Download Presentation - Embedded System Lab.

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
Document related concepts
no text concepts found
Transcript 
MobiSys '11 Proceedings of the 9th international conference
on Mobile systems, applications, and services
2015. 4. 28
박종혁
[email protected]
컴퓨터 보안 및 운영체제 연구실
Contents
 Introduction
 Android Overview
 Intent-Based Attack Surface
 Comdroid
 Evaluation
 Conclusion
 References
Computer Security & OS Lab.
2
Introduction
 Android’s message passing system Can become an
attack surface if used incorrectly
 Intent
 Intents can be used for both intra and inter Application
communication
 Comdroid
 A tool analyzes Android applications to detect potential instance of
vulnerabilities
 Personal data loss, corruption, phishing
Computer Security & OS Lab.
3
Android Overview
 Android’s security model differs significantly from the standard
desktop security model
 The Complexity of Android’s message passing system implies it
has the largest attack surface
 This paper do not consider attacks on the OS
 Just focus on securing applications from each other
Computer Security & OS Lab.
4
Android Overview
 Intents
 Provides a sophisticated message passing system
 System broadcast Intents
• Only can be sent by the OS
Intent
Intent
Start Activity()
Activity A
1
Computer Security & OS Lab.
OnCreate()
Android
System
2
Activity B
3
5
Android Overview
 Kind of Intent
 Explicit Intent
• specifies that it should be delivered to a particular application specified by the
Intent
Intent B
Activity B
Intent C
Activity C
Activity A
 Implicit Intent
Intent Filter
• requests delivery to any application that supports a desired operation.
Filter through Action
Intent B
Intent B Activity B
Intent C
Activity F
Activity A
Computer Security & OS Lab.
Intent Filter
6
Android Overview
 Activity
 Display on screen
 Service
 Background process
 Broadcast Receiver
 Asynchronous event notification
 Broadcast Intent
• Normal, Ordered, Sticky
 Content Provider
 Share data between applications
 Use URI (Uniform Resource Identifier)
Computer Security & OS Lab.
7
Android Overview
A sender can assign any action, type, or category
Computer Security & OS Lab.
8
Android Overview
 Component Declaration
 AndroidManifest.xml
 To receive Intents
• Service and Activity must be declared in the manifest
• Broadcast Receivers can be declared at runtime or in the manifest
 Exported Components
 EXPORTED flag (in AndroidManifest.xml)
 Includes at least one Intent filter
 Intent filter
• Action, category, data, extra data…
Computer Security & OS Lab.
9
Android Overview
 Permission
 Normal
• permissions are granted automatically.
 Dangerous
• permissions can be granted by the user during installation.
 Signature
• permissions are only granted if the requesting application is signed by the same
developer that defined the permission.
 SignatureOrSystem
• m permissions are granted if the application meets the Signature requirement or if
the application is installed in the system applications folder.
Computer Security & OS Lab.
10
INTENT-BASED ATTACK SURFACES
 Broadcast Theft
 A malicious Broadcast Receiver
• could eavesdrop on all public broadcasts from all applications
• by creating an Intent filter that lists all possible actions, data, and
categories.Dangerous
Computer Security & OS Lab.
11
INTENT-BASED ATTACK SURFACES
 Activity Hijacking
 a malicious Activity is launched in place of the intended Activity.
 the malicious Activity could read the data in the Intent and then immediately relay it
to a legitimate Activity.
 Service Hijacking
 occurs when a malicious Service intercepts an Intent meant for a
legitimate
 initiating application establishes a connection with a malicious Service
instead of the one it wanted.
Computer Security & OS Lab.
12
INTENT-BASED ATTACK SURFACES
 Malicious Broadcast Injection
 If an exported Broadcast Receiver blindly trusts an incoming broadcast Intent
 inappropriate action or operate on malicious data from the broadcast Intent.
 Malicious Activity Launch
 Exported Activities can be launched by other applications with either explicit or
implicit
 Malicious Service Launch
 If a Service is exported and not protected with strong permissions
 then any application can start and bind to the Service
Computer Security & OS Lab.
13
Computer Security & OS Lab.
14
ComDroid
 Disassemble application DEX files using Dedexer tool
 Parses the disassembled output and logs potential component
and Intent vulnerabilities
Computer Security & OS Lab.
15
ComDroid
 Permission
 Normal and Dangerous
 Intent Analysis
 Intents, IntentFilters, registers, sinks (e.g., sendBroadcast(), startActivi
ty(), etc.) and components
 Component Analysis
 Public or not?
 Main, launching Activity is public but is less likely to be attackable
 With data / without data
Computer Security & OS Lab.
16
Evaluation
 Automated Analysis
• False negatives
 Pending Intent
• Future work
Computer Security & OS Lab.
17
Evaluation
 Automated Analysis
 Do not distinguish between paths through if and switch statements
Computer Security & OS Lab.
18
Evaluation
 Manual Analysis
Computer Security & OS Lab.
19
Related documents
Role of Development Marketing Intent in Corporate Social Responsibility:An Exploratory Investigation in the Indian Context
Role of Development Marketing Intent in Corporate Social Responsibility:An Exploratory Investigation in the Indian Context
When Intent Does Not Match Outcome - Esi
When Intent Does Not Match Outcome - Esi
Slides - William Enck
Slides - William Enck
Document 7993884
Document 7993884
Y5274.
Y5274.
Android Middleware
Android Middleware
Interview Questions on Android:
Interview Questions on Android:
[Latest Questions] Latest Android AND
[Latest Questions] Latest Android AND
Web Services and SOA
Web Services and SOA
ZomDroid Using Intents to Transfer Data Between Activities
ZomDroid Using Intents to Transfer Data Between Activities
Broadcast Receiver - Mobile Computing Systems
Broadcast Receiver - Mobile Computing Systems
Intent - Mobile Computing Systems
Intent - Mobile Computing Systems
Service Oriented Architecture
Service Oriented Architecture
Passing Data Between Activities
Passing Data Between Activities
An SELinux-based Intent manager for Android
An SELinux-based Intent manager for Android
New Projects by Tekfen Construction
New Projects by Tekfen Construction
the secret handbook of purchase intent
the secret handbook of purchase intent
Attacking mTAN-Applications like e-Banking and mobile
Attacking mTAN-Applications like e-Banking and mobile
The Use of Intent Scale Translations to Predict Purchase
The Use of Intent Scale Translations to Predict Purchase