guard your android
TRANSCRIPT
![Page 1: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/1.jpg)
Stay Hungry, Stay Foolish!Stay Alert, Stay Safe!
Om Shanti
![Page 2: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/2.jpg)
Aboutme.apk
A Student and a Learner! Always! :P
Harsh Dattani GDG Baroda
![Page 3: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/3.jpg)
We all know!
● Fastest Growing Mobile Operating System● 1.5 billion downloads a month and growing● Millions of Devices running this Operating
System● Easy (Are you sure?) to Develop Applications● Open Source!
![Page 4: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/4.jpg)
What we Don’t know!
● It’s easy to create malware and target Android.
● Even “seem like trusty” app can be malicious.
● It’s not that our data, but friend’s data is also important!
![Page 5: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/5.jpg)
Important Security Terms!
● Assets● Vulnerabilities● Attack Vectors● Threats● Proactive Measures● Counter Measures● Patches● Malware
![Page 6: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/6.jpg)
Some Famous Android Malware
● Fake Opera Browser● Fake Angry Bird Space● Droid Dream Malware● Blackmart● Cracked Apks● Battery Savers● And More...!
![Page 7: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/7.jpg)
Unix Security Policy
1. Process Isolation2. Hardware Isolation3. User Permission Model4. R/W/X Permissions to file5. Secure IPC
![Page 8: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/8.jpg)
Application Installation
![Page 9: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/9.jpg)
Android Security Policy
1. Application Isolation2. Sandbox of Application3. Secure Communication4. Signing the Application5. Permission model of Application
![Page 10: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/10.jpg)
Virtualization
![Page 11: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/11.jpg)
Application Isolation
● Each application has own GID/UID.
● System apps also have own GID/UID.
● Based on UNIX Security Model.
![Page 12: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/12.jpg)
Permission Policy (Default)
● No app can Write other app data.● But can Read data, with due permission● Connect to network● Cannot Use Peripherals● Cannot Use System APIs to Read/Send
SMS, Call..● Cannot Load App on System Start
![Page 13: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/13.jpg)
Darwin’s Theory!
![Page 14: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/14.jpg)
Dalvik → ART
![Page 15: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/15.jpg)
1.0 → 6.0
![Page 16: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/16.jpg)
Less Secure → More Less Secure
![Page 17: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/17.jpg)
Some Steps!
1. Select popular application. 2. Reverse Engineer it.
a. Dex2jarb. Apktoolc. Smali/Baksmali and many more..
3. Inject malicious code.4. Distribute the app. (With new Certi)
![Page 18: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/18.jpg)
Root?
![Page 19: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/19.jpg)
But it’s not Free!
![Page 20: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/20.jpg)
Dangers of Root!
● Isolation is gone!
● We have unknown code (Custom ROM)
● Permission Exploits
● Privacy! (Major)
![Page 21: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/21.jpg)
Exploitation Frameworks
● AFE● Santoku● MSFvemon● Androguard● APKTool● Dex2Jar
![Page 22: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/22.jpg)
Security Checklist?
![Page 23: Guard your Android](https://reader031.vdocuments.us/reader031/viewer/2022022201/589b4a7d1a28ab4a398b574d/html5/thumbnails/23.jpg)
JQuery?