Android Security Extensions 2. Giovanni Russello g.russello@auckland.ac.nz

Similar documents
Android Security Extensions

Firewall-based Solution for Preventing Privilege Escalation Attacks in Android

Android Security. Giovanni Russello

Performance Measuring in Smartphones Using MOSES Algorithm

Defending Users Against Smartphone Apps: Techniques and Future Directions

Smartphone Security pr. Sven Bugiel

Towards Taming Privilege-Escalation Attacks on Android

Research on Situation and Key Issues of Smart Mobile Terminal Security

ASM: A Programmable Interface for Extending Android Security

PRESENTING RISKS INTRODUCED BY ANDROID APPLICATION PERMISSIONS IN A USER-FRIENDLY WAY

DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices

AFrame: Isolating Advertisements from Mobile Applications in Android

RecDroid: A Resource Access Permission Control Portal and Recommendation Service for Smartphone Users

DroidAuditor: Forensic Analysis of Application-Layer Privilege Escalation Attacks on Android

Presenting Risks Introduced by Android Application Permissions in a User-friendly Way

Analysis of advanced issues in mobile security in android operating system

Flexible Data-Driven Security for Android

Two Vulnerabilities in Android OS Kernel

Android Security Framework: Enabling Generic and Extensible Access Control on Android

DroidBarrier: Know What is Executing on Your Android

Defending Behind The Device Mobile Application Risks

Practical and Lightweight Domain Isolation on Android

How To Write Security Enhanced Linux On Embedded Systems (Es) On A Microsoft Linux (Amd64) (Amd32) (A Microsoft Microsoft 2.3.2) (For Microsoft) (Or

QRCloud: Android Vulnerability Query and Push Services Based on QR Code in Cloud Computing

The Open University s repository of research publications and other research outputs

URANOS: User-Guided Rewriting for Plugin-Enabled ANdroid ApplicatiOn Security

Owner-centric Protection of Unstructured Data on Smartphones

IBM Exam M IBM Security Sales Mastery Test v4 Version: 7.0 [ Total Questions: 62 ]

Top Ten Security and Privacy Challenges for Big Data and Smartgrids. Arnab Roy Fujitsu Laboratories of America

Performance Analysis Of Policy Based Mobile Virtualization in Smartphones Using MOSES Algorithm

A Comprehensive Analysis of Android Security and Proposed Solutions

THOUSANDS OF APPS CAN'T BE WRONG: MOBILE APPLICATION ANALYSIS AT SCALE

Emerging Mobile Platforms: Firefox OS and Tizen

How To Audit The Minnesota Department Of Agriculture Network Security Controls Audit

PFP Technology White Paper

Ubiquitous and Mobile Computing CS 528: Information Leakage through Mobile Analytics Services

BlackRidge Technology Transport Access Control: Overview

QUIRE: : Lightweight Provenance for Smart Phone Operating Systems

Aurasium: Practical Policy Enforcement for Android Applications

Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG

NSA Security-Enhanced Linux (SELinux)

Design and Implementation of an Android Host-based Intrusion Prevention System

Agenda , Palo Alto Networks. Confidential and Proprietary.

Android Security - Common attack vectors

Android Security Data from the Frontlines

Implementation and Direct Accessing of Android Authority Application in Smart Phones

An extension to the Android access control framework

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

The Sandbox Roulette: are you ready to gamble? Rafal Wojtczuk Rahul Kashyap

Incident Response 101: You ve been hacked, now what?

A Research on Camera Based Attack and Prevention Techniques on Android Mobile Phones

Analysis of the Communication between Colluding Applications on Modern Smartphones

A Review on Android Security

The True Story of Data-At-Rest Encryption & the Cloud

How Attackers are Targeting Your Mobile Devices. Wade Williamson

The Behavioral Analysis of Android Malware

CyberArk Privileged Threat Analytics. Solution Brief

Dude, Ask The Experts!: Android Resource Access Permission Recommendation with RecDroid

Security and Privacy in Public Clouds. David Lie Department of Electrical and Computer Engineering University of Toronto

DroidTest: Testing Android Applications for Leakage of Private Information

A proposal to realize the provision of secure Android applications - ADMS: an application development and management system -

WIND RIVER SECURE ANDROID CAPABILITY

Review on Android and Smartphone Security

Hands on, field experiences with BYOD. BYOD Seminar

Mobile Application Security Sharing Session May 2013

How To Analyze The Malicious Behavior Of An Android Applications

Access Control Fundamentals

Lecture Embedded System Security A. R. Darmstadt, Introduction Mobile Security

MOBILE SECURITY: DON T FENCE ME IN

Adobe Systems Software Ireland Ltd

Next-Generation Penetration Testing. Benjamin Mossé, MD, Mossé Security

AdDroid: Privilege Separation for Applications and Advertisers in Android

Advanced Systems Security

Department of Education. Network Security Controls. Information Technology Audit

Security Threats for Mobile Platforms

Third Party Components in Applications: Understanding Application Security

Taming Information-Stealing Smartphone Applications (on Android)

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Android Commercial Spyware Disease and Medication

Business Protection. Personal Privacy. One Device. Enhanced Security for Your Network and Business Intelligence.

Lecture 17: Mobile Computing Platforms: Android. Mythili Vutukuru CS 653 Spring 2014 March 24, Monday

ASSURING INTEGRITY OF DATAFLOW PROCESSING IN CLOUD COMPUTING INFRASTRUCTURE

Thoth: Comprehensive Policy Compliance in Data Retrieval Systems

Enterprise Application Security Workshop Series

Taxonomic Modeling of Security Threats in Software Defined Networking

PREVENTIA. Skyhigh Best Practices and Use cases. Table of Contents

INFORMATION TECHNOLOGY SECURITY STANDARDS

Android Security Framework: Extensible Multi-Layered Access Control on Android

Detection of Malicious Android Mobile Applications Based on Aggregated System Call Events

ESUKOM: Smartphone Security for Enterprise

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

Threat Model for Mobile Applications Security & Privacy

Review of Malware Defense in Mobile Network using Dynamic Analysis of Android Application

Mobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing

Security Solution for Android Application Assessment

The Case for SE Android. Stephen Smalley Trust Mechanisms (R2X) National Security Agency

Practical Attacks against Mobile Device Management Solutions

A Perspective on the Evolution of Mobile Platform Security Architectures

BUSINESS PROTECTION. PERSONAL PRIVACY. ONE DEVICE.

White Paper. Data Security. The Top Threat Facing Enterprises Today

Transcription:

Android Security Extensions 2 Giovanni Russello g.russello@auckland.ac.nz

Preparing the Report A report must be provided before your presentation The report should be 4 pages long The content of the report must be YOURS No copy-and-past from the main article Use your own word to describe the article

What s in the Report? The report should contain A description of the article An analysis/criticism of the main approach of the article I expect a 50/50 approach 2 pages for description 2 pages for analysis/criticism

How to Analyse/Criticise Does the paper live up to your expectations? Think about what you were expecting from this paper by reading the Abstract/Title/Intro If you were the user of this system, would it work for you? Why? Why not? Would this system help you with your security requirements? What could the authors have done differently?

Defining Malware Any software that can disrupt normal activities Any software that does not behave as declared Any software that compromises some properties Privacy Confidentiality Reliability

Poorly Designed Apps If not designed properly, apps can (unintentionally): Deplete your resources (battery, data, etc.) Expose resources (internet, location, etc.)

Over-Privileged Apps Apps (developers) can ask for any combination of permissions Users can either install the apps (granting permissions) or not install at all Combinations of permissions such as Internet and: Locations, SMS, Local Storage Can result in information leakage

Privilege Escalation Attacks An adversary tries to escalate privileges to get unauthorised access to protected resources Confused deputy attack: leverage the vulnerability of a benign application Colluding attacks: more applications collaborate to get an objectionable set of permissions

Privilege Escalation Attacks Install Time: Uses Permission = P1? Sandbox System Sandbox C A App A B S Android Apps P1 P2 S1 S2 Activity Manager Android Middleware Reference Monitor

Privilege Escalation Attacks Sandbox P1 System Sandbox C A App A B S Android Apps P1 P2 S1 S2 Activity Manager Android Middleware Reference Monitor

Privilege Escalation Attacks Sandbox P1 System Sandbox C A App A B S Android Apps P1 P2 S1 S2 Activity Manager Android Middleware Reference Monitor

Privilege Escalation Attacks Sandbox Sandbox P1 System Sandbox C App B B C App A B Android Apps P1 P2 A S A S S1 S2 Reference Monitor Activity Manager Android Middleware

Privilege Escalation Attacks Sandbox Sandbox P1 System Sandbox C App B B C App A B Android Apps P1 P2 A S A S S1 S2 Reference Monitor Activity Manager Android Middleware

Privilege Escalation Attacks Sandbox Sandbox P1 System Sandbox C App B B C App A B Android Apps P1 P2 A S A S S1 S2 Reference Monitor Activity Manager Android Middleware

Android Security Extensions Application Layer Aurasium I-ARM-Droid Dr Android Reddy Android Middleware DVM TaintDroid MockDroid TISSA Reference Monitor Saint Apex CRePE XManDroid AppFence QUIRE Installer Saint Apex Kirin XManDroid Paranoid Android Paranoid Android QUIRE Linux Kernel SELinux

Fine-grained Security Policy Saint (ACSAC 09) Allows app developers to protect their applications from being misused APEX (ASIACCS 10) Circumvent the All-or-Nothing approach of Android permission granting Porscha (ACSAC 10) Support for DRM-like policies for phone data CRePE (ISC 10) Enforcement of context-related policies

Data Filtering and Tainting MockDroid (HotMobile 11) Limiting the access to the data TISSA (Trust 11) Substituting the reply from content providers TaintDroid (OSDI 10) Labelling of data for preventing data leakage

Protection against Privilege Escalation QUIRE (USENIX Security Symposium 11) Effective against confused deputy attacks Tracing of IPC chain to check if all apps have the right to access a resource However It requires that apps have to use modified API It does not solve the problem of colluding apps

Protection against Privilege Escalation AppFence (TR 11 Uni Washington and MS Research) Based on TaintDroid for taint capability It supports data shadowing and protects from data exfiltration However Effective only against confused deputy attack

Protection against Privilege Escalation XManDroid (TR 11) Real-time IPC monitoring System state of the app communications for potential spread of privileges However No control outside the IPC channels (i.e. Internet access)

What is missing No modifications to Android API No trust on apps Control over IPC and system-level calls (internet) Data filtering capabilities Tuneable

That is why we came up with Yet Another Android Security Extension

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information