Android Security Extensions

Similar documents

Android Security Extensions 2. Giovanni Russello

Firewall-based Solution for Preventing Privilege Escalation Attacks in Android

Smartphone Security pr. Sven Bugiel

Performance Measuring in Smartphones Using MOSES Algorithm

Android Security. Giovanni Russello

The Open University s repository of research publications and other research outputs

Ubiquitous and Mobile Computing CS 528: Information Leakage through Mobile Analytics Services

Practical Attacks against Mobile Device Management Solutions

Defending Behind The Device Mobile Application Risks

MOBILE SECURITY: DON T FENCE ME IN

Securing Corporate on Personal Mobile Devices

Performance Analysis Of Policy Based Mobile Virtualization in Smartphones Using MOSES Algorithm

ASM: A Programmable Interface for Extending Android Security

Defending Users Against Smartphone Apps: Techniques and Future Directions

Cloudy with a chance of 0-day

Why Encryption is Essential to the Safety of Your Business

ASSURING INTEGRITY OF DATAFLOW PROCESSING IN CLOUD COMPUTING INFRASTRUCTURE

Flexible Data-Driven Security for Android

How Attackers are Targeting Your Mobile Devices. Wade Williamson

Practical and Lightweight Domain Isolation on Android

QUIRE: : Lightweight Provenance for Smart Phone Operating Systems

How to Practice Safely in an era of Cybercrime and Privacy Fears

BYOD Guidance: BlackBerry Secure Work Space

The Sandbox Roulette: are you ready to gamble? Rafal Wojtczuk Rahul Kashyap

PRESENTING RISKS INTRODUCED BY ANDROID APPLICATION PERMISSIONS IN A USER-FRIENDLY WAY

RecDroid: A Resource Access Permission Control Portal and Recommendation Service for Smartphone Users

Data Protection Act Bring your own device (BYOD)

F-Secure Mobile Security. Android

A number of factors contribute to the diminished regard for security:

INFORMATION TECHNOLOGY SECURITY STANDARDS

DroidAuditor: Forensic Analysis of Application-Layer Privilege Escalation Attacks on Android

Research on Situation and Key Issues of Smart Mobile Terminal Security

Practical Attacks against Mobile Device Management (MDM)

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA

Taxonomic Modeling of Security Threats in Software Defined Networking

BYOD in the Enterprise

Emerging threats for the healthcare industry: The BYOD. By Luca Sambucci

BYPASSING THE ios GATEKEEPER

Analysis of advanced issues in mobile security in android operating system

Information Services. The University of Kent Information Technology Security Policy

Towards Taming Privilege-Escalation Attacks on Android

Hands on, field experiences with BYOD. BYOD Seminar

THOUSANDS OF APPS CAN'T BE WRONG: MOBILE APPLICATION ANALYSIS AT SCALE

JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM

Next-Generation Penetration Testing. Benjamin Mossé, MD, Mossé Security

The Cloud App Visibility Blindspot

Mobile Device Security Information for IT Managers

Mobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing

Best Practice Guide (SSL Implementation) for Mobile App Development 最佳行事指引. Jointly published by. Publication version 1.

Department of Education. Network Security Controls. Information Technology Audit

Practical Attacks against Mobile Device Management (MDM) Michael Shaulov, CEO Daniel Brodie, Security Researcher Lacoon Mobile Security

Mobile Security and Management Opportunities for Telcos and Service Providers

Don t Lose the Data: Six Ways You May Be Losing Mobile Data and Don t Even Know It

Threat Model for Mobile Applications Security & Privacy

BlackBerry 10.3 Work and Personal Corporate

Mitigating Bring Your Own Device (BYOD) Risk for Organisations

White Paper. Data Security. The Top Threat Facing Enterprises Today

BlackRidge Technology Transport Access Control: Overview

A number of factors contribute to the diminished regard for security:

Practical Attacks against MDM Solutions (and What Can You Do About It)

IBM Exam M IBM Security Sales Mastery Test v4 Version: 7.0 [ Total Questions: 62 ]

Covert Operations: Kill Chain Actions using Security Analytics

RightsWATCH. Data-centric Security.

ONE DEVICE TO RULE THEM ALL! AUDITING MOBILE DEVICES / BYOD NSAA IT CONFERENCE OCTOBER 2, 2014

PREVENTIA. Skyhigh Best Practices and Use cases. Table of Contents

Incident Response 101: You ve been hacked, now what?

How To Audit The Minnesota Department Of Agriculture Network Security Controls Audit

Agenda , Palo Alto Networks. Confidential and Proprietary.

Samsung SDS. Enterprise Mobility Management

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

Top Ten Security and Privacy Challenges for Big Data and Smartgrids. Arnab Roy Fujitsu Laboratories of America

Kony Mobile Application Management (MAM)

STRONGER AUTHENTICATION for CA SiteMinder

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

CITY UNIVERSITY OF HONG KONG Information Security Incident Management Standard

OWASP Mobile Top Ten 2014 Meet the New Addition

Building a Mobile Information Management Strategy

Mobility, Security Concerns, and Avoidance

Streamline Mobile Telecom Management with DATALERT! And MobileIron

Enterprise Mobility Management

Post-Access Cyber Defense

Owner-centric Protection of Unstructured Data on Smartphones

Chapter 20 Firewalls. Cryptography and Network Security Chapter 22. What is a Firewall? Introduction 4/19/2010

So#ware Security Goes Mobile. Russell Spitler

Regulation 8.3.R2 COMPUTING AND NETWORK FACILITIES RULES. 1. Definitions. In this regulation unless a contrary intention appears.

AGENDA. Background. The Attack Surface. Case Studies. Binary Protections. Bypasses. Conclusions

Enterprise Apps: Bypassing the Gatekeeper

IT Security Incident Management Policies and Practices

Cyber Security Incident Handling Policy. Information Technology Services Center (ITSC) of The Hong Kong University of Science and Technology

CA Service Desk Manager - Mobile Enabler 2.0

Two Vulnerabilities in Android OS Kernel

What Is BYOD? Challenges and Opportunities

Faculty/Staff/Community Mountain Home School District Computer and Network Appropriate Use Policy

Adobe Flash Player and Adobe AIR security

10 easy steps to secure your retail network

Information Security Policy

HP AppPulse Mobile. Whitepaper: Privacy, Security, and Overhead. Document Release Date: September 2014 (v1.0)

PRAIRIE SPIRIT SCHOOL DIVISION NO. 206, BOX 809, 121 KLASSEN STREET EAST, WARMAN, SK S0K 4S0 -- PHONE: (306)

CMPT 471 Networking II

Transcription:

Android Security Extensions

Android Security Model Main objective is simplicity Users should not be bothered Does the user care? Most do not care until its too late But We do It needs a more advanced security mechanism

Who is in charge of Security? It depends on the device use Personal use: then the user is in charge Work use: the security admin of the company BYOD: both The user for the private/personal part The security admin for the work part Google: they are in charge They control the platform The App developers Not as much as you think

Able to change your mind? The authority that is in charge should be allowed to change security policies/settings This should be done By using the device Remotely No side effects on the apps installed With the current model it is not possible Most apps crash when operations are denied

Defining Malware Any software that can disrupt normal activities Any software that does not behave as declared Any software that compromises some properties Privacy Confidentiality Reliability

Poorly Designed Apps If not designed properly, apps can (unintentionally): Deplete your resources (battery, data, etc.) Expose resources (internet, location, etc.)

Over Privileged Apps Apps (developers) can ask for any combination of permissions Users can either install the apps (granting permissions) or not install at all Combinations of permissions such as Internet and Locations SMS Local Storage Can result in information leakage

Privilege Escalation Attacks An adversary tries to escalate privileges to get unauthorised access to protected resources Confused deputy attack Leverage the vulnerability of a benign application Colluding attacks More applications collaborate to get an objectionable set of permissions Android does not deal with transitive privilege usage Allows applications to bypass restrictions imposed by their sandboxes An application with less permissions (a non privileged caller) is not restricted to access components of a more privileged application (a privileged callee) by default.

Privilege Escalation Attacks Data from component CA1 can reach component CC1 indirectly, via the CB1 component CB1 is able to access CC1 component since the application B and consequently all its components are granted p1 permission

Privilege Escalation Attacks Application B must enforce additional checks on permissions to ensure that the application calling CB1 component is granted a permission p1 Reference monitor hooks included in the code of the component The task to perform these checks is delegated to application developers instead of being enforced by the system in a centralized way

Android Security Extensions

Fine grained Security Policy Saint (ACSAC 09) Allows app developers to protect their applications from being misused APEX (ASIACCS 10) Circumvent the All or Nothing approach of Android permission granting Porscha (ACSAC 10) Support for DRM like policies for phone data CRePE (ISC 10) Enforcement of context related policies

Data Filtering and Tainting MockDroid (HotMobile 11) Limiting the access to the data TISSA (Trust 11) Substituting the reply from content providers TaintDroid (OSDI 10) Labelling of data for preventing data leakage

Protection against Privilege Escalation QUIRE (USENIX Security Symposium 11) Effective against confused deputy attacks Tracing of IPC chain to check if all apps have the right to access a resource However It requires that apps have to use modified API It does not solve the problem of colluding apps

Protection against Privilege Escalation AppFence (TR 11 Uni Washington and MS Research) Based on TaintDroid for taint capability It supports data shadowing and protects from data exfiltration However Effective only against confused deputy attack

Protection against Privilege Escalation XManDroid (TR 11) Real time IPC monitoring System state of the app communications for potential spread of privileges However No control outside the IPC channels (i.e. Internet access)

What is missing? No modifications to Android API No trust on apps Control over IPC and system level calls (internet) Data filtering capabilities Tuneable

That is why they came up with Yet Another Android Security Extension

Readings Davi, Lucas, et al. "Privilege escalation attacks on android." Information Security. Springer Berlin Heidelberg, 2011. 346 360.

Questions?