Vulnerability Study of the Android - PowerPoint PPT Presentation

1 / 26
About This Presentation
Title:

Vulnerability Study of the Android

Description:

Vulnerability Study. of the Android ... GIF Image Vulnerability. Decode function uses logical screen width and height to allocate heap ... – PowerPoint PPT presentation

Number of Views:1028
Avg rating:3.0/5.0
Slides: 27
Provided by: Goog399
Category:

less

Transcript and Presenter's Notes

Title: Vulnerability Study of the Android


1
Vulnerability Study of the Android
  • Ryan Selley, Swapnil Shinde, Michael Tanner,
    Madhura Tipnis, Colin Vinson
  • (Group 8)

2
 
3
Overview
  • Architecture of the Android
  • Scope of Vulnerabilities for the Android
  • Known Vulnerabilities for the Android
  • General Vulnerabilities of Mobile Devices
  • Organizations Supporting the Android

4
Architecture
  • It is a software stack which performs several OS
    functions.
  •  
  • The Linux kernel is the base of the software
    stack.  
  •  
  •  Core Java libraries are on the same level as
    other libraries.
  •  
  •  The virtual machine called the Dalvik Virtual
    Machine is on this layer as well.
  • The application framework is the next level.
  •  

5
(No Transcript)
6
Parts of Applications
  • ActivityAn activity is needed to create a screen
    for a user application. 
  •  
  • IntentsIntents are used to transfer control from
    one activity to another.
  •  
  • ServicesIt doesn't need a user interface. It
    continues running in the background with other
    processes run in the foreground.

7
 
  • Content ProviderThis component allows the
    application to share information with other
    applications.

8
Security Architecture - Overview
9
Scope of Vulnerabilities
  • Refinements to MAC Model
  • Delegation
  • Public and Private Components
  • Provision - No Security Access to Public Elements
  • Permission Granting Using User's Confirmation
  •    Solutions ???
  •           Precautions by Developers
  •  Special Tools for Users

10
Known Vulnerabilities
  • Image Vulnerablities
  • GIF
  • PNG
  • BMP
  • Web Browser

11
GIF Image Vulnerability
  • Decode function uses logical screen width and
    height to allocate heap
  • Data is calculated using actual screen width and
    height
  • Can overflow the heap buffer allowing hacker can
    allow a hacker to control the phone

12
PNG Image Vulnerability
  • Uses an old libpng file
  • This file can allow hackers to cause a Denial of
    Service (crash)

13
BMP Image Vulnerability
  • Negative offset integer overflow
  • Offset field in the image header used to allocate
    a palette
  • With a negative value carefully chosen you can
    overwrite the address of a process redirecting
    flow

14
Web Browser Vulnerability
  • Vulnerability is in the multimedia subsystem made
    by PacketVideo
  • Due to insufficient boundary checking when
    playing back an MP3 file, it is possible to
    corrupt the process's heap and execute arbitrary
    code on the device
  • Can allow a hacker to see data saved on the phone
    by the web browser and to peek at ongoing traffic
  • Confined to the "sandbox"

15
General Mobile Phone Vulnerabilities
  • GSM
  • SMS
  • MMS
  • CDMA
  • Bluetooth
  • Wireless vulnerabilities

16
GSM Vulnerabilities
  • GSM
  • Largest Mobile network in the world
  • 3.8 billion phones on network
  • David Hulton and Steve Muller
  • Developed method to quickly crack GSM encryption
  • Can crack encryption in under 30 seconds
  • Allows for undetectable evesdropping
  • Similar exploits available for CDMA phones

17
SMS Vulnerabilities
  • SMS
  • Short Messaging System
  • Very commonly used protocol
  • Used to send "Text Messages"
  • GSM uses 2 signal bands, 1 for "control", the
    other for "data".
  • SMS operates entirely on the "control" band.
  • High volume text messaging can disable the
    "control" band, which also disables voice calls.
  • Can render entire city 911 services unresponsive.

18
MMS Vulnerabilities
  • MMS
  • Unsecure data protocol for GSM
  • Extends SMS, allows for WAP connectivity
  • Exploit of MMS can drain battery 22x faster
  • Multiple UDP requests are sent concurrently,
    draining the battery as it responds to request
  • Does not expose data
  • Does make phone useless

19
Bluetooth Vulnerabilities
  • Bluetooth
  • Short range wireless communication protocol
  • Used in many personal electronic devices
  • Requires no authentication
  • An attack, if close enough, could take over
    Bluetooth device.
  • Attack would have access to all data on the
    Bluetooth enabled device
  • Practice known as bluesnarfing

20
Organizations Supporting Android
  • Google
  • Open Handset Alliance
  • 3rd Parties (ex Mocana)
  • Users
  • Hackers

21
Organizations Supporting Android
  •  

22
Open Handset Alliance
  •  

23
Open Handset Alliance
  • Objective
  •  
  •        To build a better mobile phone to enrich
  •        the lives of countless people across the
    globe.

24
3rd Party Partners
  • Mocana -- NanoPhone
  • Secure Web Browser
  • VPN
  • FIPS Encryption
  • Virus Malware Protection
  • Secure Firmware Updating
  • Robust Certificate Authentication
  •  
  •  
  •  

25
Hackers for Android
  • Hackers make Android stronger
  • White hats want to plug holes
  • Example
  • Browser Threat reported by Independent Security
    Evaluators
  • Jailbreak hole fixed by Google over-the-air
  •  
  •  
  •  

26
Conclusion
  • Android is New Evolving
  • Openness of Android
  • Good in the long-run
  • Strong Community
  • Robust Architecture
  • Powerful Computing Platform
  •  
  •  
  •  
Write a Comment
User Comments (0)
About PowerShow.com