secure programming laboratory 5 android security
play

Secure Programming Laboratory 5: Android Security SP Demonstrators: - PowerPoint PPT Presentation

Secure Programming Laboratory 5: Android Security SP Demonstrators: Arthur Chan / David Aspinall 27th March 2019 Orientation This is the final Laboratory Session for Secure Programming It is convened by Arthur and David. The handout and other


  1. Secure Programming Laboratory 5: Android Security SP Demonstrators: Arthur Chan / David Aspinall 27th March 2019

  2. Orientation This is the final Laboratory Session for Secure Programming It is convened by Arthur and David. The handout and other resources are available online via the course web page.

  3. What is this lab about? Android Security ◮ Task 1 ~ 2 Introduction to adb and apktool ◮ Task 3 ~ 6 Repackaging Attack We are not teaching you how to code in Java or how to develop an Android App. The testing apk and most of the sample smali code are availabe online via the course web page. Optionally, you could write your own Java code and compile it to smali format to test the attack.

  4. What do we hope you will learn? ◮ Understanding the Android tools provided by Google ◮ Understanding the basic structure of an APK package ◮ Understanding the assembling and disassembling of APK package ◮ Understanding the certificate and package signing of APK package ◮ Understanding the security mesaures of Google Play for Android App

  5. Warning ◮ The things you are doing today make a live attack which could affect REAL ANDROID DEVICES . Keep it inside the virtual machine provided. ◮ Don’t plug in your Android Device to the host machine when you are doing the lab. ◮ It is illegal to distribute malicious repackaged app to anyone not aware. ◮ DO NOT PUBLISH, DISTRIBUTE OR SHARE YOUR MALICIOUS REPACKAGED APK

  6. Solutions and Checkpoints You do not need to submit a lab report to us, but please keep answers to the checkpoint questions for your own use, to check your understanding and when revising the material for the lab. Please do not post solutions on any forum. If solutions are distributed it will spoil the experience for other students using SEED labs around the world. During the lab we will provide individual help and guidance, and also make announcements during the lab with hints and tips. You can always discuss the checkpoint question or any materials with us during the lab section or through Piazza.

  7. Demonstration of configuring the Android VM ◮ We have provided a x86 version of Android Nougat VM for your lab exerices. ◮ We will demonstrate how to setup the Android VM for your testing. Please follow the guideline on the lab web page to install it if your come late.

  8. Good Luck! We hope you enjoy the lab.

Recommend


More recommend