Presentation By Deepak Katta

Slides:



Advertisements
Similar presentations
User Authentication on Mobile Devices Google Two Factor Authentication OTP (One Time Password)
Advertisements

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Chung Man Ho Willims Chow Man Kei Gary Kwok Pak Wai Lion.
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.
Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
2. Setting Up Your Android Development Environment.
Bonrix Track & Trace System A GPS Based Vehicle Tracing System (SMS, GPRS/3G, Offline) Bonrix Software Systems Ahmedabad (INDIA) Website:
ANDROID PROGRAMMING MODULE 1 – GETTING STARTED
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
SMARTPHONE OPERATION SYSTEM MARKET IN U.S. Ryan (Jang-Hoon) Doo ISM 158.
Android Security What is out there? Waqar Aziz. Android Market Share - I 2.
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
How It Applies In A Virtual World
Apps VS Mobile Websites Which is better?. Bizness Apps Survey Bizness Apps surveyed over 500 small business owners with both a mobile app and a mobile.
The Study of Security and Privacy in Mobile Applications Name: Liang Wei
Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.
Introduction to Mobile Malware
Sophos Mobile Security
VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.
IC3 Chapter 8 Computer Fundamentals
Mobile Operating System Security A PRESENTATION BY DANIEL ADAMS CSC 345 DR. BOX.
Cyber Crimes.
Mobile Devices Carry Hidden Threats With Financial Consequences Hold StillInstalled.
 Security and Smartphones By Parker Moore. The Smartphone Takeover  Half of mobile phone subscribers in the United States have a smartphone.  An estimated.
All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
1 NETE4631 Mobile Cloud Computing Lecture Notes #10.
Presented by: Kushal Mehta University of Central Florida Michael Spreitzenbarth, Felix Freiling Friedrich-Alexander- University Erlangen, Germany michael.spreitzenbart,
Adapted from Computer Concepts, New Perspectives, Thompson Course Technology EDW 647: The Internet Dr. Roger Webster & Dr. Nazli Mollah 24 Cookies: What.
ANDROID Presented By Mastan Vali.SK. © artesis 2008 | 2 1. Introduction 2. Platform 3. Software development 4. Advantages Main topics.
3-Protecting Systems Dr. John P. Abraham Professor UTPA.
Android Security Auditing Slides and projects at samsclass.info.
About Phishing Phishing is a criminal activity using social engineering techniques.criminalsocial engineering Phishers attempt to fraudulently acquire.
VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.
ANDROID BY:-AANCHAL MEHTA MNW-880-2K11. Introduction to Android Open software platform for mobile development A complete stack – OS, Middleware, Applications.
Chapter 2 Securing Network Server and User Workstations.
Topic 5: Basic Security.
Convenience product security Collin Busch. What is a convenience product? A convenience product is a device or application that makes your life easier.
Android System Security Xinming Ou. Android System Basics An open-source operating system for mobile devices (AOSP, led by Google) – Consists of a base.
Malicious Software.
Wireless and Mobile Security
Title of Presentation DD/MM/YYYY © 2015 Skycure Why Are Hackers Winning the Mobile Malware Battle.
Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION.
IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.
Introduction Web analysis includes the study of users’ behavior on the web Traffic analysis – Usage analysis Behavior at particular website or across.
Mobile Security Tom Taylor. Roadmap Security Risks Security Risks Examples of Attacks Examples of Attacks Personal Protection Personal Protection Business.
By: Jasmin Smith  ability to control what information one reveals about one’s self over the Internet.
Remember effective ways to search +walk (includes words) Intitle:iPad Intext:ipad site:pbs.org Site:gov filetype:jpg.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Android and IOS Permissions Why are they here and what do they want from me?
Windows Vista Configuration MCTS : Internet Explorer 7.0.
KASPERSKY INTERNET SECURITY FOR ANDROID. YOUR MOBILE DEVICES NEED PROTECTION More online communications and transaction are happening on tablets and phones.
Module 51 (Mobile Device Fundamentals - Android)
Smartphone Security Evaluation
Hotspot Shield Protect Your Online Identity
Android System Security
Secure Software Confidentiality Integrity Data Security Authentication
Security of Mobile Operating Systems
Stay Safe While Using The Internet
Lecture 2 - SQL Injection
Computer Security.
Security.
Operating System Concepts
Test 3 review FTP & Cybersecurity
Security in mobile technologies
To change the image on this slide, select the picture and delete it
Presentation transcript:

Presentation By Deepak Katta Android Privacy Presentation By Deepak Katta

Outline Introduction Android Vs IoS Privacy Issues Spyware for Android Samples of Spyware for Android Attack Scenarios Recommendations References

Introduction What is Privacy? Should not use or disclose one’s private information without permission.

Introduction Now a days phones are having more features similar to computer called smart phones. With Smart Phone, we can: Text Instant Message Browse Internet Store and Share any type of Data Social Networking Can download any App Instantly and use it. And many more. Smart phones are becoming hosts for sensitive data

Introduction These are the various Mobile Operating Systems for Smart Phones: IoS Android Windows Symbian Research in Motion (RiM – Blackberry) Most of the smart phone users are going for either IoS or Android.

Introduction Generally, Attacker inject malicious code into targeted smart phone and extract private and sensitive information. Intrusion Detection System (IDS) is used to find such attacks but only known malwares can be found. According to Charlie Miller, both Android and IoS provide Public Market like Android Market and App Store but they take different approaches to limit malicious Apps.

Code Signing: Android App Developers can use Self – Signing code on Android Apps. App Source: Can download App from anywhere not only from market. Removed App: Crowd Sourcing, Publish directly to market if more users complain delete from market and devices remotely. Sandbox: Sandboxing is App Specific. Code Signing: IoS App Developers must use code signing which is proposed from Apple. App Source: Can be downloaded only from App Store. Removed App: Reviewer committee checks the App before publishing and if any malicious found they will remove App. Sandbox: All Apps have same access permissions.

Android Vs IoS Malicious users can develop Android Apps easily because very little limits are imposed on Android App Development. Another point is High Convenient makes low – security. For this reason Android Privacy is serious concern.

Privacy Issues Identifiers Disclosure SMS Misuse Four Smart Phone Identifiers Phone Number International Mobile Equipment Identity (IMEI) International Mobile Subscriber Identity (IMSI) SIM Card Serial Number Can Track the phone and Misuse the IMEI SMS Misuse Basic functionality in smart phones. Authentication may be misused. Can send SMS to any number.

Privacy Issues Location Leakage Browser History Root Exploits Most private information. Many Apps ask for location access like Maps and location based searches. Browser History Browsing history, cookies and passwords. Root Exploits Jail Break Both Malicious user and Authorized user can use. Malicious user to gain root access of system. Authorized user for customizing their phone according to their interest.

Spyware for Android Android OS is built upon the Linux Kernel and supports most of its functionalities. Android security mechanisms are based on Linux system. Software Development for Android needs: Software Development Kit (SDK) – Tools for developing programs. Emulator – To implement and test smart phone App on computer. IDE – Allows users to run, compile and debug App.

Spyware for Android Spyware: Software or an App that can extract user’s private information without any authentication. Spyware silently extract user’s data and upload it to remote server. We use only Android API to develop Spyware. To reach Android Market Spyware can wilfully use self – signed APIs.

Samples of Spyware for Android Phone Information Disclosure: getContentResolver ( ) – Returns ContentResolver instance for user application package. getColumnIndex(String columnName) – to get index of the given column getCount ( ) – Gives how many items are in Data Set.

Samples of Spyware for Android

Samples of Spyware for Android Call log: Use API android.provider.CallLog.Calls which can extract all details regarding call log.

Samples of Spyware for Android Acquirement of E-mail: We use getAccount and getAccountsByType which can list all types of accounts on the device.

Samples of Spyware for Android Location Leakage: We use LocationManager class to extract location informaion

Samples of Spyware for Android Browsed History We use getAllVisitedUrls(ContentResover cr) which returns the list of visited URLs.

Attack Scenarios Spyware can be developed and extract the personal information of user. IMEI can be misused. Location Leakage of Celebrities is serious issue. Blackmailing for money can be possible. Anyone may use personal information for malicious activity.

Recommendations For Android: For Consumers: Not to use crowd sourcing, replace it with source code examination and reviewer’s comments. For Consumers: Often clean history records and sensitive data. Don’t download Apps from unauthorized sources. Use Anti Virus Software.

References ANDROID PRIVACY by TE – EN WEI, ALBERT B. JENG, HAHN-MING LEE, CHIH-HOW CHEN,CHIN- WEI TIEN. Charlie Miller, “Mobile Attacks and Defense,” IEEE Security and Privacy. Security in Computing 4/e by Charles P. Pfleeger. All Images used in presentation are downloaded from Google images.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.