Presentation is loading. Please wait.

Presentation is loading. Please wait.

William Enck, Machigar Ongtang, and Patrick McDaniel.

Published byEmory Ramsey Modified over 8 years ago

Similar presentations

Presentation on theme: "William Enck, Machigar Ongtang, and Patrick McDaniel."— Presentation transcript:

1 William Enck, Machigar Ongtang, and Patrick McDaniel

2 Mobile Phone Threats  Cabir Used on Symbian platform Did not exploit code Repeatedly request file transfer via Bluetooth  Other viruses more malicous

3 Threat Down  Proof of Concept No damage done Proves that attack vector exists  Destructive Delete data Mostly harmless  Spyware Bugging the phone via software

4 Threat Down II  Direct payoff Calling premium services Directly generate revenue for attacker  Information Scavengers Steal user data like contacts  Ad-ware  Botnet Voice spam

5 Why Kirin?  Android defines sets of permissions  Permissions are static  Certain combinations can be used maliciously

6 Security requirements engineering  Three basic concepts Assets Functional Requirements Security Requirements

7 Assets  Extracted from Android platform Permissions Intents Components  Example: Microphone Input, call activity

8 Functional Requirements  Descriptions of how Assets interact with rest of the system  Example: Redirecting international calls to calling card number Recording audio using MediaRecorder API

9 Determine Assets Security Goals and Threats  Consider things such as confidentiality, integrity, and availability.  How can functional requirements be abused Threat descriptions

10 Develop Asset’s Security Requirements  Define what combination of permissions might be harmful  Example: Receive phone state Record audio Access the Internet

11 Determine Security Mechanisms  Limited by PackageInstaller  Permissions only set at install time  Can’t set policies not defined in by Android Monitoring how many SMS messages sent during a set time period

12 Kirin Rules  Dangerous combination of permissions GPS + Internet + Start On Boot Install Shortcut + Uninstall Shortcut Debug

13 Kirin Rule Syntax  KSL – Kirin Security Language

14 Kirin Security Service  Three components Service and ContentProvider that is a database of rules Patches to the PackageInstaller application Activity to manage the rules

15

16

17 Evaluation  Assumed apps in market do not contain malware  Investigate further apps not passing security rules  Downloaded top 20 apps from each of the 16 categories, 311 total

18 Empirical Results  12 failed to pass  3 failed Rule 2 Phone State + Record Audio + Internet  9 failed Rules 4 and 5 Access {fine, coarse} location + Internet + Receive Boot Complete

19

20

21 Mitigating Malware  Only protects against complex attacks  Useful in stopping some attacks like SMS spam or information gathering  No runtime logic Limitation of Android, not Kirin

22

Download ppt "William Enck, Machigar Ongtang, and Patrick McDaniel."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Mobile Viruses and Worms (Project Group 6) Amit Kumar Jain Amogh Asgekar Jeevan Chalke Manoj Kumar Ramdas Rao.

Mobile Viruses and Worms (Project Group 6) Amit Kumar Jain Amogh Asgekar Jeevan Chalke Manoj Kumar Ramdas Rao.
Win the Cyberwar on Mobile Banking and Payments

Win the Cyberwar on Mobile Banking and Payments
Let’s Talk About Cyber Security

Let’s Talk About Cyber Security
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Dissecting Android Malware : Characterization and Evolution

Dissecting Android Malware : Characterization and Evolution
Presented By Abhishek Singh Computer Science Department Kent state University WILLIAM ENCK, MACHIGAR ONGTANG, AND PATRICK MCDANIEL.

Presented By Abhishek Singh Computer Science Department Kent state University WILLIAM ENCK, MACHIGAR ONGTANG, AND PATRICK MCDANIEL.
Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel Department of Computer Science and Engineering The Pennsylvania State University ACSCA.

Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel Department of Computer Science and Engineering The Pennsylvania State University ACSCA.
Rootkits on Smart Phones: Attacks, Implications and Opportunities Jeffrey Bickford, Ryan O’Hare, Arati Baliga, Vinod Ganapathy, and Liviu Iftode Department.

Rootkits on Smart Phones: Attacks, Implications and Opportunities Jeffrey Bickford, Ryan O’Hare, Arati Baliga, Vinod Ganapathy, and Liviu Iftode Department.
Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.

Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.
Software programs that enable you to view world wide web documents. Internet Explorer and Firefox are examples. Browser.

Software programs that enable you to view world wide web documents. Internet Explorer and Firefox are examples. Browser.
Threats To A Computer Network

Threats To A Computer Network
Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.

Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.

MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
Mobile Malware in the Wild Acknowledgement: Hiromu Enoki.

Mobile Malware in the Wild Acknowledgement: Hiromu Enoki.
Android Security What is out there? Waqar Aziz. Android Market Share - I 2.

Android Security What is out there? Waqar Aziz. Android Market Share - I 2.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Trojan Virus Presented by Andy Lindberg & Denver Bohling.

Trojan Virus Presented by Andy Lindberg & Denver Bohling.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.

Similar presentations

Ads by Google