html5-img
1 / 27

Review, Analysis and Recommendations for Secure Applications in Android Platforms

Review, Analysis and Recommendations for Secure Applications in Android Platforms. Diego Betancur Supervisors: Prof. Vijay Varadharajan Dr. Udaya Tupakula June 13 th , 2012. Outline. Introduction Android Security Model (System and Applications) Android Market and Malware

melina
Download Presentation

Review, Analysis and Recommendations for Secure Applications in Android Platforms

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Review, Analysis and Recommendations forSecure Applications in Android Platforms Diego Betancur Supervisors: Prof. VijayVaradharajan Dr. UdayaTupakula June 13th, 2012

  2. Outline • Introduction • Android Security Model (System and Applications) • Android Market and Malware • Current Security Problems • Possible Solutions • Secure Development Diego Betancur Android Security Review and Solutions

  3. Why Care? • Almost 1'000.000 activations everyday. • Malware growing rapidly • Worldwide Smartphone Sales (%) Diego Betancur Android Security Review and Solutions

  4. Android Architecture

  5. Outline • Introduction • Android Security Model (System and Applications) • Android Market and Malware • Current Security Problems • Possible Solutions • Secure Development Diego Betancur Android Security Review and Solutions

  6. Application Isolation - Sandbox • Different UID and GID for every app • No shared memory or resources • Interaction between apps through components • Some processes run in 'root' mode not accessible to user • Isolation at kernel level not the VM Diego Betancur Android Security Review and Solutions

  7. Application Components • Activities: UI • Services: Daemons running in the background • Content Providers: Relational DB for sharing data • Broadcast Receivers: Receive messages from other apps/system. E.g. Battery is charged • Intents: Triggers another component Diego Betancur Android Security Review and Solutions

  8. Permissions • Restrict components interactions • Granted by users at installation • Defined in the Manifest File (xml) • Levels: • Normal: Set alarm, vibrate • Dangerous: Send SMS, calls • Signature: Inject events • SignatureOnSystem: Access USB Diego Betancur Android Security Review and Solutions

  9. Outline • Introduction • Android Security Model (System and Applications) • Android Market and Malware • Current Security Problems • Possible Solutions • Secure Development Diego Betancur Android Security Review and Solutions

  10. Android Market • Easy to publish apps, only $25 • 46.9% growth in the last few years • Over 10 billions app downloads • Around 70% of apps are free • 80% supported by advertisement • Controls: • Application Signing • Security Scan Diego Betancur Android Security Review and Solutions

  11. Malware Types in Android Diego Betancur Android Security Review and Solutions

  12. Tap-Jacking Attack • Malicious Activity • User interacts with a fake interface Diego Betancur Android Security Review and Solutions

  13. Outline • Introduction • Android Security Model (System and Applications) • Android Market and Malware • Current Security Problems • Possible Solutions • Secure Development Diego Betancur Android Security Review and Solutions

  14. Users: The Weakest Link • Do users read permissions before installing an app? • Do users understand the risks involved? • Its all about Trust Diego Betancur Android Security Review and Solutions

  15. Rooting • Why? • Access custom ROMs • Remove vendors and operators apps • More speed and functionalities • Problems: • Needs to exploit a vulnerability • If a malicious process gets root privileges all security is compromised (Encryption, app isolation) Diego Betancur Android Security Review and Solutions

  16. Inter-Application Communication (IPC) Diego Betancur Android Security Review and Solutions

  17. The Permission Model • A secure app does not remain secure forever • No Selective Permissions • Advertisement Permissions: • FULL INTERNET ACCESS • FINE LOCATION • Other Permissions: • SD ACCESS Diego Betancur Android Security Review and Solutions

  18. Outline • Introduction • Android Security Model (System and Applications) • Android Market and Malware • Current Security Problems • Possible Solutions • Secure Development Diego Betancur Android Security Review and Solutions

  19. Permissions By Category Model Example • Social and Communication • ACCOUNTS • PERSONAL INFO • Communication Only • COST MONEY • MESSAGES • MESSAGES: Trusted Email client • FULL INTERNET ACCESS • LOCATION Diego Betancur Android Security Review and Solutions

  20. IPC Problem Solutions • IPC inspection based on "taints" (labels) to identify the source • History-Based Access Control (HBAC) • Disadvantage: • Processing Overhead Diego Betancur Android Security Review and Solutions

  21. Permissions Problem Solutions • New set of Permissions for Advertisement. E.g. LOCATION_ADVERTISEMENT • Selective Permissions. E.g.: By time • Include security ratings for developers • Remove permissions for paid versions • Disadvantages: • Tracking of more attributes • Affects developers business model Diego Betancur Android Security Review and Solutions

  22. Outline • Introduction • Android Security Model (System and Applications) • Android Market and Malware • Current Security Problems • Possible Solutions • Secure Development Diego Betancur Android Security Review and Solutions

  23. Secure Development • Intents: Do not use them to pass confidential data • Services: Check permission of calling component (PERMISSION_DENIED or PERMISSION_GRANTED) • Broadcasts Receivers: Validate input from Intents and do not leak information • Content Providers: Define permission to access. Use URI schemes • Intent Filters: Activities should only be launched by authorized components. Add categories to restrict what intents can be called Diego Betancur Android Security Review and Solutions

  24. Additional Best Practices • Encrypt sensitive data: • 3DES, AES, Certificate • Mark components as: android:exported="false" unless public • Use custom permissions to control access • Use anti-malware protection Diego Betancur Android Security Review and Solutions

  25. Conclusions • Good Default System Security (Sandbox) • High re-usability by components • Trade-off: Usability vs Security • Risk: Consequences (Privacy and Confidentiality) x Likelihood (Large amount of apps installed by Users) • Developers can create a secure environment Diego Betancur Android Security Review and Solutions

  26. Questions?Thank you. Diego Betancur Android Security Review and Solutions

  27. References • Android Security Model made at Android Dev Camp, March 4-6 • http://developer.android.com • Deep Drive into Android Security – AleskandarGargenta Diego Betancur Android Security Review and Solutions

More Related