E N D
1. Vulnerability Studyof the Android Ryan Selley, Swapnil Shinde, Michael Tanner, Madhura Tipnis, Colin Vinson
(Group 8)
2.
3. Overview Architecture of the Android
Scope of Vulnerabilities for the Android
Known Vulnerabilities for the Android
General Vulnerabilities of Mobile Devices
Organizations Supporting the Android
4. Architecture It is a software stack which performs several OS functions.
The Linux kernel is the base of the software stack.
Core Java libraries are on the same level as other libraries.
The virtual machine called the Dalvik Virtual Machine is on this layer as well.
The application framework is the next level.
6. Parts of Applications ActivityAn activity is needed to create a screen for a user application.
IntentsIntents are used to transfer control from one activity to another.
ServicesIt doesn't need a user interface. It continues running in the background with other processes run in the foreground.
7. Content Provider
8. Security Architecture - Overview Question - Have you ever thought of how security is implemented in OS?
2 levels
Describe figure and MAC model
Question - Have you ever thought of how security is implemented in OS?
2 levels
Describe figure and MAC model
9. Scope of Vulnerabilities Refinements to MAC Model
Delegation
Public and Private Components
Provision - No Security Access to Public Elements
Permission Granting Using User's Confirmation
Solutions ???
Precautions by Developers
Special Tools for Users
10. Known Vulnerabilities Image Vulnerablities
GIF
PNG
BMP
Web Browser
11. GIF Image Vulnerability Decode function uses logical screen width and height to allocate heap
Data is calculated using actual screen width and height
Can overflow the heap buffer allowing hacker can allow a hacker to control the phone
12. PNG Image Vulnerability Uses an old libpng file
This file can allow hackers to cause a Denial of Service (crash)
13. BMP Image Vulnerability Negative offset integer overflow
Offset field in the image header used to allocate a palette
With a negative value carefully chosen you can overwrite the address of a process redirecting flow
14. Web Browser Vulnerability Vulnerability is in the multimedia subsystem made by PacketVideo
Due to insufficient boundary checking when playing back an MP3 file, it is possible to corrupt the process's heap and execute arbitrary code on the device
Can allow a hacker to see data saved on the phone by the web browser and to peek at ongoing traffic
Confined to the "sandbox"
15. General Mobile Phone Vulnerabilities GSM
SMS
MMS
CDMA
Bluetooth
Wireless vulnerabilities
16. GSM Vulnerabilities GSM
Largest Mobile network in the world
3.8 billion phones on network
David Hulton and Steve Muller
Developed method to quickly crack GSM encryption
Can crack encryption in under 30 seconds
Allows for undetectable evesdropping
Similar exploits available for CDMA phones
17. SMS Vulnerabilities SMS
Short Messaging System
Very commonly used protocol
Used to send "Text Messages"
GSM uses 2 signal bands, 1 for "control", the other for "data".
SMS operates entirely on the "control" band.
High volume text messaging can disable the "control" band, which also disables voice calls.
Can render entire city 911 services unresponsive.
18. MMS Vulnerabilities MMS
Unsecure data protocol for GSM
Extends SMS, allows for WAP connectivity
Exploit of MMS can drain battery 22x faster
Multiple UDP requests are sent concurrently, draining the battery as it responds to request
Does not expose data
Does make phone useless
19. Bluetooth Vulnerabilities Bluetooth
Short range wireless communication protocol
Used in many personal electronic devices
Requires no authentication
An attack, if close enough, could take over Bluetooth device.
Attack would have access to all data on the Bluetooth enabled device
Practice known as bluesnarfing
20. Organizations Supporting Android Google
Open Handset Alliance
3rd Parties (ex: Mocana)
Users
Hackers
21. Organizations Supporting Android
22. Open Handset Alliance
23. Open Handset Alliance Objective:
To build a better mobile phone to enrich
the lives of countless people across the globe.
24. 3rd Party Partners Mocana -- NanoPhone
Secure Web Browser
VPN
FIPS Encryption
Virus & Malware Protection
Secure Firmware Updating
Robust Certificate Authentication
25. Hackers for Android Hackers make Android stronger
White hats want to plug holes
Example
Browser Threat reported by Independent Security Evaluators
Jailbreak hole fixed by Google over-the-air
26. Conclusion Android is New & Evolving
Openness of Android
Good in the long-run
Strong Community
Robust Architecture
Powerful Computing Platform