Towards Permission-Based Attestation for the Android Platform
Recommend Documents
that go well beyond the traditional use of cell phones such as making and receiv- ...... pdf (2008) ... (2009) Available at: https://www.blackhat.com/html/bh-usa-09/.
secu- rity, with Android leading the charge as a primary threat. ... the client
through use of an FTP server. Android configurations on the client are pulled from
the ...
ANDROID â KURZANLEITUNG iv. 4 Apps ausprobieren. 39. Alle Apps. 39. Google Play .... Um Text einzugeben, wie zum Beisp
Abstract— Android is a fairly new operating system launched by Google in
October 2008; ... operating system, malware for Android has increased
tremendously.
May 19, 2010 - Distributed computing and worldwide business transac- tions over open ... ware and commodity operating systems), some are due to ..... [12] V. Haldar, D. Chandra, and M. Franz. ... G. Lowney, S. Wallace, V. J. Reddi, and ... [22] Micro
Sep 15, 2016 - [2] M. Lindorfer, M. Neugschwandtner, L. Weichselbaum,. Y. Fratantonio, V. .... [35] Yury Zhauniarovich, Anton Philippov, Olga. Gadyatskaya ...
Sep 15, 2016 - Droid [14] and DroidScope [10] take advantage of VMI to retrieve, unseen by the target malware, all systems calls done by the guest Android ...
The basic idea behind these two systems is to build a constellation of ... GLONASS sensor data from the device using Android Application Programming.
very few studies conducted on mobile phones, even fewer on smartphones with touchscreen. The main research ... +40 265 250 620; fax: +40 265 206 211.
Android, which is open source operating system, will be ... application Section V describes malware analysis followed .... following is a list of tools used for reverse engineering. Android .... software, i.e., AVG Antivirus Free, Lookout Security &.
An Android application having its own software keyboard was developed for data .... verification measurements where the equal error rate was reduced by 2.4% ...
8th International Conference Interdisciplinarity in engineering, INTeRYeNG 2014, 9Y10 October. 2014, TirguYMures, Romania. Keystro@e dynamics on Android ...
talent pool. Cross-platform. Take advantage of our experience in multiple industry verticals and leading platforms to ra
ннаRedefines android.util.pools which confuses Eclipse ... It takes time to wrap
your head around the tree ... Load file **FIRST** and then attach on host side.
is to make the android device interoperate with the remaining parts of the robot:
actuators, specialized sensors and maybe co- processors. In this paper .... think
the IOIO approach is the most general one to connect any electrically interfaced ...
which today is not available, about Android applications, such as: power consumption estimation, statistics about basic blocks and instructions, and CPU cycle ...
May 24, 2014 - Abstract: App Inventor for the Android platform is a powerful visual and drag-and-drop tool that lets ... applications for themselves [10,12].
The aim of this bachelor thesis was to create a game for the Android ... Android,
app, turn-based, strategy, game, multiplayer, hot seat, online, ... 1 Introduction. 1
..... Another prominent example is the FloatMath class which is used in addition
positioning system developed for Android smartphones, coined. Airplace. To infer ..... with a 10.1´ screen (i.e., much larger than a typical 3.7´-. 4.3´ smartphone ...
We also analyze the implementation of the algorithm coupling the Android platform and ..... Stock Android emulator running 2.1 and SDK 10. ⢠Cs: The set of ...
Android is a Linux-based mobile software platform that is mainly used in ... data processing layer and a Pretrace program layer that create and analyze the start ...
What Android phones? â« Flash Player 10.1 runs only on Android 2.2 or newer ... 10. Download Flash Player 10.1 and AIR runtime/SDK. â« hp://labs.adobe.com.
Development of sensor based applications for the Android platform: an Approach Based on Realistic Simulation. 23. Advances in Distributed. Computing and ...
Towards Permission-Based Attestation for the Android Platform
Jun 22, 2011 - Android Platform ... Trust@FHH. I. Bente (Trust@FHH). PeBA. 22-06-2011. 1 / 17 ... snoop for sensitive data (local phone data, sensors).
Towards Permission-Based Attestation for the Android Platform Ingo Bente Trust@FHH Research Group University of Applied Sciences and Arts in Hannover (FHH)
22 June 2011 Trust 2011 CMU Pittsburgh, PA
Trust@FHH
I. Bente (Trust@FHH)
PeBA
22-06-2011
1 / 17
Agenda
1
Introduction
2
Background
3
Concepts
4
Limitations & Future Work
I. Bente (Trust@FHH)
PeBA
22-06-2011
2 / 17
Contents
1
Introduction
2
Background
3
Concepts
4
Limitations & Future Work
I. Bente (Trust@FHH)
PeBA
22-06-2011
3 / 17
Trust@FHH Research Group Team head: Prof. Dr. Josef von Helden 3 research associates 4 student assistants
Research Fields Trusted Computing Network Security Mobile Security
More Information trust.inform.fh-hannover.de
I. Bente (Trust@FHH)
PeBA
22-06-2011
4 / 17
Motivation Mobile Malware malicious third party applications spreaded via ”app stores” snoop for sensitive data (local phone data, sensors) abuse premium services (Trojan SMS)
Trusted Computing Concepts address malware issues in general binary remote attestation appropriate to counter malware threats
Binary Remote Attestation Drawbacks inherent issue: scalability lack of adoption (in general, not limited to mobile devices) → develop new attestation approach for mobile devices (Android) I. Bente (Trust@FHH)
PeBA
22-06-2011
5 / 17
Idea of Permission-Based Attestation Hybrid Approach general concept I
I
binary attest only rather static part of the Android platform (excluding applications) attest permissions used by applications (not their binaries!)
→ reduced complexity of chain of trust
Related Work Idea originated primarily from two prior approaches Kirin (Enck et al.) I I
security service for Android based upon permissions third party apps are checked against predefined security rules
Property Based Attestation (Sadeghi et al.) I I
attest security properties instead of application binaries challenge: definition of reasonable properties
I. Bente (Trust@FHH)
PeBA
22-06-2011
6 / 17
Contents
1
Introduction
2
Background
3
Concepts
4
Limitations & Future Work
I. Bente (Trust@FHH)
PeBA
22-06-2011
7 / 17
The Android Platform APPLICATIONS Home
Contacts
...
Browser
Phone APPLICATION FRAMEWORK
Activity Manager Package Manager
Window Manager Telephony Manager
View System
Content Providers Resource Manager
LIBRARIES
Location Manager
Notification Manager
ANDROID RUNTIME
Surface Manager
Media Framework
SQLite
Core Libraries
OpenGL | ES
FreeType
Webkit
Dalvik Virtual Machine
SGL
SSL
libc LINUX KERNEL
Display Driver
Camera Driver
Flash Memory Driver
Binder (IPC) Driver
Keypad Driver
Wifi Driver
Audio Drivers
Power Management
I. Bente (Trust@FHH)
PeBA
22-06-2011
8 / 17
Android Security Model Isolation of Apps separate processes, separate file system each app is hosted by a dedicated Dalvik VM instance IPC via Binder API
Android Permissions permissions regulate access to phone resources apps list required permission in their manifest file primarily used in two ways 1 2
permissions used by the app permissions to restrict access to the app’s components itself
Android platform enforces permissions
Example ACCESS FINE LOCATION, INTERNET, RECEIVE BOOT COMPLETE I. Bente (Trust@FHH)
PeBA
22-06-2011
9 / 17
Contents
1
Introduction
2
Background
3
Concepts
4
Limitations & Future Work
I. Bente (Trust@FHH)
PeBA
22-06-2011
10 / 17
Permission-Based Attestation Building Blocks Static Chain of Trust (SCoT) binary measure before load components (extended to TPM) covers Android software stack (kernel, native libraries, Android runtime and application framework) apps are not included (exception see below ...) measurements are rendered to SML
Permission-Based Attestation App the only app that is part of the SCoT measures requested permission labels of installed apps for each app extend TPM as follows: PCRn = SHA1(PCRn ⊕ SHA1(Permission0 ⊕ Permission1 ⊕ ... ⊕ Permissionc )) maintains measurements in Permission Measurement Log (PML) I. Bente (Trust@FHH)
PeBA
22-06-2011
11 / 17
Permission Measurement Log Example [...] 11 76f5ef2156db68c259d60b47280fbf156a054e2f com.android.contacts android.permission.CALL PRIVILEGED android.permission.READ CONTACTS android.permission.WRITE CONTACTS android.permission.INTERNET android.permission.READ PHONE STATE android.permission.MODIFY PHONE STATE com.google.android.googleapps.permission.GOOGLE AUTH.mail android.permission.WAKE LOCK android.permission.WRITE EXTERNAL STORAGE android.permission.USE CREDENTIALS android.permission.VIBRATE 11 6e4e78b206910d078f400ad061aa30d38562c146 com.android.phone android.permission.BROADCAST STICKY android.permission.CALL PHONE android.permission.CALL PRIVILEGED android.permission.WRITE SETTINGS android.permission.WRITE SECURE SETTINGS android.permission.READ CONTACTS android.permission.WRITE CONTACTS android.permission.SYSTEM ALERT WINDOW android.permission.INTERNAL SYSTEM WINDOW android.permission.ADD SYSTEM SERVICE android.permission.VIBRATE [...]
![Developing for Android with the Flash Platform - Mihai Corlan [PDF]](https://m.moam.info/img/260x300/developing-for-android-with-the-flash-platform-mih_647cebba098a9e4f458b4637.jpg)
