Android Security

Recommendations

Info

Mobile Security Attack Surface • Threat models for mobiles consider three main vectors: - Rogue applications (malware) - Sandbox applications App Security - Enforce Strong Permissions - Harden OS Component Security - Drive-By/Targetted REMOTE - Code Injection via some malicious file format - Rogue user (device theft, or unauthorized root) - Lock Screen - Secure Boot Process - Encrypt User Data Device Security
Mobile Security Trusted app may be compromised as well Subverted Trusted App Attack Vectors (simplified) HTML/Plugin/MIME/etc Malformed SMS/MMS Any App Arbitrary Code Execution User carelessness Abuse system call Permission mistake Framework vulnerability Get system 3 rd party daemon Insecure, root Get root Linux kernel APIs Unfettered access system_server runs all services in same address space! Kernel Code Exec Get Personal Data As of L, SELinux in Enforcing Mode provides another layer of protection Defeat SELinux (C) 2016 Jonathan Levin & Technologeeks.com - Share freely, but please cite source! Total Compromise
Page 1 and 2: Android Security: Same-ol’, Same-
Page 3: Android Internals::about “Android
Page 7 and 8: Local Attacks (rogue app, malware)
Page 9 and 10: Android Security A little history (
Page 11 and 12: Android Security Android Applicatio
Page 13 and 14: Android Security Android Code Bases
Page 15 and 16: Android Security Updates (or lack t
Page 17 and 18: Code Injection Prelude: Vectors for
Page 19 and 20: Counter- CounterMeasures for Code I
Page 21 and 22: Top 3 Risks Top 3 risks - #3: File
Page 23 and 24: Top 3 Risks Top 3 risks - #2: Binde
Page 25 and 26: Top 3 Risks Top 3 risks - #1: Linux
Page 27 and 28: Untrustworthy TrustZone Android & T
Page 29 and 30: Untrustworthy TrustZone Android Vul
Page 31 and 32: So, overall.. • Sad Truth: Androi

Android Security

Create successful ePaper yourself

Delete template?

Save as template?