3Android AppsAndroid is the most used Smartphone OS in the world with 48% market shareOver 400,000 apps in the Google Play MarketAndroid apps have been installed over 10 billion timesApps process a lot of privacy-related user data and have valid reasons to transmit it over the internet
4Problem Apps are not forced to use SSL Apps are allowed to customize SSL so many Android apps use SSL incorrectly and are vulnerable to MITM attacksUser has no idea when Android uses SSLUsers are misinformed about the security of the connection or misinterpret warning signs
5Able to inject virus code into an antivirus app to disable virus detection and detect arbitrary apps as a virus.
6log-in credentials, personal documents, contacts, financial data, messages, pictures or videos. Able to capture credentials from American Express, Paypal, various bank accounts, Facebook, Twitter, Google, Yahoo, Microsoft Live ID, etc
7Secure Sockets Layer (SSL) Used to establish a secure connection between a client and server.Client receives a X.509 certificate containing the server’s public key that is signed by a certificate authority.Client should validate certificate but this is not yet required by the SSL and X.509 standards.
8SSL Validation ChecksDoes the subject (CN) of the certificate match the client’s desired destination?Is it a trusted Certificate Authority (CA)?Is the signature correct?Has the certificate expired?Has the certificate been revoked?Check Certificate Revocation Lists (CRLs)?Use Online Certificate Status Protocol (OCSP)?
9SSL Misuses in Android Trusting all certificates Disregards the signer of the certificate and the subjectAllowing all hostnamesDoes not check if certificate was issued for a given addressTrusting many Certificate AuthoritiesAttacks on CAs in 2011 makes trusting 134 root authorities questionableMixed-Mode / No SSLCan mix secure with insecure connections or use no SSL
10Man-in-the-Middle Attacks MITMA: an attacker can intercept messages between conversation partnersPassive (eavesdropping) vs. active (tampering)Mixed-Mode/No SSL allows for passive MITMA by eavesdropping on non-protected communication or allowing for SSL strippingSSL stripping avoids SSL by replacing https:// withCan occur if a browsing session begins using HTTP and switches to HTTPS via a link or a redirect.
11Evaluating Android SSL Usage Built MalloDroid to perform static code analysis on 13,500 free apps from Google’s Play MarketPermissionsRequest INTERNET and other privacy related permissionsNetwork API callsHTTP transport and Non-HTTP (direct socket connections)HTTP vs. HTTPSHTTP only, mixed-mode (HTTP and HTTPS), or HTTPS onlyHTTPS availableAble to establish a secure connection to the HTTP urls?Deployed certificatesEvaluates SSL certificates of hosts referenced in appsSSL Validation
12Android SSL Usage HTTP vs. HTTPS Deployed SSL Certificates 74% could have used HTTPS instead of HTTP46% mixed-mode, 43% HTTP only, 0.8% HTTPS onlyDeployed SSL Certificates17.3% bypass effective SSL verification by accepting all certificates or all hostnames for a from a trusted CAMany apps include HTTPS URLs for hosts that have certificates that are either expired, self-signed, have mismatching CNs (site’s common name) or are signed by non-default-trusted CAs.By adding an s to the url
13MITMA: Trusting All Certificates 51% use the INTERNET permission in addition to permissions to access privacy related informationTrusting all certificatesAttack: MITMA proxy with self-signed certificateOver half of the banking apps tested leaked login credentials, affecting an install base of 100,000 – half a million usersWindows Live Messenger service app with million users leaks login credentials for , messaging, or SkyDrive cloud storageusers’ calendars, contacts, browser histories, profile information, social streams, short messages, or exact geographic locations
14MITMA: Trusting All Hostnames Attack: Cert for an unrelated domain signed by startSSLApps, including one used by 82% of Fortune 500 companies, leaked credentials for sensitive dataAntivirus app updated virus signatures via broken SSLInstall base of 500,000 – 1 million usersTrusted that connection was secure and did no further validationAble to send empty signature database that was accepted without informing the userAble to create a virus signature for the antivirus which caused it to recognize itself as a virus and delete itselfcre- dentials for different services, s, text messages, contact data, bitcoin-miner API keys, premium content or access to online meetings
16Overcoming MITMA SSL stripping Lazy SSL Used to go to secure login page from insecure landing pageApps with 1.5 million - 6 million installs leak login credentials for Yahoo, Facebook, and GoogleOvercome by forcing HTTPSLazy SSLPoor SSL validationOvercome with SSL pinningA custom list of trusted CAs or a custom list of specific certificates
17Feedback to UsersApps don’t always display visual feedback about whether the communication is secure.clients did login and registration in SSL, but sending and receiving mail defaulted to HTTP without alerting the user.Apps indicate that the connection is secure but are vulnerableMITMA when they fail to establish an SSL connection or do SSL validationReplay attack when the logins are encrypted but not freshApps that did prevent MITMA failed and gave confusing error messages
20Countermeasures: OS Solutions Enforced certificate checkingDisallow custom SSL handling by forcing users to use standard Android API implementationHTTPS everywhereIntegrated into communication APIs to prevent SSL strippingImproved permissions and policiesSeparate permissions for SSL and PLAIN so apps can specifyPolicies like GSM_ONLY, NO_OPEN_WIFI, TRUSTED_NETWORKS to prevent MITMAVisual security feedbackProperly inform users about connection type and security status.MalloDroid installation protectionIntegrated into app installers to warn user of unsafe apps
21Countermeasures: Other Solutions App Market SolutionsMalloDroid could be integrated into app marketAutomatically checks appsCould prevent apps from entering market or display the warnings in the app descriptionStandalone Solution: The MalloDroid App and ServiceEasily deployedAllows user to perform checks on apps before install
22ConclusionGoogle apps handle a lot of personal information for a lot of different peopleUsers wrongly assume, or are incorrectly informed, that they are transmitting your securely when apps are not required to use SSLApps are vulnerable to MITMA by failing to correctly validate the SSL certificates or by mixing HTTP with HTTPSInstead of allowing for SSL customization, proper certificate validation should be enforced, HTTPS should be used everywhere, and permissions and policies should be separated so that apps can better protect users’ data.Users should be better informed about how secure the connection is.