Download Android Security

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
page
54
Document related concepts
no text concepts found
Transcript 
Click to edit Master title style
Android Security – Dual Profile
Device
Neelima Krishnan
Gayathri Subramanian
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
Click to editOutline
Master title style
Introduction
Why is Android Security Important ?
Security Model in Android
What we proposed and What we did
Implementation Details
Results and Conclusion
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
2
Click to edit
Master title style
Introduction
 A software platform and operating system for mobile devices
 Based on the Linux kernel
 Developed by Google and later the Open Handset Alliance (OHA)
 Allows writing managed code in the Java language
 Possibility to write applications in other languages and compiling it
to ARM native code
 Unveiling of the Android platform was announced on 5 November
2007 with the founding of OHA
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
Click to The
editBig
Master
title style
Question
Who is Responsible for Android Security?
Google ?
Users ?
Application Developers ?
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
4
Click Security
to edit Important
Master title
style
Why is Android
? (Responsibility
?)
 Android Market is open unlike Apple Store
Developers are free to submit their apps on
the market. Each app should list the
permissions it uses before installation.
User should decide if he wants to install the
app based on the permissions.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
5
Clickis to
edit Master
title style?
Why
Android
Security Important
Apps make Smart-Phones a general-purpose
computing platform.
We can now send text messages, multimedia
messages, access email, browse the Web,
create and edit pdfs and other documents.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
6
Click Security
to edit Important
Master title
style Growth)
Why is Android
? (malware
 In March 2011 , 58 apps containing malicious activities were removed
from android market.
 Unfortunately 260,000 downloads had been recorded for these 58
applications.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
7
Click
to edit
MasterOStitle
style
Growth
of Android
Market
Android is the leading smartphone platform of choice among US
smartphone users.
Google is receiving more than 550,000 activations per day.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
8
Click Android
to edit Security
MasterModel
title style
Challenge :- Security platform should provide
flexibility for open platform
provide protection for all users
Aim:- OS should protect
User data
System Resources
 Application Isolation
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
9
Click
to edit
Master
title
style
Android
Security
Model
.. Cntd..
Key Security features
Robust security at kernel level
Mandatory application sandbox
Secure IPC
Application Signing
Application-defined and user-granted
permissions
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
10
Click
to editSecurity
Master title
style
Android
Model
 The secure sandbox
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
Click
to edit
Master Security
title style
Android
Application
 protected APIs are
SMS/MMS
Camera
Bluetooth
Telephony
GPS
Network/data connections
These are accessible only through APIs
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
12
Click
to edit
Master Security
title style
Android
Application
To use protected API declare them in the
manifest file (which is part of apk)
These permissions are displayed when the
user installs the application
User cannot grant/deny individual permission
After installation user is not prompted to
confirm any of these permissions again
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
13
ClickApplication
to edit Master
title style
layer Security
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
14
Application
Layer
Security
Manifest.xml
Click
to edit
Master-title
style
• The Manifest presents essential information about the application.
• It describes the components of the application
1.
2.
3.
4.
Activities
Services
Broadcast Receivers
Content Providers
• Declares which permissions the application would use.
• Declares the minimum level of the Android API that the application
requires
• Lists the libraries that the application must be linked against
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
15
Android Security Risks
Click to edit Master title style
 Flimsy passwords
 Naked Data
 SMShing
 Unsafe Surfing
 Nosy Apps
 Repackaged and fraudulent apps
 Android malware
 Fake anti-malware
 Losing the device.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
16
Rewinding
an year
of Android
Malware
Click
to edit
Master
title style
• SMS malware threats
SMS.AndroidOS.FakePlayer.a -b-c
AndroidOS_Droisnake.A
Android.Walkinwat
• GPS malware threats
AndroidOS_Droisnake.A
Android.Geinimi
• Trojans
- Android.Geinimi, Android.Pjapps, Droiddream, Android.Adrd AKA
Android.HongTouTou, Android.Pjapps, Android.BgServ AKA Troj/BgservA AKA AndroidOS_BGSERV.A, Android.Zeahache
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
17
An Android
– Droidtitle
Dream
Click toMalware
edit Master
style
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
18
Click to edit
OurMaster
Solution title style
What we proposed?
GPS Watcher
Dual-Mode GUI
Encryption
VPN-Server
What we implemented ?
SMS Scanner
GPS Scanner
(These are part of
Application Permission
Viewer)
Application Malware
Scanner
Dual-Mode Profile
supporting Encryption
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
19
Click toIMPLEMENTATION
edit Master title style
Dual-Mode Profile
Application Permission Viewer
 GPS Scanner
SMS Scanner
Application Malware Scanner
Encryption
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
20
Click to edit
Master
title style
Dual-Mode
GUI
The GUI consists of a login page which allows
you to choose secure or standard log-in
Secure side login button prompts you for
entering a secret password.
Hashing is used to store and verify the
password.
User can any time switch modes after login by
accessing the switch button in the Status
Notification bar.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
21
Click to editThe
Master
GUI title style
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
22
Click toIMPLEMENTATION
edit Master title style
Dual-Mode Profile
Application Permission Viewer
 GPS Scanner
SMS Scanner
Application Malware Scanner
Dual-Mode Profile Encryption
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
23
Click to
Master
title
style
Recap
on edit
Application
layer
Security
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
24
Click to edit
Masterlisttitle style
Permission
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
25
Click toof
edit
Master
style Bird)
Manifest.xml
the
apptitle
(Angry
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
26
Click to edit Master
title style
Manifest.xml
.. Cntd
..
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
27
Permissions requested
Click to edit
byMaster
Angry Birds
title style
application






INTERNET
READ_PHONE_STATE
ACCESS_NETWORK_STATE
WRITE_EXTERNAL_STORAGE
ACCESS_WIFI_STATE
ACCESS_COARSE_LOCATION
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
28
Click
to editlists
Master
title
styleapps
Some
Permission
used by
famous
 Permissions Used by Weather Channel app
ACCESS_COARSE_LOCATION
ACCESS_FINE_LOCATION
ACCESS_WIFI_STATE
ACCESS_LOCATION_EXTRA_COMMANDS
CHANGE_NETWORK_STATE
CHANGE_CONFIGURATION
INTERNET
MODE_WORLD_WRITEABLE
ACCESS_NETWORK_STATE
CALL_PHONE
VIBRATE
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
29
Click
to edit Permission
Master title
style
Application
Viewer
Android App which is first step in providing
Application layer Security.
Displays the list of Android Apps installed on
our device.
Displays all permissions requested by the
selected app.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
30
ClickScreenshot
to edit Master
title style
of the output
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
31
ClickScreenshot
to edit Master
title style
of the output
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
32
Click to
edit
title style
SMS
andMaster
GPS Scanner
SMS and GPS Scanner are simple extensions
to Application Permission Viewer.
Apart from listing the permissions , it displays
a warning to the user , if the selected
application can send sms or access our
location
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
33
Click
to edit Master
title style
Screenshot
of SMS Scanner
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
34
Click
to edit Master
title style
Screenshot
of GPS Scanner
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
35
Click toIMPLEMENTATION
edit Master title style
Dual-Mode Profile
Application Permission Viewer
 GPS Scanner
 SMS Scanner
Application Malware Scanner
Dual-Mode Profile
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
36
Click to
edit Master
title style
Android
App Scanner
Gets the list of all apps installed on our device
Fetches the permission list of each of these
apps and compares them against the hardcoded rules
If any one of the rule matches , the app is
tagged as ‘Potential Malware’
After Scanning all the apps , lists the Potential
Malware as an alert.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
37
Click
to edit Rules
Master title style
Policy
 The policy rules we have created from the study on the android
malwares
1. SET_DEBUG_APP
2. INSTALL_PACKAGES
3. DELETE_PACKAGES
4. RECEIVE_SMS + WRITE_SMS
5. WRITE_SMS + SEND_SMS
6. RECEIVE_SMS + SEND_SMS
7. UNINSTALL_SHORTCUT + INSTALL_SHORTCUT
8. PROCESS_OUTGOINGCALLS + RECORD_AUDIO + INTERNET
9. READ_PHONE_STATE + RECORD_AUDIO + INTERNET
10. WRITE_CONTACT + READ_CONTACTS + INTERNET
11. CAMERA+ SEND_SMS + INTERNET
12. CHANGE_WIFI_STATE + READ_CONTACTS + INTERNET
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
38
Click toRules
edit Master
title style
Policy
(Contd.)
13. WRITE_SETTINGS + READ_PHONE_STATE + GET_ACCOUNTS +
INTERNET
14. CHANGE_CONFIGURATION + MODE_WORLD_WRITABLE +
CALL_PHONE_INTERNET
15. READ_LOGS + ACCESS_WIFI_STATE + INTERNET
16. READ_PHONE_STATE + ACCESS_WIFI_STATE + INTERNET
17. READ_PHONE_STATE + ACCESS_COARSE_LOCATION + INTERNET
18. RECEIVE_BOOT_COMPLETE + ACCESS_COARSE_LOCATION +
INTERNET
19. RECEIVE_BOOT_COMPLETE + ACCESS_FINE_LOCATION + INTERNET
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
39
to edit popular
Masterapps
titleagainst
style our rules
Results ofClick
Investigating
Application Name
potential Malware ?
Inference
Sudoko
no
Angry-Bird v1.3
yes
READ_PHONE_STATE ,
ACCESS_NETWORK_STATE,
WRITE_EXTERNAL_STORAGE
ACCESS_WIFI_STATE
ACCESS_COARSE_LOCATION
INTERNET
Bar Code Scanner
Yes
CAMERA
READ_CONTACTS
WRITE_CONTACTS
INTERNET
READ_HISTORY_BOOKMARKS
VIBRATE
FLASHLIGHT
WRITE_EXTERNAL_STORAGE
WRITE_SETTINGS
CHANGE_WIFI_STATE
ACCESS_WIFI_STATE
ACCESS_NETWORK_STATE
WAKE_LOCK
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
40
to edit popular
Masterapps
titleagainst
style our rules
Results ofClick
Investigating
Application Name
potential Malware ?
Inference
FaceBook Messenger
/ oovoo
yes
INTERNET
GET_ACCOUNTS
ACCESS_NETWORK_STATE
WAKE_LOCK
ACCESS_FINE_LOCATION
READ_CONTACTS
WRITE_EXTERNAL_STORAGE
READ_PHONE_STATE
ACCESS_WIFI_STATE
RECEIVE_BOOT_COMPLETED
CAMERA
Facebook
no
WAKE_LOCK
INTERNET
READ_CONTACTS
WRITE_CONTACTS
GET_ACCOUNTS
MANAGE_ACCOUNTS
AUTHENTICATE_ACCOUNTS
READ_SYNC_SETTINGS
WRITE_SYNC_SETTINGS
ACCESS_FINE_LOCATION
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
41
to edit popular
Masterapps
titleagainst
style our rules
Results ofClick
Investigating
Application Name
potential Malware ?
Inference
Google+
No
INTERNET
ACCESS_FINE_LOCATION
ACCESS_NETWORK_STATE
GET_ACCOUNTS
MANAGE_ACCOUNTS
READ_CONTACTS
READ_PHONE_STATE
USE_CREDENTIALS
WAKE_LOCK
WRITE_EXTERNAL_STORAGE
ACCESS_NETWORK_STATE
GET_ACCOUNTS
INTERNET
MANAGE_ACCOUNTS
USE_CREDENTIALS
VIBRATE
WRITE_EXTERNAL_STORAGE
USE_CREDENTIALS
READ_SYNC_STATS
READ_SYNC_SETTINGS
WRITE_SYNC_SETTINGS
SUBSCRIBED_FEEDS_READ
SUBSCRIBED_FEEDS_WRITE
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
42
to edit popular
Masterapps
titleagainst
style our rules
Results ofClick
Investigating
Application Name
potential Malware ?
Inference
netflix
yes
INTERNET
ACCESS_NETWORK_STATE
ACCESS_WIFI_STATE
READ_PHONE_STATE
WAKE_LOCK
READ_LOGS
WRITE_EXTERNAL_STORAGE
GET_TASKS
Yahoo mail
yes
READ_SMS
READ_SYNC_SETTINGS
READ_SYNC_STATS
RECEIVE_BOOT_COMPLETED
RECEIVE_SMS
SEND_SMS
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
43
ClickScreenshot
to edit Master
title style
of the output
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
44
ClickScreenshot
to edit Master
title style
of the output
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
45
Click toIMPLEMENTATION
edit Master title style
Dual-Mode Profile
Application Permission Viewer
 GPS Scanner
 SMS Scanner
Application Malware Scanner
Dual-Mode Profile
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
46
Click toDual
editMode
Master
title style
Profile
Features:
 Encrypted data and cache.
 Encryption done using AES-CBC
 Implemented the Linux Unified Key System (LUKS)
 Crypt setup was used to create an encrypted file
system
 Crypt setup is implemented as a device mapper target,
thus enabling the encryption of block devices and files
 Key Storage
 Mount encrypted data and cache into /data and /cache on
profile switch.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
47
Click to editKeyterms
Master title style
 Zygote
 Loop back Filesystem
 Block device
 Encryption-AES-CBC
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
48
Click
to edit
Master
title style
Steps
to perform
Encryption












Configure the kernel to support encryption.
Create an empty file, secureMode.
Mknod
Losetup
Encrypt the blocks
Format the new encrypted filesystem- mkfs or mke2fs.
Copy contents of current /data and /cache folder into a mount
point.
Stop Zygote.
Unencrypt the encrypted block.
Mount this into the /data and /cache .
Restart Zygote.
After use Encrypt and umount this, and mount original /data and
/cache back. Why?
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
49
ClickScreenshot
to edit Master
title style
of the output
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
50
ClickScreenshot
to edit Master
title style
of the output
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
51
ClickScreenshot
to edit Master
title style
of the output
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
52
Click to edit
Master title style
Conclusion
Secure the personal data
Don’t worry if your device is stolen.
 Less number of gadgets to carry around
 Remember, this is only a first step to make
your life “private”.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
53
Click to edit
Master title style
Questions
?
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science
54
Related documents
Tech Connections - Bellingham Public Schools
Tech Connections - Bellingham Public Schools
DIRECT MARKETING
DIRECT MARKETING
management sciences - Tippie College of Business
management sciences - Tippie College of Business
Data Mining Talk - UCLA Computer Science
Data Mining Talk - UCLA Computer Science
Chap 14
Chap 14
Health Insurance Portability and Accountability Act (HIPAA) Notice of Privacy Practices
Health Insurance Portability and Accountability Act (HIPAA) Notice of Privacy Practices
the exploration of north america
the exploration of north america
File west virginia road to statehood answers1
File west virginia road to statehood answers1
Marketing on Internet
Marketing on Internet
PowerPoint: Virginia`s Renewable and Nonrenewable Resources
PowerPoint: Virginia`s Renewable and Nonrenewable Resources
Android Introduction
Android Introduction