Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 10. Mobile Device Security

Published byEvan Curtis Modified over 5 years ago

Similar presentations

Presentation on theme: "Chapter 10. Mobile Device Security"— Presentation transcript:

1 Chapter 10. Mobile Device Security
Dr. Lei Li Note: The content of this slides are adapted from La Polla et. al, 2013 Wireless Security

2 Road Map Introduction WLAN Security Mobile Security
Security Auditing & Risk Analysis Evolution of Wireless Network WLAN Overview Mobile Network Overview Infor. Security Essentials WLAN Threats & Vulnerabilities Cellular Network Security WLAN Security Mobile Devices Security WLAN Security Tools

3 Learning Objectives After this chapter, student will be able to:
Describe the Google Android security architecture Discuss Android security challenges Discuss the exploitation tools for Android Describe Apple iOS security architecture Discuss iOS security challenge Discuss BYOD and its security implication

4 Android Framework Image source: https://source.android.com/security/
IT4833/6833 Android Framework Image source: Building Blocks (I)

5 Android Security Program
Design review Penetration testing and code review Open source and community review Incident Response Monthly security updates Building Blocks (I)

6 Android Platform Security Architecture
Robust security at the OS level through the Linux kernel Mandatory application sandbox for all applications Secure interprocess communication Application signing Application-defined and user-granted permissions

7 Android Security Challenge
Fragmentation Malware Management tool selection User behavior Compartmentalization

8 Android Exploitation Tools
Android SDK AdroRAT Android framework for exploitation

9 Apple iOS Security Architecture
Image source:

10 iOS Security Features System security Encryption and data protection
App security Network security Apple Pay Internet services Device controls Privacy controls

11 iOS Security Challenges
Internal processes and the difficulties of maintaining security on multiple platforms (mobile or otherwise) with a common code base Slow to offer patches for known vulnerabilities Patches their own software flaws on different schedules for different platforms Jailbreak of iOS relies on exploitation of security vulnerabilities

12 Bring Your Own Device Devices at work vs. devices for work
Increased employee productivity Greater employee satisfaction Security measures to mitigate the risk involved

13 BYOD Security Policy Essential policies
Acceptable use Minimum required security controls for devices Company-provided components Company rights for altering the device Specifying the permissible device types and establishing a stringent security policy Outlining ownership of the apps and data Employee exit Disclosing risks, labilities, and disclaimers

14 BYOD Security Measures
Encryption for data at rest and in transit Application installation control Mobile device management Containerization Blacklisting/whitelisting

15 References https://source.android.com/security/
Android SDK: AndroRAT: Android Framework for Exploitation:

Download ppt "Chapter 10. Mobile Device Security"

Similar presentations

1 Pulsar The Eclipse Mobile Industry Working Group & Sequoyah Nov 6, 2010 Mailing listMailing list:

1 Pulsar The Eclipse Mobile Industry Working Group & Sequoyah Nov 6, 2010 Mailing listMailing list:
Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.

Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.
!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
MANAGING AND SECURING BYOD Legal ITs Next Great Challenge.

MANAGING AND SECURING BYOD Legal ITs Next Great Challenge.
Security for Mobile Devices

Security for Mobile Devices
Bring Your Own Device (BYOD) Security By Josh Bennett & Travis Miller.

Bring Your Own Device (BYOD) Security By Josh Bennett & Travis Miller.
MOOC on M4D 2013 I NTRODUCTION TO THE A NDROID P LATFORM Ashish Agrawal Indian Institute of Technology Kanpur.

MOOC on M4D 2013 I NTRODUCTION TO THE A NDROID P LATFORM Ashish Agrawal Indian Institute of Technology Kanpur.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Case study 2 Android – Mobile OS.

Case study 2 Android – Mobile OS.
Security issues for mobile devices Cvetko Andreeski.

Security issues for mobile devices Cvetko Andreeski.
IOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Android Security – Cydia Substrate Dimitris.

IOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Android Security – Cydia Substrate Dimitris.
Emerging Platform#4: Android Bina Ramamurthy.  Android is an Operating system.  Android is an emerging platform for mobile devices.  Initially developed.

Emerging Platform#4: Android Bina Ramamurthy.  Android is an Operating system.  Android is an emerging platform for mobile devices.  Initially developed.
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.

CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.

Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.
Presentation By Deepak Katta

Presentation By Deepak Katta
Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.

Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.
Mobile Policy. Overview Security Risks with Mobile Devices Guidelines for Managing the Security of Mobile Devices in the Enterprise Threats of Mobile.

Mobile Policy. Overview Security Risks with Mobile Devices Guidelines for Managing the Security of Mobile Devices in the Enterprise Threats of Mobile.
A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID.

A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID.
VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.

VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.
Introduction to Android Swapnil Pathak www.SecurityXploded.com Advanced Malware Analysis Training Series.

Introduction to Android Swapnil Pathak Advanced Malware Analysis Training Series.

Similar presentations

Ads by Google