security analysis of android for work
play

Security Analysis of Android for Work Research Project #1 Tom - PowerPoint PPT Presentation

Nov 12, 2023 •13 likes •183 views

Security Analysis of Android for Work Research Project #1 Tom Curran & Ruben de Vries RP1 project presentation, 2016 Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work RP1 project presentation,

  1. Security Analysis of Android for Work Research Project #1 Tom Curran & Ruben de Vries RP1 project presentation, 2016 Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work RP1 project presentation, 2016 1 / 17

  2. What is Android for Work Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work RP1 project presentation, 2016 2 / 17

  3. Why is it interesting? Data separation achieved using separate user profiles Profiles run concurrently Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work RP1 project presentation, 2016 3 / 17

  4. Research Question Is it possible to read data from the work profile using a process started by the personal profile? Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work RP1 project presentation, 2016 4 / 17

  5. Research Question; narrowed down Is it possible to read data from a managed profile from the user profile using the binder? How does Android for Work handle encryption of data? Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work RP1 project presentation, 2016 5 / 17

  6. Findings Data can be read via the Binder Data is encrypted when device is switched off, but not once it is running. Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work RP1 project presentation, 2016 6 / 17

  7. Encryption; Demo [...] Once a device is encrypted, all user-created data is automatically encrypted before committing it to disk and all reads automatically decrypt data before returning it to the calling process. - Android for Work Security White Paper Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work RP1 project presentation, 2016 7 / 17

  8. Root? Root exploits uncovered in the past Towel Root, affecting up to KitKat 4.4.2 (2014) Stagefright 2.0, affects up to Lollipop 5.1 (2015) Rooting Marshmallow 6.0+ Harder but possible SELinux Exploits in Linux kernel e.g. CVE-2016-0728 (2016) Fuzzing Android System Services by Binder, Blackhat 2015 Once you have root, lie about having it All Your Root Checks Are Belong to Us, Blackhat 2015 Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work RP1 project presentation, 2016 8 / 17

  9. Android Version Distribution Figure: Collected over 7-day period ending on 4th January 2016, Google. Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work RP1 project presentation, 2016 9 / 17

  10. Application Sandboxing RP1 project presentation, 2016 10 / Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work 17

  11. Binder IPC RP1 project presentation, 2016 11 / Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work 17

  12. Binder IPC Isolate kernel from user apps All communication between processes passes via the Binder Any data type can be sent Two components: kernel driver and library loaded in applications RP1 project presentation, 2016 12 / Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work 17

  13. Attacking the Binder? 1 Inject code into target service 2 Hook the function writing data to the driver 3 Listen on target service RP1 project presentation, 2016 13 / Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work 17

  14. Attacking Android for Work? Services shared between users Keyboard Phone calls ... Flexible Nothing displayed on UI Subvert file-based encryption from Enterprise apps (e.g. Sophos Mobile Encryption)? RP1 project presentation, 2016 14 / Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work 17

  15. Is it really practical? Number of obstacles to first overcome Gaining root access Bypassing SELinux Avoiding root detection Will never achieve 100% security Layered security Encrypt the traffic Minimize data travelling acrosss Binder RP1 project presentation, 2016 15 / Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work 17

  16. Conclusion Data is not encrypted while device is running Bypassing root detection from MDMs is possible Data flowing through the Binder can be read by other rooted users RP1 project presentation, 2016 16 / Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work 17

  17. Questions? RP1 project presentation, 2016 17 / Tom Curran & Ruben de Vries (University of Amsterdam) Security Analysis of Android for Work 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Security & Pie Android 9.0 & APK Security Plan of Attack Start at the hardware

Security & Pie Android 9.0 & APK Security Plan of Attack Start at the hardware

Security & Pie Android 9.0 & APK Security Plan of Attack Start at the hardware Work up to Android OS Climb into the Play Store Discuss Application (APK) Connor Tumbleson Senior Software Engineer @Sourcetoad

672 views • 56 slides
Runtime verification meets Android security Gil Vegliach Joint work with Andreas Bauer and

Runtime verification meets Android security Gil Vegliach Joint work with Andreas Bauer and

Runtime verification meets Android security Gil Vegliach Joint work with Andreas Bauer and Jan-Christoph K uster Background, what Android is Developed by Android Inc. (acquired by Google in 2005) Open Handset Alliance (founded in 2007)

161 views • 15 slides
Security Enhanced (SE) Android: Bringing Flexible MAC to Android Stephen Smalley and Robert Craig

Security Enhanced (SE) Android: Bringing Flexible MAC to Android Stephen Smalley and Robert Craig

Security Enhanced (SE) Android: Bringing Flexible MAC to Android Stephen Smalley and Robert Craig Trusted Systems Research National Security Agency Motivation Android security relies on Linux DAC. To protect the system from apps. To

480 views • 21 slides
Evaluating the Android Security Key Scheme: An Early Usability, Deployability, Security

Evaluating the Android Security Key Scheme: An Early Usability, Deployability, Security

Evaluating the Android Security Key Scheme: An Early Usability, Deployability, Security Evaluation with Comparative Analysis Robbie MacGregor 5 th Who Are You?! Adventures in Authentication (WAY), Santa Clara, CA, USA, 2019. I did a thing so

132 views • 10 slides
Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the explosive growth of mobile device market and usage, there is an increasing number of malicious mobile applications targeting these devices and

819 views • 44 slides
Security Analysis of Android Factory Resets Laurent Simon lmrs2@cam.ac.uk

Security Analysis of Android Factory Resets Laurent Simon lmrs2@cam.ac.uk

Security Analysis of Android Factory Resets Laurent Simon lmrs2@cam.ac.uk https://www.cl.cam.ac.uk/~lmrs2/ Talk outline Background Methodology Results Practical recovery FR alternatives 21/05/15 Laurent Simon - MoST'15 -

636 views • 27 slides
Android Security & Secure Meta-Markets Alessandro Armando (joint work with G. Costa, A.

Android Security & Secure Meta-Markets Alessandro Armando (joint work with G. Costa, A.

Android Security & Secure Meta-Markets Alessandro Armando (joint work with G. Costa, A. Merlo, and L. Verderame) DIBRIS, U. of Genova & Security and Trust Research Unit, FBK, Trento NeSSoS 2013, Sept. 05, 2013 Alessandro Armando (UNIGE

393 views • 24 slides
BLOWING THE COVER: HANDS-ON ANALYSIS OF HANDCRAFTED ANDROID MALWARE Alex Reshetniak | September

BLOWING THE COVER: HANDS-ON ANALYSIS OF HANDCRAFTED ANDROID MALWARE Alex Reshetniak | September

BLOWING THE COVER: HANDS-ON ANALYSIS OF HANDCRAFTED ANDROID MALWARE Alex Reshetniak | September 26 2018 About Me Senior Security Researcher @ Lookout B.S. in Information Security More than 5 years working in Information Security

663 views • 31 slides
CuriousDroid: Automated User Interface Interaction for Android Application Analysis

CuriousDroid: Automated User Interface Interaction for Android Application Analysis

CuriousDroid: Automated User Interface Interaction for Android Application Analysis Sandboxes Patrick Carter, Collin Mulliner, Martina Lindorfer, William Robertson, Engin Kirda 02/23/2016 Android 2015 Q3 Market Share Android iOS

774 views • 26 slides
Android Customization: From the Kernel to the Apps Hi, I am Cdric, I work for Genymobile as a

Android Customization: From the Kernel to the Apps Hi, I am Cdric, I work for Genymobile as a

Android Customization: From the Kernel to the Apps Hi, I am Cdric, I work for Genymobile as a System Engineer Genymobile is a company specialized in Android. We are based in France (Paris and Lyon) and SF. We develop and customize android

514 views • 40 slides
StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Apps

StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Apps

StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Apps Yury Zhauniarovich, MaqsoodAhmad, Olga Gadyatskaya, Bruno Crispo, Fabio Massacci yury.zhauniarovich, maqsood.ahmad, bruno.crispo,

427 views • 24 slides
Services Android Services A Service is an application component that runs in the background, not

Services Android Services A Service is an application component that runs in the background, not

Lesson 22 Lesson 22 Android Android Services Victor Matos Cleveland State University Cleveland State University Notes are based on: Android Developers http://developer.android.com/index.html Portions of this page are reproduced from work

692 views • 26 slides
Apposcopy: Semantics- Based Detection of Android Malware through Static Analysis By Feng et al

Apposcopy: Semantics- Based Detection of Android Malware through Static Analysis By Feng et al

Apposcopy: Semantics- Based Detection of Android Malware through Static Analysis By Feng et al [FSE 14] Presented by Maaz Ahmad The Malware Problem (Feb, 2015) Motive Security Labs estimates 16 million infected mobile devices. [1]

828 views • 30 slides
The heavy metal that poisoned the droid Tyrone Erasmus Introduction Android Security Model

The heavy metal that poisoned the droid Tyrone Erasmus Introduction Android Security Model

The heavy metal that poisoned the droid Tyrone Erasmus Introduction Android Security Model Static vs. Dynamic analysis Mercury: New framework on the block Finding OEM problems Techniques for malware How do we fix this?

576 views • 56 slides
Scalable and Precise Taint Analysis for Android Wei Huang 12 , Yao Dong 1 , Ana Milanova 1 ,

Scalable and Precise Taint Analysis for Android Wei Huang 12 , Yao Dong 1 , Ana Milanova 1 ,

Scalable and Precise Taint Analysis for Android Wei Huang 12 , Yao Dong 1 , Ana Milanova 1 , Julian Dolby 3 1 Rensselaer Polytechnic Institute 2 Google 3 IBM Research 1 Taint Analysis for Android Tracks flow of private data Controlled at

629 views • 35 slides
Security Enhancements (SE) for Android Stephen Smalley Trusted Systems Research Natjonal

Security Enhancements (SE) for Android Stephen Smalley Trusted Systems Research Natjonal

Security Enhancements (SE) for Android Stephen Smalley Trusted Systems Research Natjonal Security Agency CLASSIFICATION HEADER Agenda Motjvatjon/Background Current State Using SELinux in Android What's Next for SELinux in

762 views • 72 slides
1. Using the information from the previous slide, complete the following table: Number of

1. Using the information from the previous slide, complete the following table: Number of

D AY 83 B USINESS P ROJECT W ORD P ROBLEM Mrs. Smith decided to purchase candy for her whole class as a treat. She bought Smarties and Dum-Dum lollipops as brain food for their next exam. Each bag of Smarties cost $7.00 (including tax).

580 views • 16 slides
Norms Please help us start and end on time Please respect the views of others Please

Norms Please help us start and end on time Please respect the views of others Please

5/3/2015 ESD Regional Workshop Year 2 Workshop 4 Welcome to the Leadership Academy 2 Norms Please help us start and end on time Please respect the views of others Please focus on what is happening here today Please silence

435 views • 7 slides
Presentation Schedule of Oct 2014 Internship as at 22.12.2014 Academic Dept of Academic 9.00-

Presentation Schedule of Oct 2014 Internship as at 22.12.2014 Academic Dept of Academic 9.00-

Presentation Schedule of Oct 2014 Internship as at 22.12.2014 Academic Dept of Academic 9.00- 9.20- 9.40- 10.00- 10.20- 10.40- 11.00- 11.20- 11.40- 12.00- 12.20- 12.40- 1.00- 1.20- 1.40- 2.00- 2.20- 2.40- 3.00- 3.20- 3.40-

638 views • 27 slides
THE UNIVERSITY OF HONG KONG FACULTY OF SOCIAL SCIENCES 2018 ARNOVA-Asia Conference Panel List of

THE UNIVERSITY OF HONG KONG FACULTY OF SOCIAL SCIENCES 2018 ARNOVA-Asia Conference Panel List of

THE UNIVERSITY OF HONG KONG FACULTY OF SOCIAL SCIENCES 2018 ARNOVA-Asia Conference Panel List of Oral Presentation (By Panel) Concurrent Panel Reference Time Theme Venue Moderator Abstract Title Author Co-author(s) Session Session

70 views • 3 slides
Android vs Apple Buyers Guide Tony Trego, Dakota Jamison Terms to know when buying a phone -

Android vs Apple Buyers Guide Tony Trego, Dakota Jamison Terms to know when buying a phone -

Wifi Join: WMCTC Guest Android vs Apple Buyers Guide Tony Trego, Dakota Jamison Terms to know when buying a phone - LTE - Network - Gigabyte (Gb) - Megapixels (MP) - Retina Display - TouchID - Milliamp Hours - iOS - Android

229 views • 5 slides
Project Plan Humana Kids The Capstone Experience Team Humana Ayush Agrawal Yaqeen Almahdi

Project Plan Humana Kids The Capstone Experience Team Humana Ayush Agrawal Yaqeen Almahdi

Project Plan Humana Kids The Capstone Experience Team Humana Ayush Agrawal Yaqeen Almahdi Lisa Doan Michael Hanlon Department of Computer Science and Engineering Michigan State University Spring 2017 From Students to Professionals

351 views • 20 slides
C ENTRAL W EST E ND Community Needs Assessment on Public Infrastructure August 11, 2016 Schlafly

C ENTRAL W EST E ND Community Needs Assessment on Public Infrastructure August 11, 2016 Schlafly

C ENTRAL W EST E ND Community Needs Assessment on Public Infrastructure August 11, 2016 Schlafly Library Tonights Community Meeting 1) CWE Needs Assessment Committee 2) Presentation on Proposed Public Infrastructure Projects 3) Small

354 views • 24 slides
LADIES ADIES FU FUN N DA DAY Theme: Fairytales Lo Lollipop Fai llipop Fairi ries es

LADIES ADIES FU FUN N DA DAY Theme: Fairytales Lo Lollipop Fai llipop Fairi ries es

LADIES ADIES FU FUN N DA DAY Theme: Fairytales Lo Lollipop Fai llipop Fairi ries es

459 views • 15 slides

More recommend