mobile security
play

Mobile Security Srdjan Matic < srdjan@security.di.unimi.it > - PowerPoint PPT Presentation

Oct 15, 2022 •1.1k likes •1.69k views

Universit` a degli Studi di Milano Facolt` a di Scienze e Tecnologie Dipartimento di Informatica Mobile Security Srdjan Matic < srdjan@security.di.unimi.it > Aristide Fattori < aristide@security.di.unimi.it > A.A. 20132014

  1. Universit` a degli Studi di Milano Facolt` a di Scienze e Tecnologie Dipartimento di Informatica Mobile Security Srdjan Matic < srdjan@security.di.unimi.it > Aristide Fattori < aristide@security.di.unimi.it > A.A. 2013–2014

  2. McAfee Q2 2013 Threat Report for Mobile Malware Threats Source: McAfee Threats Report: Second Quarter 2013 Srdjan Matic, Aristide Fattori Mobile Security 2 / 36 A.A. 2013–2014

  3. McAfee Q2 2013 Threat Report for Mobile Malware Threats 1 Banking malware 2 (Fake) adult entertainment and dating apps 3 Weaponized legitimate apps that steal user data 4 Fake app installers that actually install spyware Source: McAfee Threats Report: Second Quarter 2013 Srdjan Matic, Aristide Fattori Mobile Security 2 / 36 A.A. 2013–2014

  4. Android Malware: the Rise Why? Srdjan Matic, Aristide Fattori Mobile Security 3 / 36 A.A. 2013–2014

  5. Android Malware: the Rise The rise of Android malware is due to many factors Widely adopted on heterogeneous devices Producers push patches/updates slowly Operators’ and Producers’ customizations (often closed-source) Rooted devices, jailbreaks Several custom ROMS: CyanogenMod, MIUI, Custom kernels, modems A number of interesting information on a phone Few (or none) barriers in official markets Unofficial markets without control Srdjan Matic, Aristide Fattori Mobile Security 3 / 36 A.A. 2013–2014

  6. Android Malware: the Rise Version Codename Dist. 1.6 Donut 0.2% 2.1 Eclair 1.9% 2.2 Froyo 7.5% 2.3 - 2.3.7 Gingerbread 44.1% 3.1 - 3.2 Honeycomb 1.2% 4.0.3 - 4.0.4 ICS 28.6% 4.1 Jelly Bean 16.5% Source: Android Developers (Mar. ’13) Srdjan Matic, Aristide Fattori Mobile Security 3 / 36 A.A. 2013–2014

  7. Android Malware: the Rise Version Codename Dist. 2.2 Froyo 1.6% 2.3 - 2.3.7 Gingerbread 24.1% 3.2 Honeycomb 0.1% 4.0.3 - 4.0.4 ICS 18.6% 4.1 - 4.3 Jelly Bean 54.5% 4.4 KitKat 1.1% Source: Android Developers (Dec. ’13) Srdjan Matic, Aristide Fattori Mobile Security 3 / 36 A.A. 2013–2014

  8. Information and Resources on a Phone Personal information : SMS, contacts, mails, . . . Espionage : intercepting calls, SMSs, location, . . . Access to enterprise networks Money : sending SMS to premium-rate numbers Money : many phones have direct access to CC SPAM : phone ⇒ perfect spambot Srdjan Matic, Aristide Fattori Mobile Security 4 / 36 A.A. 2013–2014

  9. Background

  10. Dalvik and Zygote Dalvik Android Applications are coded in Java and interpreted by a custom VM, the DVM Zygote Every App has its own DVM instance, spawned by a Zygote process from where it inherits resources Native Code Native (ARM) code may be executed by an App through JNI or natively (NDK) Srdjan Matic, Aristide Fattori Mobile Security 6 / 36 A.A. 2013–2014

  11. Dalvik and Zygote Dalvik Android Applications are coded in Java and interpreted by a custom VM, the DVM Zygote Every App has its own DVM instance, spawned by a Zygote process from where it inherits resources All running on top of a Linux OS Native Code Native (ARM) code may be executed by an App through JNI or natively (NDK) Srdjan Matic, Aristide Fattori Mobile Security 6 / 36 A.A. 2013–2014

  12. Security Model No application, by default, has permission to perform any operations that would adversely impact other applications, the operating system, or the user Srdjan Matic, Aristide Fattori Mobile Security 7 / 36 A.A. 2013–2014

  13. Security Model No application, by default, has permission to perform any operations that would adversely impact other applications, the operating system, or the user Sandboxing Every App has its own UID/GID, used to enforce system-wide DAC Permissions To be granted a permission, App must explicitly request it (e.g., send an SMS, place a call) Srdjan Matic, Aristide Fattori Mobile Security 7 / 36 A.A. 2013–2014

  14. Security Model No application, by default, has permission to perform any operations that would adversely impact other applications, the operating system, or the user Sandboxing Every App has its own UID/GID, used to enforce system-wide DAC Permissions To be granted a permission, App must explicitly request it (e.g., send an SMS, place a call) All types of applications—Java, native, and hybrid—are sandboxed in the same way and have the same degree of security from each other. Srdjan Matic, Aristide Fattori Mobile Security 7 / 36 A.A. 2013–2014

  15. Android Apps Internals Components Activity Service • Runs in the background • Provides a screen with like Unix Dæmons; which users can interact; • e.g., async network • e.g., write a text, view operations, receiving data; a map, send an email. Receiver Content Provider • Listen (and respond) • define a storage-agnostic to broadcast events from abstraction to transparently the system; access data; • e.g., receive a SMS, • enforce access control; incoming calls; Srdjan Matic, Aristide Fattori Mobile Security 8 / 36 A.A. 2013–2014

  16. Intents “An abstract representation of an operation to be performed” Three main components are activated by intents. Intents have different meaning/purpose depending on the recipient. Intent Meaning per Recipient Activity: an action that must be performed (e.g., to send an e-mail, an App will broadcast the corresponding intent; the email activity will therefore be executed) Service: similar to activity Receiver: a container for received data. Srdjan Matic, Aristide Fattori Mobile Security 9 / 36 A.A. 2013–2014

  17. Manifest File <?xml version ="1.0" encoding ="utf -8"?> <manifest xmlns:android="http :// schemas.android.com /[...]" package="test. AndroidSMS" android: versionCode ="1" android: versionName ="1.0"> <uses - permission android:name="[...]. RECEIVE_SMS " /> <uses - permission android:name="[...]. SEND_SMS" /> <uses - permission android:name="[...]. INTERNET" /> <application android:label="@string/app_name" > <receiver android:name=". SMSReceiver "> <intent -filter > <action android:name="[...]. Telephony. SMS_RECEIVED " /> </intent -filter > </receiver > </ application > Srdjan Matic, Aristide Fattori Mobile Security 10 / 36 A.A. 2013–2014

  18. Manifest File <?xml version ="1.0" encoding ="utf -8"?> <manifest xmlns:android="http :// schemas.android.com /[...]" package="test. AndroidSMS" android: versionCode ="1" android: versionName ="1.0"> <uses - permission android:name="[...]. RECEIVE_SMS " /> <uses - permission android:name="[...]. SEND_SMS" /> <uses - permission android:name="[...]. INTERNET" /> <application android:label="@string/app_name" > <receiver android:name=". SMSReceiver "> <intent -filter > <action android:name="[...]. Telephony. SMS_RECEIVED " /> </intent -filter > </receiver > </ application > Srdjan Matic, Aristide Fattori Mobile Security 10 / 36 A.A. 2013–2014

  19. Manifest File <?xml version ="1.0" encoding ="utf -8"?> <manifest xmlns:android="http :// schemas.android.com /[...]" package="test. AndroidSMS" android: versionCode ="1" android: versionName ="1.0"> <uses - permission android:name="[...]. RECEIVE_SMS " /> <uses - permission android:name="[...]. SEND_SMS" /> <uses - permission android:name="[...]. INTERNET" /> <application android:label="@string/app_name" > <receiver android:name=". SMSReceiver "> <intent -filter > <action android:name="[...]. Telephony. SMS_RECEIVED " /> </intent -filter > </receiver > </ application > Srdjan Matic, Aristide Fattori Mobile Security 10 / 36 A.A. 2013–2014

  20. Binder IPC/RPC The Binder protocol allows fast inter-process communication between Apps or between Apps and the system. It also allows Apps to invoke other components’ functions (e.g., to place a call or to send a SMS). AIDL The Android Interface Definition Language is used to define which methods of a service can be invoked remotely, among with their parameters. AIDL specifications for Android’s core services are available online. Srdjan Matic, Aristide Fattori Mobile Security 11 / 36 A.A. 2013–2014

  21. Binder Low-level perspective Binder Driver The Binder core is implemented as a device driver. User-space processes (Apps) can interact with the driver through the /dev/binder virtual device. ioctl ioctls are used to by Apps to interact with the Binder . Each ioctl takes as argument a command and a data buffer. BINDER WRITE READ Allows data to be sent/received among Apps. Srdjan Matic, Aristide Fattori Mobile Security 12 / 36 A.A. 2013–2014

  22. Android Malware Dissecting Android Malware: Characterization and Evolution http://www.csc.ncsu.edu/faculty/jiang/pubs/OAKLAND12.pdf

  23. Infection vectors Repackaged apps Most used infection vector so far locate and download popular apps disassemble and embed malicious payload reassemble and resubmit Often mixed with update attacks Other means Drive by Spyware Trojans . . . Srdjan Matic, Aristide Fattori Mobile Security 14 / 36 A.A. 2013–2014

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Mobile Security Issues Introduction So many cool mobile apps Access to web, personal information, social media, etc

1.05k views • 55 slides
What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017

What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017

What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017 Dan S. Wallach , Rice University tl;dr The computers inside the computer Every chip has one or more CPUs inside; they have exploitable bugs

1.23k views • 87 slides
Latest Trends in Mobile Security By M K Chaithanya C-DAC Hyderabad Outline Introduction

Latest Trends in Mobile Security By M K Chaithanya C-DAC Hyderabad Outline Introduction

Latest Trends in Mobile Security By M K Chaithanya C-DAC Hyderabad Outline Introduction Statistics of Mobile Usage Current State of Mobile Security Recent Attacks Various Mobile Threats Security &amp; Privacy

1.03k views • 57 slides
Mobile network security issues A very short overview of some mobile security issues.

Mobile network security issues A very short overview of some mobile security issues.

Mobile network security issues A very short overview of some mobile security issues. Mobile access is expected to become the main access method. Services and mobile commerce (mCommerce) are expected to become a major business.

818 views • 20 slides
CS 528 Mobile and Ubiquitous Computing Lecture 9a: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 9a: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 9a: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Announcement Course Evaluations Now online Will be available from Friday, Dec 7 Will also allow students to do

864 views • 50 slides
Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security

Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security

CS 155 Spring 2018 Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security Introduction: platforms and trends Threat categories Physical, platform malware, malicious apps Defense

1.17k views • 93 slides
Mobile Device and Platform Security John Mitchell Two lectures on mobile security Introduction:

Mobile Device and Platform Security John Mitchell Two lectures on mobile security Introduction:

Spring 2018 CS 155 Mobile Device and Platform Security John Mitchell Two lectures on mobile security Introduction: platforms and trends Threat categories n Physical, platform malware, malicious apps Defense against physical theft Thurs

1.28k views • 64 slides
Mobile Communications Mobile Communications Confidentiality Security No access to information

Mobile Communications Mobile Communications Confidentiality Security No access to information

Security Requirements Authorization Which objects are accessible by whom? Authentication Reliable identification of users identity . Mobile Communications Mobile Communications Confidentiality Security No access to information for

577 views • 11 slides
Mobile security: Tips and tricks for securing your iPhone, Android and other mobile devices

Mobile security: Tips and tricks for securing your iPhone, Android and other mobile devices

Mobile security: Tips and tricks for securing your iPhone, Android and other mobile devices Presented by Michael Harris [MS, CISSP, WAPT] Systems Security Analyst University of Missouri Overview What data needs to be protected, what

407 views • 18 slides
CS 528 Mobile and Ubiquitous Computing Lecture 11b: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11b: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11b: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Authentication using Biometrics Biometrics Passwords tough to remember, manage Many users have simple passwords (e.g.

506 views • 34 slides
CS 528 Mobile and Ubiquitous Computing Lecture 9b: Mobile Security and Mobile Measurements

CS 528 Mobile and Ubiquitous Computing Lecture 9b: Mobile Security and Mobile Measurements

CS 528 Mobile and Ubiquitous Computing Lecture 9b: Mobile Security and Mobile Measurements Emmanuel Agu Authentication using Biometrics Biometrics Passwords tough to remember, manage Many users have simple passwords (e.g. 1234) or do

827 views • 54 slides
CS 528 Mobile and Ubiquitous Computing Lecture 10b: Mobile Security and Mobile Measurements

CS 528 Mobile and Ubiquitous Computing Lecture 10b: Mobile Security and Mobile Measurements

CS 528 Mobile and Ubiquitous Computing Lecture 10b: Mobile Security and Mobile Measurements Emmanuel Agu Authentication using Biometrics Biometrics Passwords tough to remember, manage Many users have simple passwords (e.g. 1234) or do

780 views • 54 slides
Mobile and Ubiquitous Computing on Smartphones Lecture 10b: Mobile Security and Mobile Software

Mobile and Ubiquitous Computing on Smartphones Lecture 10b: Mobile Security and Mobile Software

Mobile and Ubiquitous Computing on Smartphones Lecture 10b: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Authentication using Biometrics Biometrics Passwords tough to remember, manage Many users have simple passwords

520 views • 38 slides
CSE 543 - Computer Security Lecture 26 - Mobile phone security December 11, 2007 URL:

CSE 543 - Computer Security Lecture 26 - Mobile phone security December 11, 2007 URL:

CSE 543 - Computer Security Lecture 26 - Mobile phone security December 11, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger 1 Mobile Phones Networked device

302 views • 11 slides
Steroids For Your App Security Assessment Marco Grassi Mobile Security Researcher ~ whoami

Steroids For Your App Security Assessment Marco Grassi Mobile Security Researcher ~ whoami

Steroids For Your App Security Assessment Marco Grassi Mobile Security Researcher ~ whoami R&amp;D Team Member @ viaForensics I work mainly on Android/iOS The Problem We want to trace the code in mobile applications that we

632 views • 48 slides
Mobile Communications Mobile Communications Security Types of Attacks 802.11 Security

Mobile Communications Mobile Communications Security Types of Attacks 802.11 Security

Mobile Communications Mobile Communications Security Types of Attacks 802.11 Security Access Control Lists Access Control Lists GSM Security GSM Security WEP Authentication WPA/WPA2 Encryption 802.1X/EAP

409 views • 15 slides
Android Multilib Build Cheat Sheet Presented by Amit Pundir twitter: pundiramit irc: pundir at

Android Multilib Build Cheat Sheet Presented by Amit Pundir twitter: pundiramit irc: pundir at

Android Multilib Build Cheat Sheet Presented by Amit Pundir twitter: pundiramit irc: pundir at #linaro-android (freenode) Date Monday, 23rd March 2015 Android Builders Summit Android Multilib Build Cheat Sheet AOSP build configurations

773 views • 26 slides
Are Humans Ready? Andrew Tsonchev, Director of Technology, Darktrace Industrial YOUR COMPUTER HAS

Are Humans Ready? Andrew Tsonchev, Director of Technology, Darktrace Industrial YOUR COMPUTER HAS

AI-Based Autonomous Response: Are Humans Ready? Andrew Tsonchev, Director of Technology, Darktrace Industrial YOUR COMPUTER HAS BEEN LOCKED This operating system is locked due to the violation of the federal laws of the United States of

1.05k views • 14 slides
Using Technology to Engage Families Wednesday, May 16, 2018 1:15 pm -2:30 pm Smithsonian Early

Using Technology to Engage Families Wednesday, May 16, 2018 1:15 pm -2:30 pm Smithsonian Early

Digital Distractions: Using Technology to Engage Families Wednesday, May 16, 2018 1:15 pm -2:30 pm Smithsonian Early Enrichment Center Tamara Kaldor Associate Director TEC Center at Erikson Institute Alexandra Pafilis Director of Early

755 views • 52 slides
Green public procurement in the municipality of Copenhagen Betina Bergmann Madsen Senior

Green public procurement in the municipality of Copenhagen Betina Bergmann Madsen Senior

Green public procurement in the municipality of Copenhagen Green public procurement in the municipality of Copenhagen Betina Bergmann Madsen Senior Consultant Department for Facilities and food Eating City Summer Campus Betina Bergmann

287 views • 26 slides
Cheating Platform on Android Milan Gabor &amp; Danijel Grah / W hoAreW e &gt; Just two guys

Cheating Platform on Android Milan Gabor &amp; Danijel Grah / W hoAreW e &gt; Just two guys

Creating a kewl and simple Cheating Platform on Android Milan Gabor &amp; Danijel Grah / W hoAreW e &gt; Just two guys from Slovenia &gt; Having fun breaking stuff &gt; Love to play with apps &gt; BSidesLV, DEF CON W all of Sheep,

786 views • 44 slides
Automatic Differentiation for Computational Engineering Kailai Xu and Eric Darve CME 216 AD 1

Automatic Differentiation for Computational Engineering Kailai Xu and Eric Darve CME 216 AD 1

Automatic Differentiation for Computational Engineering Kailai Xu and Eric Darve CME 216 AD 1 / 47 Outline Overview 1 Computational Graph 2 Forward Mode 3 Reverse Mode 4 AD for Physical Simulation 5 AD Through Implicit Operators 6

809 views • 51 slides
How applications are run on Android ? Jean-Loup Bogalho &amp; Jrmy Lefaure

How applications are run on Android ? Jean-Loup Bogalho &amp; Jrmy Lefaure

How applications are run on Android ? Jean-Loup Bogalho &amp; Jrmy Lefaure clippix@lse.epita.fr blatinox@lse.epita.fr Table of contents 1. Dalvik and ART 2. Executable files 3. Memory management 4. Compilation What is Dalvik ?

709 views • 44 slides
Intro to Multithreading Ryan Eberhardt and Armin Namavari May 5, 2020 Class logistics Fill out

Intro to Multithreading Ryan Eberhardt and Armin Namavari May 5, 2020 Class logistics Fill out

Intro to Multithreading Ryan Eberhardt and Armin Namavari May 5, 2020 Class logistics Fill out weekly survey by Wednesday night First project (mini GDB) is out Youll be free to work with a partner! Well have some way for you

699 views • 36 slides

More recommend