...
Group meeting: Identifying Information Disclosure in Web Applications with Re...
Yu-Hsin Hung
 
DockerVC Hackathon Presentation
DockerVC Hackathon PresentationDockerVC Hackathon Presentation
DockerVC Hackathon Presentation
Yu-Hsin Hung
 

More from Yu-Hsin Hung (8)

IoT/M2M Security
IoT/M2M SecurityIoT/M2M Security
IoT/M2M Security
 
Android Binder IPC for Linux
Android Binder IPC for LinuxAndroid Binder IPC for Linux
Android Binder IPC for Linux
 
Project meeting: Android Graphics Architecture Overview
Project meeting: Android Graphics Architecture OverviewProject meeting: Android Graphics Architecture Overview
Project meeting: Android Graphics Architecture Overview
 
Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...
Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...
Group meeting: UniSan - Proactive Kernel Memory Initialization to Eliminate D...
 
Group meeting: TaintPipe - Pipelined Symbolic Taint Analysis
Group meeting: TaintPipe - Pipelined Symbolic Taint AnalysisGroup meeting: TaintPipe - Pipelined Symbolic Taint Analysis
Group meeting: TaintPipe - Pipelined Symbolic Taint Analysis
 
Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...
Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...
Group meeting: Polaris - Faster Page Loads Using Fine-grained Dependency Trac...
 
Group meeting: Identifying Information Disclosure in Web Applications with Re...
Group meeting: Identifying Information Disclosure in Web Applications with Re...Group meeting: Identifying Information Disclosure in Web Applications with Re...
Group meeting: Identifying Information Disclosure in Web Applications with Re...
 
DockerVC Hackathon Presentation
DockerVC Hackathon PresentationDockerVC Hackathon Presentation
DockerVC Hackathon Presentation
 

Recently uploaded

Graspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code AnalysisGraspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code Analysis
Aftab Hussain
 
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, FactsALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
Green Software Development
 
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language ProcessorsFundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
Rakesh Kumar R
 
Energy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina JonuziEnergy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina Jonuzi
Green Software Development
 
Oracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptxOracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptx
Remote DBA Services
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
mz5nrf0n
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOMLORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
lorraineandreiamcidl
 
Hand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code KataHand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code Kata
Philip Schwarz
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
Neo4j
 
Oracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptxOracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptx
Remote DBA Services
 
Webinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for EmbeddedWebinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for Embedded
ICS
 
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Julian Hyde
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
Sven Peters
 
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian CompaniesE-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
Quickdice ERP
 
How to write a program in any programming language
How to write a program in any programming languageHow to write a program in any programming language
How to write a program in any programming language
Rakesh Kumar R
 
SMS API Integration in Saudi Arabia| Best SMS API Service
SMS API Integration in Saudi Arabia| Best SMS API ServiceSMS API Integration in Saudi Arabia| Best SMS API Service
SMS API Integration in Saudi Arabia| Best SMS API Service
Yara Milbes
 
Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
Grant Fritchey
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata
 
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
kalichargn70th171
 

Recently uploaded (20)

Graspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code AnalysisGraspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code Analysis
 
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, FactsALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
 
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language ProcessorsFundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
 
Energy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina JonuziEnergy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina Jonuzi
 
Oracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptxOracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptx
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOMLORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
 
Hand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code KataHand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code Kata
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
 
Oracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptxOracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptx
 
Webinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for EmbeddedWebinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for Embedded
 
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
 
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian CompaniesE-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
 
How to write a program in any programming language
How to write a program in any programming languageHow to write a program in any programming language
How to write a program in any programming language
 
SMS API Integration in Saudi Arabia| Best SMS API Service
SMS API Integration in Saudi Arabia| Best SMS API ServiceSMS API Integration in Saudi Arabia| Best SMS API Service
SMS API Integration in Saudi Arabia| Best SMS API Service
 
Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
 
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
 

Project meeting: SVMP - Secure Virtual Mobile Platform

  • 1. SVMP: Secure Virtual Mobile Platform Yu-Hsin Hung
  • 2. Introduction • https://svmp.github.io • Configuration: x86 Android VMs on x86 server • VM Platform: support KVM, VirtualBox, VMware… • Cloud Controller: support OpenStack, Amazon EC2… • Remote Protocol: WebRTC + SVMP Wire Protocol • Client: Android/iOS app • Storage (user data) is separated from VM
  • 3. Components • Client Application: an unprivileged Android/iOS application with WebRTC peer connection and SVMP protocol messages, similar to clients for VNC and RDP • SVMP Overseer: receive login request, perform authentication, and manage VMs on the cloud • SVMP Server: routing input message from client connections to SVMP daemons running inside virtual devices • SVMP daemon: primary entry point of client user input to the virtual device • Virtual Device: Virtual Device Image (SVMP Gold Image) + User Data Volume • Cloud Controller: support OpenStack, Amazon EC2…
  • 5. Virtual Device Structure • The central SVMP daemon • Touch-screen input injection • Virtual sensors • Location update pub/sub • Notification and Intent forwarding and re-broadcast • Virtual frame buffer, video encoding, and streaming
  • 7. SVMP Wire Protocol • SVMP/svmp-protocol-def repository • Request: client->server • Response: server->client • JSON Payload: a type attribute and up to one optional attribute associated with that subtype, e.g. {“type”:”ROTATIONINFO”,”rotationInfo":{"rotation":0}} • Protocol Buffers: protocols are defined using “Protocol Buffers” - Google's data interchange format, and Java class definitions are generated by protocol buffer compiler
  • 8. SVMP daemon • SVMP/android_external_svmp_eventserver repository • An user-level Android background service, launched when BroadcastReceiver catches BOOT_COMPLETED Intent • EventServer: many handlers to handle different events (touch, sensor, notification…) • LogHandler: logcat message forwarding • DatabaseHandler: GPS location service subscription • WifiSpoofer: spoof that Wi-Fi connection is active • details in next few pages…
  • 9. SVMP daemon • proxy socket: a Java server socket to listen events from client • sensor socket: initialized in init.rc as /dev/socket/svmp_sensors • Handlers: • SensorHandler • LocationHandler • IntentHandler • NotificationHandler • KeyHandler • ConfigHandler: only keyboard configurations • LauncherHandler: for single app mode
  • 10. Touch&screen injection • EventServer.java • SCREENINFO packet: sync screen resolution • TOUCHEVENT packet: translate coordinates X, Y and inject by Android InputManager (native support) • ROTATION_INFO packet: rotation info is injected by sending custom broadcast ROTATION_CHANGED_ACTION, received by modified framework
  • 11. IntentHandler • IntentHandler.java • Android Intent: an abstract description of an operation to be performed • Currently support two kinds of intent forwarding • outgoing call: forward ACTION_NEW_OUTGOING_CALL from server to client and dial using client’s SIM card • activity action: forward ACTION_VIEW from client to server and open URL inside the VM
  • 12. LocationHandler • LocationHandler.java • Android natively support mocked location • Catch custom Intent LOCATION_SUBSCRIBE_ACTION (sent by modified framework) and forward location request to client • Maintain location subscription in DatabaseHandler (single- shot or not) • Inject client’s GPS location to VM by spoofing test provider LocationManager.setTestProviderLocation()
  • 13. NotificationHandler • NotificationHandler.java • catch custom Intent INTERCEPT_NOTIFICATION_ACTION • use Java Reflection to extract text elements and icons from RemoteViews and forward notification to client
  • 14. SensorHandler • BaseServer.java • SENSOREVENT packet: forwarded to /dev/socket/ svmp_sensors socket • Client keep listening to all the available sensors • Use delay time mechanism to prevent spammy sensor messages • SVMP HAL module libsensors listens on the svmp_sensors socket then processes the actual sensor events, the HAL interfaces are defined in AOSP hardware/sensors.h
  • 15. Android client • WebRTC: video & audio streaming • Corresponding handlers to deal with SVMP daemon • TouchHandler • RotationHandler • KeyHandler • ConfigHandler • NotificationHandler • SensorHandler • …
  • 16. Android Framework modification • InputManagerService.java • Natively support injecting key events (KeyHandler.java in SVMP daemon) • Create a BroadcastReceiver to listen custom intent for hard keyboard, attach two virtual keyboards when hard keyboard attached to client • NotificationManager.java • Intercept notification by preventing enqueue it and send a INTERCEPT_NOTIFICATION broadcast, caught by SVMP daemon
  • 17. Android Framework modification • WindowOrientationListener.java • Create a BroadcastReceiver to listen custom ROTATION_CHANGED intent and inject the rotation info • LocationManager.java • Intercept location request and send a LOCATION_SUBSCRIBE_ACTION broadcast, caught by SVMP daemon then redirected to client
  • 18. Android System Core modification • BatteryMonitor.cpp • Battery injection • Battery status is always charging • Battery health is always good • Battery level is always 100%
  • 19. Android Device Driver • Lots of things, still tracing… • Virtual Frame Buffer • VM write frame to VFB device instead of real video device • Android surfaceflinger library generates a VSYNC event when writing • When VSYNC event occurs, each frame is fed into the WebRTC subsystem • Virtual Sensors: libsensors/sensors.cpp • Re-implement the interface defined by AOSP