lecture 08
play

Lecture 08 Android Permissions Demystified Adrienne Porter Felt, - PowerPoint PPT Presentation

Jan 24, 2024 •464 likes •894 views

Lecture 08 Android Permissions Demystified Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, David Wagner Operating Systems Practical 20 November, 2013 OSP Lecture 08, Android Permissions Demystified 1/42 Introduction Android

  1. Lecture 08 Android Permissions Demystified Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, David Wagner Operating Systems Practical 20 November, 2013 OSP Lecture 08, Android Permissions Demystified 1/42

  2. Introduction Android Permission System Stowaway Keywords Questions OSP Lecture 08, Android Permissions Demystified 2/42

  3. Outline Introduction Android Permission System Stowaway Keywords Questions OSP Lecture 08, Android Permissions Demystified 3/42

  4. Context ◮ Android OS security ◮ Coarse permission model ◮ A lot of research on Android permissions ◮ Applications with unnecessary permissions ◮ Paper doesn’t focus on the malicious use of permissions OSP Lecture 08, Android Permissions Demystified 4/42

  5. Android Applications ◮ Java source code → compiled into .dex byte-code file ◮ .dex file + Manifest file + resources = .apk archive ◮ Application isolation → system level security ◮ Linux process, address space ◮ VM (Dalvik Virtual Machine) for each application ◮ unique Linux user ID ◮ direct access only to its own data ◮ API-based access to other apps’ resources ◮ Not a single entry-point (no main ) ◮ Applications can start each other ◮ Based on Components and Intents OSP Lecture 08, Android Permissions Demystified 5/42

  6. Dalvik Virtual Machine ◮ . dex - Dalvik Executable format ◮ Dalvik is optimised for mobile architectures ◮ low memory consumption ◮ Dex results in smaller binaries than JAR ◮ register-based architecture (JVM is stack-based) ◮ Java VM cannot execute Dalvik code ◮ 16-bit instructions ◮ copy-on-write memory sharing ◮ dx cross-compiler - works with javac output (oracle and openJDK, but not GCJ or other java compilers) OSP Lecture 08, Android Permissions Demystified 6/42

  7. Compiling Applications OSP Lecture 08, Android Permissions Demystified 7/42

  8. Android Architecture OSP Lecture 08, Android Permissions Demystified 8/42

  9. Components: Activity ◮ Extends Activity base class ◮ User interfaces: UI elements(buttons, lists) and user input ◮ User interacts with one activity at a time ◮ Independent life-cycle, 4 states ◮ active (running) ◮ paused ◮ stopped - still resides in memory ◮ killed - removed from memory ◮ Activities stack ◮ Activities can launch other activities OSP Lecture 08, Android Permissions Demystified 9/42

  10. Components: Service ◮ Extends Service base class ◮ Background processing ◮ It runs by default in the same process as the application ◮ Can provide functionality also for other applications OSP Lecture 08, Android Permissions Demystified 10/42

  11. Components: Broadcast Receiver ◮ Extends BroadcastReceiver base class ◮ Receive broadcast announcements, example: low battery, changed phone settings ◮ React to messages: start an activity or use NotificationManager ◮ Static registration - specified in the Manifest file ◮ Dynamic registration - Context.registerReceiver() ◮ Active only while it’s responding to a broadcast message, no need to shut it down. OSP Lecture 08, Android Permissions Demystified 11/42

  12. Components: Content Provider ◮ Store and Share applications’ data ◮ Required when sharing data between multiple applications ◮ Must be declared in the Manifest file ◮ Accessed with ContentResolver using URIs ◮ Uses relational databases ◮ Active only while it’s responding to a request from a ContentResolver, no need to shut it down explicitly OSP Lecture 08, Android Permissions Demystified 12/42

  13. Inter-Component Communication ◮ Intents ◮ Extend Intent class ◮ Used for inter-component signaling ◮ Used for starting activities, services and sending broadcast messages ◮ IntentFilters specified in the Manifest file ◮ Contain actions to be performed and data for these actions ◮ Example: action = make a phone call, data = phone number ◮ ContentProviders do not use intents OSP Lecture 08, Android Permissions Demystified 13/42

  14. AndroidManifest ◮ XML configuration file ◮ Every application must have it ◮ Contains: ◮ application’s name, icon, labels ◮ linked libraries ◮ application components : < activity > , < service > , < receiver > , < provider > tags ◮ Activity shown at launch time ◮ Intent filters ◮ Permissions OSP Lecture 08, Android Permissions Demystified 14/42

  15. AndroidManifest Example Panoramio App: OSP Lecture 08, Android Permissions Demystified 15/42

  16. Outline Introduction Android Permission System Stowaway Keywords Questions OSP Lecture 08, Android Permissions Demystified 16/42

  17. Application Framework Security ◮ Android Framework Security ◮ Mandatory Access Control(MAC) enforced by middleware ◮ Components protected using access permission labels ◮ declared in the AndroidManifest file ◮ can not be changed after installation ◮ 4 protection levels ◮ normal - always granted ◮ dangerous - requires user approval ◮ signature - matching certificate ◮ signature or system - matching certificate with system image OSP Lecture 08, Android Permissions Demystified 17/42

  18. Permissions ◮ At install-time each application requests a list of permissions ◮ All permissions must be granted at install time - all or nothing ◮ Protect access to Android components, services and APIs ◮ e.g API for access to phone’s hardware ◮ ∼ 130 API-defined permissions in Manifest . Permissions class 1 ◮ Custom-defined permissions by developers ◮ name conflicts may appear ◮ current research on Android permissions doesn’t take them into consideration 1 http://developer.android.com/reference/android/Manifest.permission.html OSP Lecture 08, Android Permissions Demystified 18/42

  19. Permissions in AndroidManifest for components ◮ activity ◮ restricts access to the activity ◮ checked when starting activity ◮ throw SecurityException if caller does not have required permission ◮ service ◮ restricts who can start, stop or bind to the service ◮ receiver ◮ restricts who can send broadcasts to the BroadcastReceiver ◮ checked at delivery, after broadcast was sent ◮ does not throw exception in case of permission failure ◮ provider ◮ restrict who can access the data ◮ read and write permissions ◮ checked when performing operations(e.g. query, insert) OSP Lecture 08, Android Permissions Demystified 19/42

  20. Permissions in source code ◮ Broadcast permissions ◮ permission label as parameter to the sending method (sendBroadcast) ◮ Direct permission check ◮ checkPermission methods ◮ check against PID, package name ◮ URI Permissions ◮ Provide finer control over content sharing ◮ Record level delegation ◮ Set flags in the Intent that allow access (e.g. Intent.FLAG GRANT READ URI PERMISSION) ◮ example: view mail attachments OSP Lecture 08, Android Permissions Demystified 20/42

  21. User Attention, Comprehension, and Behavior ◮ Usability study by the same authors ◮ Are users paying attention to the permissions? ◮ Do users understand the permissions? ◮ Can users make correct security decisions? ◮ Results: too few users comprehend or pay attention ◮ ⇒ security risks OSP Lecture 08, Android Permissions Demystified 21/42

  22. Outline Introduction Android Permission System Stowaway Keywords Questions OSP Lecture 08, Android Permissions Demystified 22/42

  23. Stowaway ◮ The problem: unnecessary use of permissions ◮ The proposed solution: static analysis of API calls ◮ Permission map - identifies permissions for Intents, Content Provides, API calls ◮ Stowaway tool - determines if an app is overprivileged or not ◮ 2011 paper → research performed on Android 2.2 SDK OSP Lecture 08, Android Permissions Demystified 23/42

  24. Permission Map ◮ Map of permissions for each method in the Android API ◮ Log permission checks → modified middleware ◮ Test cases for API calls, Intents, Content Providers OSP Lecture 08, Android Permissions Demystified 24/42

  25. Permission Map: API Calls ◮ Feedback-Directed Testing ◮ Randoop unit test generator ◮ receives a list of classes as input ◮ tries to cover all possible combinations of calls ◮ use return values as parameters for other methods ◮ limitations ◮ find an object of the correct type needed to invoke a method ◮ object created through API calls with specific parameters ◮ methods precede each other in a very specific order ◮ native code generate segmentation faults if called out of order OSP Lecture 08, Android Permissions Demystified 25/42

  26. Permission Map: API Calls ◮ Customizable Test Case Generation ◮ custom tool for building methods unit tests ◮ list of method signatures as input ◮ outputs at least one unit test for each method ◮ allows manual adjustments of test sequences - order, parameters OSP Lecture 08, Android Permissions Demystified 26/42

  27. Permission Map: API Calls ◮ Manual Verification ◮ solves inconsistencies ◮ argument-dependent permission requirment ◮ API calls order-dependent ◮ test cases with and without permissions ◮ identified methods that require INTERNET permission ◮ tests run until no security exceptions appeared OSP Lecture 08, Android Permissions Demystified 27/42

Recommend

Lecture # 5 - Monday, Aug 30th In this lecture I reviewed the previous lecture 4, and then

Lecture # 5 - Monday, Aug 30th In this lecture I reviewed the previous lecture 4, and then

Lecture # 5 - Monday, Aug 30th In this lecture I reviewed the previous lecture 4, and then reviewed the final point of lecture #3: Hennigs logical approach to tree inference is valid as logic, but we have a hard time using it because our data

660 views • 7 slides
Algorithms (2IL15) Lecture 13 Wrap-up lecture 1 TU/e Algorithms (2IL15) Lecture 13

Algorithms (2IL15) Lecture 13 Wrap-up lecture 1 TU/e Algorithms (2IL15) Lecture 13

TU/e Algorithms (2IL15) Lecture 13 Algorithms (2IL15) Lecture 13 Wrap-up lecture 1 TU/e Algorithms (2IL15) Lecture 13 Part I of the course: Optimization Problems we want to find valid solution minimizing cost (or maximizing

905 views • 20 slides
In 2020SP, this lecture and lecture 20 are both optional extra material CS 5412/LECTURE 17 Ken

In 2020SP, this lecture and lecture 20 are both optional extra material CS 5412/LECTURE 17 Ken

In 2020SP, this lecture and lecture 20 are both optional extra material CS 5412/LECTURE 17 Ken Birman LEAVE NO TRACE BEHIND Spring, 2020 HTTP://WWW.CS.CORNELL.EDU/COURSES/CS5412/2020SP 1 THE PRIVACY PUZZLE FOR I O T We have sensors

1.04k views • 65 slides
Recall last lecture ... Lecture 8 Also last lecture: Painter's Algorithm More Hidden Surface

Recall last lecture ... Lecture 8 Also last lecture: Painter's Algorithm More Hidden Surface

Recall last lecture ... Lecture 8 Also last lecture: Painter's Algorithm More Hidden Surface Removal Sort polygons in depth. Use the farthest vertex in each polygon as the sorting key. Efficient Painter - binary space partition (BSP)

563 views • 6 slides
Plan Lecture 1 - String diagrams and symmetric monoidal categories Lecture 2 -

Plan Lecture 1 - String diagrams and symmetric monoidal categories Lecture 2 -

Plan Lecture 1 - String diagrams and symmetric monoidal categories Lecture 2 - Resource-sensitive algebraic theories Lecture 3 - Interacting Hopf monoids and graphical linear algebra Lecture 4 - Signal Flow Graphs and recurrence

1.2k views • 61 slides
Where are we at - Topic overview Lecture 1A: Security requirements/features Lecture 7A

Where are we at - Topic overview Lecture 1A: Security requirements/features Lecture 7A

Where are we at - Topic overview Lecture 1A: Security requirements/features Lecture 7A Threatens Privacy Threatens Try to achieve Lecture 2B: Network threats Lecture 3A: Attacks on Lecture 6A: Security Protocols Web servers, malware

381 views • 25 slides
Lecture Capture Introduction to Lecture Capture Learning Outcomes What will lecture capture

Lecture Capture Introduction to Lecture Capture Learning Outcomes What will lecture capture

ISDS &amp; Digital Business Skills Lecture Capture Introduction to Lecture Capture Learning Outcomes What will lecture capture actually do? What happens before a lecture? What happens during a lecture? What does the button do?

527 views • 18 slides
CSE 158 Lecture 4 Web Mining and Recommender Systems More Classifiers Last lecture How

CSE 158 Lecture 4 Web Mining and Recommender Systems More Classifiers Last lecture How

CSE 158 Lecture 4 Web Mining and Recommender Systems More Classifiers Last lecture How can we predict binary or categorical variables? {0,1}, {True, False} {1, , N} Last lecture Will I purchase this product? (yes) Will I click

1.74k views • 60 slides
CSE 158 Lecture 4 Web Mining and Recommender Systems More Classifiers Last lecture How

CSE 158 Lecture 4 Web Mining and Recommender Systems More Classifiers Last lecture How

CSE 158 Lecture 4 Web Mining and Recommender Systems More Classifiers Last lecture How can we predict binary or categorical variables? {0,1}, {True, False} {1, , N} Last lecture Will I purchase this product? (yes) Will I click

851 views • 46 slides
CSE 158 Lecture 4 Web Mining and Recommender Systems More Classifiers Last lecture How

CSE 158 Lecture 4 Web Mining and Recommender Systems More Classifiers Last lecture How

CSE 158 Lecture 4 Web Mining and Recommender Systems More Classifiers Last lecture How can we predict binary or categorical variables? {0,1}, {True, False} {1, , N} Last lecture Will I purchase this product? (yes) Will I click

839 views • 58 slides
Usability of Programming Languages Lecture 4 - directed by your research interests Lecture

Usability of Programming Languages Lecture 4 - directed by your research interests Lecture

Overview Practical experimental course lectures are only introductory Lecture 1 - theoretical principles classic approaches l h current trends in leading research. Lecture 2 - candidate research methods advantages and

499 views • 15 slides
Introduction to AI &amp; Intelligent Agents This Lecture Chapters 1 and 2 Next Lecture

Introduction to AI &amp; Intelligent Agents This Lecture Chapters 1 and 2 Next Lecture

Introduction to AI &amp; Intelligent Agents This Lecture Chapters 1 and 2 Next Lecture Chapter 3.1 to 3.4 (Please read lecture topic material before and after each lecture on that topic) What is Artificial Intelligence? Thought

636 views • 31 slides
Introduction to Numerical Optimization Biostatistics 615/815 Lecture 14 Lecture 14 Course is

Introduction to Numerical Optimization Biostatistics 615/815 Lecture 14 Lecture 14 Course is

Introduction to Numerical Optimization Biostatistics 615/815 Lecture 14 Lecture 14 Course is More Than Half Done! If you have comments they are very welcome y y Lectures Lecture notes Weekly Homework Midterm

795 views • 42 slides
Lecture 12: Clustering 1 6.0002 LECTURE 12 Re Reading Chapter 23 6.0002 LECTURE 12 2 Mach Ma

Lecture 12: Clustering 1 6.0002 LECTURE 12 Re Reading Chapter 23 6.0002 LECTURE 12 2 Mach Ma

Lecture 12: Clustering 1 6.0002 LECTURE 12 Re Reading Chapter 23 6.0002 LECTURE 12 2 Mach Ma chine e Lea earn rning Paradigm Observe set of examples: training data Infer something about process that generated that data Use

847 views • 36 slides
Lecture Outline Regeltechniek Previous lecture: Stability and transient response. Lecture 4

Lecture Outline Regeltechniek Previous lecture: Stability and transient response. Lecture 4

Lecture Outline Regeltechniek Previous lecture: Stability and transient response. Lecture 4 Basics of Feedback Control Robert Babu ska Today: Steady-state response. Delft Center for Systems and Control Faculty of Mechanical

388 views • 7 slides
Psycholinguistics Lecture 2 By Dr.Chelli Lecture Objectives At the end of this lecture, students

Psycholinguistics Lecture 2 By Dr.Chelli Lecture Objectives At the end of this lecture, students

Psycholinguistics Lecture 2 By Dr.Chelli Lecture Objectives At the end of this lecture, students will be able to: Discuss the different stages in the history of psycholinguistics Identify the scholars in the field of psycholinguistics

589 views • 28 slides
Methodology for Lecture Methodology for Lecture Computer Graphics (Spring 2008) Computer

Methodology for Lecture Methodology for Lecture Computer Graphics (Spring 2008) Computer

Methodology for Lecture Methodology for Lecture Computer Graphics (Spring 2008) Computer Graphics (Spring 2008) Lecture deals with lighting (teapot shaded as in HW1) Some Nate Robbins tutor demos in lecture COMS 4160, Lecture 14: OpenGL

535 views • 5 slides
Lecture Outline Regeltechniek Previous lecture: Nyquist plot and stability criterion. Lecture 11

Lecture Outline Regeltechniek Previous lecture: Nyquist plot and stability criterion. Lecture 11

Lecture Outline Regeltechniek Previous lecture: Nyquist plot and stability criterion. Lecture 11 State-space models and state feedback control (We are finished with frequency domain methods.) Robert Babu ska Today: Delft Center for

452 views • 6 slides
CSE Fall 2014 311 Lecture 1 Lecture 1 Lecture 1: Propositional Logic Lecture 1 Foundations

CSE Fall 2014 311 Lecture 1 Lecture 1 Lecture 1: Propositional Logic Lecture 1 Foundations

CSE 311: Foundations of Computing I CSE Fall 2014 311 Lecture 1 Lecture 1 Lecture 1: Propositional Logic Lecture 1 Foundations of Computing I Fall 2014 Some Perspective About the Course We will study the theory needed for CSE: Computer

242 views • 7 slides
Proteomics Steven Meinhardt Lectures Lecture 1 Introduction review of proteins

Proteomics Steven Meinhardt Lectures Lecture 1 Introduction review of proteins

11/29/2012 Proteomics Steven Meinhardt Lectures Lecture 1 Introduction review of proteins Lecture 2 Gel Electrophoresis Lecture 3 Mass Spectrometry Lecture 4 Programs for MS analysis Lecture 5 MIAPE (Minimum

900 views • 8 slides
Multiphase Modelling in Cancer Helen Byrne Wolfson Centre for Mathematical Biology Mathematical

Multiphase Modelling in Cancer Helen Byrne Wolfson Centre for Mathematical Biology Mathematical

Lecture 1 Lecture 2 Lecture 3 Lecture 4 Multiphase Modelling in Cancer Helen Byrne Wolfson Centre for Mathematical Biology Mathematical Institute University of Oxford CRM, Barcelona, April 2018 Lecture 1 Lecture 2 Lecture 3 Lecture 4

1.79k views • 141 slides
Lecture 1: Neurons Lecture 2: Coding with spikes Lecture 3: Tuning curves and receptive fields

Lecture 1: Neurons Lecture 2: Coding with spikes Lecture 3: Tuning curves and receptive fields

Lecture 1: Neurons Lecture 2: Coding with spikes Lecture 3: Tuning curves and receptive fields Lecture 4: Population vectors To gain a basic understanding of how population vectors are constructed 4 credit students: First assignment is

584 views • 31 slides
Algorithms (2IL15) Lecture 10 NP-Completeness, II 1 TU/e Algorithms (2IL15) Lecture 10

Algorithms (2IL15) Lecture 10 NP-Completeness, II 1 TU/e Algorithms (2IL15) Lecture 10

TU/e Algorithms (2IL15) Lecture 10 Algorithms (2IL15) Lecture 10 NP-Completeness, II 1 TU/e Algorithms (2IL15) Lecture 10 Summary of previous lecture P: class of decision problems that can be solved in polynomial time NP:

496 views • 34 slides
Lecture 1: Bioinformatic Algorithms In this lecture Logistics of the course

Lecture 1: Bioinformatic Algorithms In this lecture Logistics of the course

Lecture 1: Bioinformatic Algorithms In this lecture Logistics of the course Introduction to basic biology which will continue in the following lecture Logistics of the Course Logistics About the Course Christina Boucher: (email)

546 views • 40 slides

More recommend