2. WALK THROUGH
Android Basics
Android Security Model
Application Sandboxing
Permission Model
What is an Android application?
Introduction
Versions
Android Stack
Application Components
Manifest file
Requesting Permissions
Android more secure than IOS??
Multiple Layers of Android security
Android Malwares
How effective are mobile anti-viruses
Android Rooting
Android Market
Android Application Vulnerability Scanner Toolkit
Open Security issues in Android platform
Top 7 Vulnerabilities Android Application Developers May Jump Into
4. There are 4 billion mobile phones among 7 billion
people in the world
Android owns the crown among its competitors
The use of smartphones for financial transactions
and storing private information is increasing
Losing the mobile phone is more worse than losing
wallets
Securing the data residing in mobiles is of prime
importance.
5. Android uses a kind of UNIX sandboxing method
to run its applications
Applications uses IPC mechanisms to
communicate among each other
These IPC mechanisms uses concept of
endpoints
All the configuration parameters and the security
parameters of an application are defined in a file
called AndroidManifest.xml
9.
Unix Sandboxing
Each application have its own user name and
memory space
One app cannot access resources of other app
Android permission enforcement
10.
11.
12. Android permissions protect
-- Access to sensitive APIs
-- Access to content providers
-- Inter- and intra-application communication
14. WHAT IS AN ANDROID APPLICATION…?
Android applications are composed of one or more
application components
Activities
Services
Broadcast Receivers
Content Providers
Each component performs a different role in the
overall application behavior, and each one can be
activated individually (even by other applications)
The manifest file must declare all components in
the application and should also declare all
application requirements.
22. COMPONENT PERMISSION
Components can be made accessible to other
applications (exported) or be made private
Default is private
Converted to public when component is registered to
receive an implicit intents
Components can be protected by permission
34. Android Is Secure...Users Aren‘t
Google can't count malware it doesn't see
Android has defenses...to protect itself, not your
data
Many of Android's defenses are bypassed with a
few taps, or by users
unauthorized sources
Rooting
What else.. ?
36.
No, Mobile Anti-Malware Utilities for Android are
Not Perfect, or Even the Same Protection You Get
on the Desktop
You can't just install a mobile security suite on your
Android phone and assume you'll be safe
regardless of what you do.
The real weapon you have against Android
malware is common sense.
38. LEARN TO TELL IF AN ANDROID APP IS
MALWARE BEFORE YOU INSTALL IT
Take a look at app store reviews
Pay attention to the permissions an app requests
Check the developer's other apps
Don't install applications from unusual or suspicious
sources
Keep a close watch on SMS and data activity
40.
Android rooting is the process of allowing users
of smartphones, tablets, and other devices running
the Android mobile operating system to
attain privileged control (known as "root access")
within Android's subsystem.
43.
In the tightly-controlled iOS world, technical
restrictions prevent
installing or booting into a modified or entirely new
operating system (a "locked bootloader" prevents this)
sideloading unsigned applications onto the device
user-installed apps from having root privileges (and are
run in a secure sandboxed environment)
Bypassing all these restrictions together constitute
the expansive term "jailbreaking" of Apple devices
46. OPEN SECURITY ISSUES
Malicious Applications
Rooting Exploits
SMS Fraud
Rapid Malware Production
Dynamic Analysis
Sandbox
Real-time Monitoring
Mobile Specific Features
Static Analysis
Permissions
Data Flow
Control Flow
Browser Attacks
Phishing
Click Through
Mobile Botnets
Epidemic Spread
Attacking Network Services
Tracking Uninfected Devices
User Education
Ignoring Permissions
Phishing
Improperly Rooting Devices
Alternative Markets
47. OTHER OPEN PROBLEMS
Hard to separate malicious code from benign
Poor Application Verification
Obfuscation
Dynamic code loading
Limited availability of tools
Repackaging
Resources for Understanding Android Security
48. TOP 7 VULNERABILITIES ANDROID
APPLICATION DEVELOPERS JUMP INTO
Unauthorized Intent Receipt
Intent Spoofing
Insecure Storage
Insecure Network Communication
SQL Injection
Over Privileged Applications
Persistent Messages: Sticky Broadcasts
51.
Vulnerabilities in Android applications
Intent Spoofing (Confused-deputy Vulnerability)
Insecure Storage (Cross-application Data Stealing
Vulnerability)
Over Privileged Applications
Debuggable Applications
No tool available for finding and fixing vulnerabilities
in Android applications
Sensitive user data is getting leaked due to
insecure applications
60. SOME TIPS TO KEEP YOUR DATA SECURE
Always use encryption (whatsapp)
Never download apps from unsolicited emails and
texts (malware)
Always check apps permissions (confused-deputy
attacks, malware)
Monitor your data and messages