1 / 19

Policy Weaving for Mobile Devices

Policy Weaving for Mobile Devices. Drew Davidson. Why Mobile?. Smartphone security is critical 1200 to 1400 US Army troops to be equipped with Android smartphones by October [Wired, June 2012] 70% of companies have a bring your own device policy [431 Group, August 2012]

olive
Download Presentation

Policy Weaving for Mobile Devices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Policy Weaving for Mobile Devices Drew Davidson

  2. Why Mobile? • Smartphone security is critical • 1200 to 1400 US Army troops to be equipped with Android smartphones by October [Wired, June 2012] • 70% of companies have a bring your own device policy [431 Group, August 2012] • Unique security measures

  3. Policy Weaving for Mobile Devices Developer App Store • App sandboxing • Java or C# • App manifests • Permissions listed at install time • Markets serve as gatekeepers Bytecode App Manifest Binary Resources

  4. How Effective are These Measures? Tasker App Sandboxing • Sandboxed apps can still do damage App Manifests • Users demonstrate poor comprehension and lack of concern Markets Analysis • Not individualized Send SMS Messages: Malicious apps may cost you money by sending messages Intercept Outgoing Calls: Malicious apps may monitor, redirect, or prevent outgoing calls Add or Modify Calendar Events and Send Email to Guests Without Owners' Knowledge: Malicious apps may send spam emails that appear to come from calendar owners, modify events without the owners' knowledge, or add fake events

  5. How Effective are These Measures? [Felt et al., February 2012] App Sandboxing • Sandboxed apps can still do damage App Manifests • Users demonstrate poor comprehension and lack of concern Markets Analysis • Not individualized • In-lab and online survey of Android Users: • Only 8 users out of 302 (2.6%) correctly answered all 3 questions about permissions • On average respondents answers 21% of questions correctly • Only 29% of respondents have ever not installed an app because of permissions

  6. How Effective are These Measures? Developer App Store App Sandboxing • Sandboxed apps can still do damage App Manifests • Users demonstrate poor comprehension and lack of concern Markets Analysis • Not individualized • We leverage the app store gatekeeper by installing a mobile code weaver there • Each client can upload a policy • Weaver builds custom app for each client Bytecode App Weaver Manifest Enterp. 1 Binary Resources Enterp. 2 Enterp. 3

  7. Policy Weaving for Mobile Devices Developer App Store • We leverage the app store gatekeeper by installing a mobile code weaver there • Each client can upload a policy • Weaver builds custom app for each client Bytecode Weaver Manifest Enterp. 1 Binary Resources Enterp. 2 Enterp. 3

  8. Policy Weaving for Mobile Devices Developer App Store • We leverage the app store gatekeeper by installing a mobile code weaver there • Enterprises can each upload a policy • Weaver builds custom app for each client Bytecode App Weaver Manifest Woven App Woven App Woven App Enterp. 1 Binary Resources Policy Is mobile weaving feasible? Enterp. 2 Policy Enterp. 3 Policy

  9. Aurasium • Simple, stateless policies • IP filtering • Outgoing SMS blocking • Implemented at system call boundary • Standalone policy is added to package • System calls are re-routed through a native library • Classic reference monitor • Instrumentation is interesting App Code Kernel Policy Bytecode Native Lib

  10. Aurasium: Implementation Android App (.apk zip file) App • Unzip the apk file • Add .so to package (trivial) • Disassemble the bytecode using open source tools • Add policy bytecode • Rewrite manifest to enter Aurasium component bytecode Apktool XML Manifest Native Resources Aurasium Policy Class Aurasium Native Library Aurasium Component Declaration High level details are the same for Android and Windows Phone

  11. Mobile Weaver Architecture App EnterprisePolicy • Developer uploads a single app • Enterprise uploads a single policy • Weaver generator instantiates the correct weaver • C# Weaver for Windows Phone based on Cecil Instrumentation framework • Java Weaver for Android based on apktool • Insert bytecodeinto the app to conform to policy automaton Weaver Generator C# Cecil Weaver Java apktool Weaver

  12. Example Policies • Apps can write to storage, but they must clear storage upon being placed in the background • Instrumentation of Android callbacks such as when the application is removed from the foreground • Use Cases: credit card reader apps, barcode scanners • Location data may be read, but it must not reach the network • Use cases: navigation, location-based advertising • Leverage the remarkably similar permissions models of Windows Phone and Android to break connections from location-reading sources and network facing sinks

  13. Key Insights • Need rich, tailored policies to protect users at install time • Allow bytecode weaving instead of system call interposition • High-level, cross-platform policies

  14. Status • Analysis framework that can statically check simple policies • Uses Cecil for Windows Phone • Uses apktool for Android • Stay tuned for more developments

  15. Thanks! • Questions?

  16. Backup Slides

  17. Mobile Architecture Application Code Runtime Framework • Application code relies on runtime framework • Framework calls reach kernel via small set of native libraries Manifest Runtime API (Java) Entry Java Native Interface (JNI) Bytecode Native Lib Runtime API (C++) Native Libraries libc libm … Kernel

  18. Aurasium Interposition In Depth Application Code Android Application Framework • Application code relies on runtime framework • Framework calls reach kernel via small set of native libraries • Overwrite the GOT with entries in a native library Manifest Policy Runtime API (Java) Entry Java Native Interface (JNI) Bytecode Global Offset Table Runtime API (C++) Native Libraries Native Lib libc libm … Linux Kernel

  19. Personal Use Statisitics • ~ 41% of US adults own a smartphone, 71% of adults 21 - 34[Pew, February 2012] • Smartphones are personal • 91% of users are within 3 feet of their smartphone 24 hours a day [Morgan Stanley, 2011] • Average time on smartphone using apps: 57 minutes [O2, June 2012]

More Related