Presentation is loading. Please wait.

Presentation is loading. Please wait.

2015. 4. 28 박 종 혁 컴퓨터 보안 및 운영체제 연구실 MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications,

Published byIris Gilbert Modified over 8 years ago

Similar presentations

Presentation on theme: "2015. 4. 28 박 종 혁 컴퓨터 보안 및 운영체제 연구실 MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications,"— Presentation transcript:

1 2015. 4. 28 박 종 혁 pjh61014@dankook.ac.kr 컴퓨터 보안 및 운영체제 연구실 MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications, and services

2 Computer Security & OS Lab. ContentsContents 2  Introduction  Android Overview  Intent-Based Attack Surface  Comdroid  Evaluation  Conclusion  References

3 Computer Security & OS Lab. IntroductionIntroduction 3  Android’s message passing system Can become an attack surface if used incorrectly Intent for both intra and inter Application communication Intents can be used for both intra and inter Application communication  Comdroid to detect potential instance of vulnerabilities A tool analyzes Android applications to detect potential instance of vulnerabilities Personal data loss, corruption, phishing

4 Computer Security & OS Lab. Android Overview 4  Android’s security model differs significantly from the standard desktop security model largest attack surface  The Complexity of Android’s message passing system implies it has the largest attack surface do not  This paper do not consider attacks on the OS  Just focus on securing applications from each other

5 Computer Security & OS Lab. Android Overview 5  Intents Provides a sophisticated message passing system System broadcast Intents Only can be sent by the OS Intent Start Activity() Activity A OnCreate() Activity B Android System Android System 123

6 Computer Security & OS Lab. Android Overview 6  Kind of Intent Explicit Intent specifies that it should be delivered to a particular application specified by the Intent Implicit Intent requests delivery to any application that supports a desired operation. Activity A Activity B Activity C Intent B Intent C Intent Filter Activity A Activity B Activity F Intent B Intent C Filter through Action Intent B Intent Filter

7 Computer Security & OS Lab. Android Overview 7  Activity Display on screen  Service Background process  Broadcast Receiver Asynchronous event notification Broadcast Intent Normal, Ordered, Sticky  Content Provider Share data between applications Use URI (Uniform Resource Identifier)

8 Computer Security & OS Lab. Android Overview 8 A sender can assign any action, type, or category

9 Computer Security & OS Lab. Android Overview 9  Component Declaration AndroidManifest.xml To receive Intents Service and Activity must be declared in the manifest Broadcast Receivers can be declared at runtime or in the manifest  Exported Components EXPORTED flag (in AndroidManifest.xml) Includes at least one Intent filter Intent filter Action, category, data, extra data…

10 Computer Security & OS Lab. Android Overview 10  Permission Normal permissions are granted automatically. Dangerous permissions can be granted by the user during installation. Signature permissions are only granted if the requesting application is signed by the same developer that defined the permission. SignatureOrSystem m permissions are granted if the application meets the Signature requirement or if the application is installed in the system applications folder.

11 Computer Security & OS Lab. INTENT-BASED ATTACK SURFACES 11  Broadcast Theft A malicious Broadcast Receiver could eavesdrop on all public broadcasts from all applications by creating an Intent filter that lists all possible actions, data, and categories.Dangerous

12 Computer Security & OS Lab. INTENT-BASED ATTACK SURFACES 12  Activity Hijacking a malicious Activity is launched in place of the intended Activity. the malicious Activity could read the data in the Intent and then immediately relay it to a legitimate Activity.  Service Hijacking occurs when a malicious Service intercepts an Intent meant for a legitimate initiating application establishes a connection with a malicious Service instead of the one it wanted.

13 Computer Security & OS Lab. INTENT-BASED ATTACK SURFACES 13  Malicious Broadcast Injection If an exported Broadcast Receiver blindly trusts an incoming broadcast Intent inappropriate action or operate on malicious data from the broadcast Intent.  Malicious Activity Launch Exported Activities can be launched by other applications with either explicit or implicit  Malicious Service Launch If a Service is exported and not protected with strong permissions then any application can start and bind to the Service

14 Computer Security & OS Lab. 14

15 Computer Security & OS Lab. ComDroidComDroid 15  Disassemble application DEX files using Dedexer toolDedexer  Parses the disassembled output and logs potential component and Intent vulnerabilities

16 Computer Security & OS Lab. ComDroidComDroid 16  Permission Normal and Dangerous  Intent Analysis Intents, IntentFilters, registers, sinks (e.g., sendBroadcast(), startActivi ty(), etc.) and components  Component Analysis Public or not? Main, launching Activity is public but is less likely to be attackable With data / without data

17 Computer Security & OS Lab. EvaluationEvaluation 17  Automated Analysis False negatives Pending Intent Future work

18 Computer Security & OS Lab. EvaluationEvaluation 18  Automated Analysis Do not distinguish between paths through if and switch statements

19 Computer Security & OS Lab. EvaluationEvaluation 19  Manual Analysis

Download ppt "2015. 4. 28 박 종 혁 컴퓨터 보안 및 운영체제 연구실 MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications,"

Similar presentations

Application Fundamentals Android Development. Announcements Posting in D2L Tutorials.

Application Fundamentals Android Development. Announcements Posting in D2L Tutorials.
Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel Department of Computer Science and Engineering The Pennsylvania State University ACSCA.

Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel Department of Computer Science and Engineering The Pennsylvania State University ACSCA.
Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.

Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.
A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID David Barrera, H. Güne¸s Kayacık, P.C. van Oorschot,

A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID David Barrera, H. Güne¸s Kayacık, P.C. van Oorschot,
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
Security of Mobile Applications Vitaly Shmatikov CS 6431.

Security of Mobile Applications Vitaly Shmatikov CS 6431.
Mobile Programming Pertemuan 6 Presented by Mulyono Poltek NSC Surabaya.

Mobile Programming Pertemuan 6 Presented by Mulyono Poltek NSC Surabaya.
Intent An Intent describes the operation to be performed. Intents are used to start an activity using either of the following methods – Context.startActivity()

Intent An Intent describes the operation to be performed. Intents are used to start an activity using either of the following methods – Context.startActivity()
Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.

Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.
Android Middleware Bo Pang Bpang@cc.hut.fi.

Android Middleware Bo Pang
Chien-Chung Shen cshen@udel.edu Manifest and Activity Chien-Chung Shen cshen@udel.edu.

Chien-Chung Shen Manifest and Activity Chien-Chung Shen
Android Security Architecture

Android Security Architecture
Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.

Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.
A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID.

A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID.
2015. 6. 26 박 종 혁 컴퓨터 보안 및 운영체제 연구실 Workshop on Mobile Security Technologies (MoST). 2012.

박 종 혁 컴퓨터 보안 및 운영체제 연구실 Workshop on Mobile Security Technologies (MoST)
Detecting and Preventing Privilege- Escalation on Android Jiaojiao Fu 1.

Detecting and Preventing Privilege- Escalation on Android Jiaojiao Fu 1.
Byron Alleman Will Galloway Jesse McCall. Permission Based Security Model Users can only use features for which their permissions grant them access Abstracts.

Byron Alleman Will Galloway Jesse McCall. Permission Based Security Model Users can only use features for which their permissions grant them access Abstracts.
© Keren Kalif Intro to Android Development Written by Keren Kalif, Edited by Liron Blecher Contains slides from Google I/O presentation.

© Keren Kalif Intro to Android Development Written by Keren Kalif, Edited by Liron Blecher Contains slides from Google I/O presentation.
All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영 2015. 04. 21.

All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영

Similar presentations

Ads by Google