a nalyzing i nter a pplication c ommunication in a ndroid
play

A NALYZING I NTER -A PPLICATION C OMMUNICATION IN A NDROID Erika - PowerPoint PPT Presentation

May 17, 2023 •124 likes •399 views

A NALYZING I NTER -A PPLICATION C OMMUNICATION IN A NDROID Erika Chin Adrienne Porter Felt Kate Greenwood David Wagner UC Berkeley I NTER -A PPLICATION C OMMUNICATION Yelp App Eavesdropping Attacks Injection Attacks Inter-Application

  1. A NALYZING I NTER -A PPLICATION C OMMUNICATION IN A NDROID Erika Chin Adrienne Porter Felt Kate Greenwood David Wagner UC Berkeley

  2. I NTER -A PPLICATION C OMMUNICATION Yelp App • Eavesdropping Attacks • Injection Attacks Inter-Application Communication Malicious Other App Maps App Dialer App App 2

  3. O RGANIZATION ¢ Android communication model ¢ Security analysis of Android ¢ ComDroid ¢ Analysis of third-party applications ¢ Recommendations 3

  4. A NDROID O VERVIEW ¢ Intents = Android IPC ¢ Applications are divided into components ¢ Intents can be sent between components ¢ Intents can be used for intra- and inter-application communication Receiver Sender Intent 4

  5. E XPLICIT I NTENTS Name: MapActivity Map Yelp App To: MapActivity Only the specified destination receives this message 5

  6. I MPLICIT I NTENTS Handles Action: VIEW Map App Yelp Handles Action: DISPLAYTIME Clock Implicit Intent App Action: VIEW 6

  7. I MPLICIT I NTENTS Handles Action: VIEW Map App Yelp Handles Action: VIEW Browser Implicit Intent App Action: VIEW 7

  8. S ECURITY A NALYSIS O F A NDROID 8

  9. C OMMON D EVELOPER P ATTERN : U NIQUE A CTION S TRINGS IMDb App Handles Actions: willUpdateShowtimes , showtimesNoLocationError Showtime Results UI Search Implicit Intent Action: willUpdateShowtimes 9

  10. 10

  11. C OMMON D EVELOPER P ATTERN : U NIQUE A CTION S TRINGS IMDb App Handles Actions: willUpdateShowtimes , showtimesNoLocationError Showtime Results UI Search Implicit Intent Action: willUpdateShowtimes 11

  12. ATTACK #1: E AVESDROPPING IMDb App Eavesdropping App Handles Action: willUpdateShowtimes , showtimesNoLocationError Showtime Malicious Search Receiver Implicit Intent Action: willUpdateShowtimes 12 Sending Implicit Intents makes communication public

  13. ATTACK #2: I NTENT S POOFING Malicious IMDb App Injection Handles Action: App willUpdateShowtimes , showtimesNoLocationError Malicious Results UI Component Action: showtimesNoLocationError 13 Receiving Implicit Intents makes the component public

  14. 14 Typical case Attack case

  15. ATTACK #3: M AN IN THE M IDDLE IMDb App Man-in-the-Middle App Handles Action: Handles Action: willUpdateShowtimes , willUpdateShowtimes , showtimesNoLocation showtimesNoLocationError Error Showtime Results UI Malicious Search Receiver Action: Action: willUpdateShowtimes showtimesNoLocation Error 15

  16. ATTACK #4: S YSTEM I NTENT S POOFING ¢ Background – System Broadcast — Event notifications sent by the system — Some can only be sent by the system ¢ Receivers become accessible to all applications when listening for system broadcast 16

  17. App 1 S YSTEM B ROADCAST Component Handles Action: BootCompleted System Notifier App 2 Component Handles Action: BootCompleted Action: App 3 BootCompleted Component 17 Handles Action: BootCompleted

  18. S YSTEM I NTENT S POOFING : F AILED A TTACK Malicious App 1 App Handles Action: BootCompleted Malicious Component Component Action: BootCompleted 18

  19. S YSTEM I NTENT S POOFING : S UCCESSFUL A TTACK Malicious App 1 App Handles Action: BootCompleted Malicious Component Component To: App1.Component 19

  20. R EAL W ORLD E XAMPLE : ICE A PP ¢ ICE App: Allows doctors access to medical information on phones ¢ Contains a component that listens for the BootCompleted system broadcast ¢ On receipt of the Intent, it exits the application and locks the screen 20

  21. R EAL W ORLD E XAMPLE : ICE 21

  22. C OM D ROID Security Android Warnings for Executable ComDroid Exposed File Communication ComDroid analyzes applications to detect Intent- based attack surfaces 22

  23. E VALUATION ¢ Manually verified ComDroid’s warnings for 20 applications ¢ 60% of applications examined have at least 1 exploitable IPC vulnerability Type # of # of Apps Warnings Severe Vulnerability 34 12 Bad Practice 16 6 Spurious Warning 6 6 23

  24. R ECOMMENDATIONS ¢ Treat inter- and intra-application communication as different cases ¢ Prevent public internal communication — 21% of severe vulnerabilities — 63% of bugs due to bad practice ¢ Verify system broadcasts — 6% of severe vulnerabilities — 13% of bugs due to bad practice ¢ Can be fixed by either developers or platform 24

  25. R ELATED W ORK ¢ Enck et al. – introduces information leakage through Broadcast Intents and information injection into Receivers ¢ Burns – discusses other common developers’ errors 25

  26. C ONCLUSION ¢ Applications may be vulnerable to other applications through Android Intent communication ¢ Many developers misuse Intents or do not realize the consequences of their program design ¢ 60% of applications examined had at least 1 vulnerability ¢ ComDroid tool to be publically accessible soon at 26 www.comdroid.org

  27. Thank you! Any questions? 27

Recommend

G ROUP C OMMUNICATION (A PPLICATION - LEVEL M ULTICAST ) Prasun Dewan Department of Computer

G ROUP C OMMUNICATION (A PPLICATION - LEVEL M ULTICAST ) Prasun Dewan Department of Computer

G ROUP C OMMUNICATION (A PPLICATION - LEVEL M ULTICAST ) Prasun Dewan Department of Computer Science University of North Carolina at Chapel Hill dewan@cs.unc.edu Code available at: https://github.com/pdewan/ColabTeaching P RE -R EQUISITES

1.22k views • 100 slides
Unde Understandi nding+O ng+Ope pen+P n+Ports+i +in+A n+Andr ndroid+ d+ Ap

Unde Understandi nding+O ng+Ope pen+P n+Ports+i +in+A n+Andr ndroid+ d+ Ap

Unde Understandi nding+O ng+Ope pen+P n+Ports+i +in+A n+Andr ndroid+ d+ Ap Applications:+Discover ery,+Diagnosis,+and+ Se Secur curity+A y+Assessme ment Daoyuan Wu 1 ,*Debin Gao 1 ,*Rocky*K.*C.*Chang 2 ,* En He 3 ,*Eric*K.*T.*Cheng

249 views • 21 slides
Permitting Process Receive Application Publish Notice of Application Hold Information Meeting (if

Permitting Process Receive Application Publish Notice of Application Hold Information Meeting (if

P RESENTATIONS FROM THE I NFORMATIONAL M EETING ON THE A PPLICATION FOR A RENEWAL OF A P ERMIT TO D ISCHARGE TO S URFACE W ATERS FOR D OMINION C OVE P OINT LNG (A PPLICATION # 17-DP-2642; NPDES # MD0063975) 6:00 to 8:00 PM, Wednesday, May 17,

636 views • 25 slides
Synthetic Bio-Communication S YNTHETIC B IO -C OMMUNICATION 1. A TOMIC 2. I NTERCELLULAR 3. T IME

Synthetic Bio-Communication S YNTHETIC B IO -C OMMUNICATION 1. A TOMIC 2. I NTERCELLULAR 3. T IME

Stanford-Brown 2013 Synthetic Bio-Communication S YNTHETIC B IO -C OMMUNICATION 1. A TOMIC 2. I NTERCELLULAR 3. T IME 4. S PACE S YNTHETIC B IO -C OMMUNICATION B IO W IRES 1. A TOMIC 2. I NTERCELLULAR 3. T IME 4. S PACE S YNTHETIC B IO -C

1.61k views • 122 slides
Synthetic Bio- Communication 1 S YNTHETIC B IO -C OMMUNICATION 1. A TOMIC 2. I NTERCELLULAR 3. T

Synthetic Bio- Communication 1 S YNTHETIC B IO -C OMMUNICATION 1. A TOMIC 2. I NTERCELLULAR 3. T

Stanford-Brown 2013 Synthetic Bio- Communication 1 S YNTHETIC B IO -C OMMUNICATION 1. A TOMIC 2. I NTERCELLULAR 3. T IME 4. S PACE S YNTHETIC B IO -C OMMUNICATION B IO W IRES 1. A TOMIC 2. I NTERCELLULAR 3. T IME 4. S PACE S YNTHETIC B IO -C

1.62k views • 135 slides
Kaur Balw alwinder inder Kaur Senior Member, Technical Staff ON Semiconductor Andr ndroid

Kaur Balw alwinder inder Kaur Senior Member, Technical Staff ON Semiconductor Andr ndroid

Android 5.xs Stream-Based Camera Architecture Kaur Balw alwinder inder Kaur Senior Member, Technical Staff ON Semiconductor Andr ndroid oid Builder uilders Summit ummit | San an Jos ose e | 3.23.15 3.23.15 Tools ools of of the

976 views • 69 slides
REALITIES The Virtual Experience NEW FRONTIERS VR IS REAL VR EVERY WHERE C OMMUNICATION ART

REALITIES The Virtual Experience NEW FRONTIERS VR IS REAL VR EVERY WHERE C OMMUNICATION ART

BRAVE NEW DR. CHRISTIAN ROTH @SPIELEFORSCHER REALITIES The Virtual Experience NEW FRONTIERS VR IS REAL VR EVERY WHERE C OMMUNICATION ART & CULTURE EDUCATION HEALTH Osso VR ENGINEERING TOURISM ENTERTAINMENT VR is going to be

812 views • 48 slides
listen-act-now WHAT B eneficiary C ommunication The development and implementation of processes

listen-act-now WHAT B eneficiary C ommunication The development and implementation of processes

listen-act-now WHAT B eneficiary C ommunication The development and implementation of processes that allow us to engage more effectively with the individuals and communities we work with. Beneficiary Communication uses both traditional and high

499 views • 30 slides
AN ANDR DROID OID S SECU CURE RE C COM OMMUNICATION UNICATION SYSTE TEM M U USING

AN ANDR DROID OID S SECU CURE RE C COM OMMUNICATION UNICATION SYSTE TEM M U USING

AN ANDR DROID OID S SECU CURE RE C COM OMMUNICATION UNICATION SYSTE TEM M U USING NG S STE TEGAN ANOGRAPH OGRAPHY Kleona Binjaku Elinda Kajo Mee DAAD Workshop "Cooperation at Academic Informatics Education across

972 views • 23 slides
INT NTER ERVIEW VIEW ON AB N ABC C

INT NTER ERVIEW VIEW ON AB N ABC C

BLOOD OD SHOR ORTAGES GES AMERIC RICA INT NTER ERVIEW VIEW ON AB N ABC C http://www.wcvb.com/article/local-company-says-new-blood-bag-will-eliminate-shortages- 1/8172306 OUR MARKETS(PLATELETS,RED CELLS,CONTAMINATES, NO WASHING, NEW

702 views • 31 slides
Short c ommunication Thyroid and bone fragility J Callear 1 , WK Jerjes 1 *, HB Tan 1 , PV

Short c ommunication Thyroid and bone fragility J Callear 1 , WK Jerjes 1 *, HB Tan 1 , PV

& Aging Musculosekeletal Disorders Page 1 of 4 Short c ommunication Thyroid and bone fragility J Callear 1 , WK Jerjes 1 *, HB Tan 1 , PV Giannoudis 1 Abstract The hypothalamic-pituitary-thyroid sweating, tremor and weight loss.

300 views • 4 slides
C LARIFICATION ON THE A PPLICATION OF THE 15-K M R ULE Presentation to SARM March 16, 2017

C LARIFICATION ON THE A PPLICATION OF THE 15-K M R ULE Presentation to SARM March 16, 2017

C LARIFICATION ON THE A PPLICATION OF THE 15-K M R ULE Presentation to SARM March 16, 2017 Andrew Liu Planning and Policy Division Ministry of Highways and Infrastructure B ACKGROUND The 15 km rule is : the 15-km primary-weight extension

502 views • 13 slides
S TATE I NTEROPERABLE & E MERGENCY C OMMUNICATION B OARD M EETING M AY 22, 2013 1 W ELCOME

S TATE I NTEROPERABLE & E MERGENCY C OMMUNICATION B OARD M EETING M AY 22, 2013 1 W ELCOME

S TATE I NTEROPERABLE & E MERGENCY C OMMUNICATION B OARD M EETING M AY 22, 2013 1 W ELCOME Robert M. Barbato Chair State Interoperable & Emergency Communication Board Director, OIEC 2 R OLL C ALL AND A PPROVAL OF M EETING M INUTES R

660 views • 30 slides
H EALTH E DUCATION & C OMMUNICATION David Brendsel Communications Specialist, Prevention

H EALTH E DUCATION & C OMMUNICATION David Brendsel Communications Specialist, Prevention

H EALTH E DUCATION & C OMMUNICATION David Brendsel Communications Specialist, Prevention Services Division Colorado Department of Public Health & Environment Introduction PSD Communications Team Marketing Media Design

526 views • 11 slides
ICITI ICITI I t I ntegrated C ommunication & t d C i ti & IT I nfrastructure for the

ICITI ICITI I t I ntegrated C ommunication & t d C i ti & IT I nfrastructure for the

ICITI ICITI I t I ntegrated C ommunication & t d C i ti & IT I nfrastructure for the Socio-Economic IT I nfrastructure for the Socio Economic Development of Auroville Bioregion C Capt JV Avadhanulu VSM Indian Navy (Retd.) t JV A dh

722 views • 34 slides
AG AGENDA 6:30-6:50 Opening Remarks Region 4 Updates Operation Military Kids 6:50-7:10

AG AGENDA 6:30-6:50 Opening Remarks Region 4 Updates Operation Military Kids 6:50-7:10

WE WELCOM COME R egional gional I nter nter S ervices vices F ami y A ssistance ssistance C ommittee amily ommittee January 27, 2015 15 Wright St State te University Nutter tter Cent Center Be Berry y Room oom AG AGENDA 6:30-6:50

293 views • 8 slides
R EVIEW OF C HAPTER 2 H OW TO D EVELOP A VB A PPLICATION Design the Interface for the user

R EVIEW OF C HAPTER 2 H OW TO D EVELOP A VB A PPLICATION Design the Interface for the user

R EVIEW OF C HAPTER 2 H OW TO D EVELOP A VB A PPLICATION Design the Interface for the user Literally draw the GUI Drag buttons/text boxes/etc onto form Determine which events the controls on the window should recognize Write the

1.28k views • 93 slides
SOLACTIVE EUROPEAN DEEP VALUE SELECT 50 INDEX Marketing C ommunication For professional clients

SOLACTIVE EUROPEAN DEEP VALUE SELECT 50 INDEX Marketing C ommunication For professional clients

SOLACTIVE EUROPEAN DEEP VALUE SELECT 50 INDEX Marketing C ommunication For professional clients only This document has been prepared for discussion purposes only and does not constitute an offer or a solicitation to engage in any trading

504 views • 32 slides
SOLACTIVE EUROPEAN DEEP VALUE SELECT 50 INDEX Marketing C ommunication For professional clients

SOLACTIVE EUROPEAN DEEP VALUE SELECT 50 INDEX Marketing C ommunication For professional clients

SOLACTIVE EUROPEAN DEEP VALUE SELECT 50 INDEX Marketing C ommunication For professional clients only This document has been prepared for discussion purposes only and does not constitute an offer or a solicitation to engage in any trading

354 views • 33 slides
cpSGD: c ommunication-efficient and differentially- p rivate distributed SGD Naman Agarwal, Ananda

cpSGD: c ommunication-efficient and differentially- p rivate distributed SGD Naman Agarwal, Ananda

cpSGD: c ommunication-efficient and differentially- p rivate distributed SGD Naman Agarwal, Ananda Theertha Suresh, Felix X. Yu Sanjiv Kumar, H. Brendan McMahan Distributed learning with mobile devices Train a centralized model; data stays on

878 views • 12 slides
I I ha have e no no co confli nflict cts s of of i int nter eres est t to to disc

I I ha have e no no co confli nflict cts s of of i int nter eres est t to to disc

I I ha have e no no co confli nflict cts s of of i int nter eres est t to to disc disclose lose. Definit Definitions ions M&M M&M Etiologies Etiologies Diagnos Dia gnosis is Evalua Evaluation tion Mana

587 views • 58 slides
B IOCIDAL PRODUCT DOSSIER A PPLICATION FOR AN AUTHORISATION OF A BIOCIDAL PRODUCT Dr. Bellomo

B IOCIDAL PRODUCT DOSSIER A PPLICATION FOR AN AUTHORISATION OF A BIOCIDAL PRODUCT Dr. Bellomo

B IOCIDAL PRODUCT DOSSIER A PPLICATION FOR AN AUTHORISATION OF A BIOCIDAL PRODUCT Dr. Bellomo Guido National Institute of Health Center for chemicals, cosmetics and consumer protection Products and Substances Authorization Unit T YPES OF

715 views • 35 slides
C HANGES IN W ATER Q UALITY OF G RAND L AKE S T . M ARYS F OLLOWING A M ANURE A PPLICATION B AN S

C HANGES IN W ATER Q UALITY OF G RAND L AKE S T . M ARYS F OLLOWING A M ANURE A PPLICATION B AN S

C HANGES IN W ATER Q UALITY OF G RAND L AKE S T . M ARYS F OLLOWING A M ANURE A PPLICATION B AN S TEPHEN J. J ACQUEMIN 1 , L AURA T. J OHNSON 2 , T HERESA A. D IRKSEN 3 , T ERRY M. M ESCHER 4 , G REG M C G LINCH 1 1 W RIGHT S TATE U NIVERSITY L

236 views • 22 slides
F UND S TUDY 5.9 GH Z DSRC V EHICLE - BASED R OAD AND W EATHER C ONDITION A PPLICATION Road

F UND S TUDY 5.9 GH Z DSRC V EHICLE - BASED R OAD AND W EATHER C ONDITION A PPLICATION Road

1 C ONNECTED V EHICLE P OOLED F UND S TUDY 5.9 GH Z DSRC V EHICLE - BASED R OAD AND W EATHER C ONDITION A PPLICATION Road Weather Management Stakeholder Meeting 6/22/2017 Connected Vehicle Pooled Fund Core/Voting Members VDOT is lead

306 views • 9 slides

More recommend