Mobile Malware Evolution and the Android Security Model

redlemonbalmΚινητά – Ασύρματες Τεχνολογίες

10 Δεκ 2013 (πριν από 3 χρόνια και 8 μήνες)

167 εμφανίσεις

Mobile Malware Evolution and
theAndroidSecurity Model
Roland Schmitz
Hochschule der Medien Stuttgart
schmitz@hdm-stuttgart.de
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
Wheredo I come from?
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
-
Computer Science and Media (B. Sc.)
-
6 semestercourse
-
10 professors
-
Providea solid educationin computersciencewithapplicationsto media
technology
-
Mobile Media (B. Sc.)
-
newlyestablished7 semestercourse
-
3 professors(yetto becalled), closecooperationwithcomputerscience
and media
-
Providean interdisciplinaryeducationin thefieldof mobile media, witha
strongtechnologicalbackground
-
Computer Science and Media (M. Sc.)
-
Well established4 semestermastercourse
-
Qualifystudentsforprojectleaderormanagementpositions
-
Moreinfo: www.mi.hdm-stuttgart.de
StudyProgramsin theComputer
Science and Media Department
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
Agenda
-
Mobile Malware
-
Motivation
-
Factsand Figures
-
SomeHistory
-
TheAndroidBrowser Bug
-
AndroidSecurity Model
-
Overview
-
Key Features and Pitfalls
-
Evaluation
-
TheFuture?
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
WhyMobile Malware?
-
Growingcomplexityof smartphonesmakesthemmorevulnerable
thanin thepast
-
Oftenusersarenotawareof anydanger
-
Sensitive datastoredon Smartphones
-
„Always-On“makesspreadingof malware easier
-
User trackingpossibility, e.gbyusingGPS coordinates
-
Financial Motivation
-
Mobile Banking
-
Mobile Payment
-
Premium-Service Numbers
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
GrowingNumberof ReportedMobile
Malware (until2006)
Source: F-Secure.com
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
Mobile Malware
InfectionMechanisms
•User installand bluetootharebyfar themostimportant
infectionmechanisms
•Infectionvia bluetoothshowssamespreadingpatternas
biologicalviruses
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
AffectedPlatforms(by6/2009)
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
Mobile Malware:
TheBeginnings
-
June2004: Worm.SymbOS.Cabir.A
-
First reportedmobile malware
-
„Proofof concept“
-
Spreadsvia bluetooth, userhas to download and executecode
-
July2004: Virus.WinCE.Duts
-
First viruswrittenforWindows Mobile
-
Infectsexe-files
-
Needsuserapprovalforinfection
-
November 2004: Trojan.SymbOS.Skuller
-
Replacesprogramiconswithskulls
-
Infectionvia „warzedinstallers“
-
Usessecurity hole in Symbian
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
Mobile Malware:
Gettingserious
-
March2006: Trojan-Spy.SymbOS.Flexispy
-
Collectsinformationaboutcallsand SMS
-
First exampleof mobile spyware
-
May 2007: SymbOS.Viver.A
-
SendsMMS to premiumservicenumbers
-
First exampleof mobile malware withexplicitfinancialbackground
-
January2008:Trojan.iPhone.A
-
First reportedmalware foriPhone
-
Replaceslegitimateapplications
-
October2008: First AndroidPhonescommerciallyavailable
-
Thesamemonth, a firstvulnerabilityisreported…
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
TheAndroidBrowser Bug
-
Identifiedand exploitedbyCharles Miller, Mark Daniel and Jake
Honoroffof Independent Security Evaluatorsin October2008
-
Ifa uservisitsa malicioussite, theattackercanrunanycodewith
theprivilegesof theweb browserapplication.
-
Thus, theimpactof theattackislimitedto datathebrowserhas
accessto:
-
Cookies
-
Savedpasswords
-
Information putintoweb applications
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
AndroidComponentModel
-
Eachapplicationrunsas itsownUNIX uid
-
Sharingcanoccurthroughapplication-levelinteractions
-
Interactionsarebasedon components. Different componenttypes
are:
-
Activity
-
Service
-
ContentProvider
-
BroadcastReceiver
-
Targetcomponentsmaybein thesameordifferent applications
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
AndroidSecurity Model Overview
-
Androidfocuseson Inter ComponentCommunication(ICC)
-
TheAndroidmanifest fileallowsdevelopersto definean access
controlpolicy foraccessto components
-
Eachcomponentcanbeassignedan accesspermissionlabel
-
Eachapplicationrequestsa list of permissionlabels(fixedat install)
-
Android’ssecurity modelboilsdown to thefollowingpicture:
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
AndroidSecurity Key Features
-
Isolation
-
Eachapplicationrunsas itsownuid
-
uidsharingonlyifdeveloper‘ssignaturekeysarethesame
-
Code Signing
-
Eachapplicationmustbedigitallysigned
-
Self-signedcertificatesarepossible
-
Mandatory Access Control
-
Developersmaydefineaccesscontrolrulesto theircomponents
-
Sensitive systemresourcesareprotectedbypermissions
-
Permissionsarestaticallyassignedat installtime
-
Normalpermissionsareassignedper default
-
Dangerouspermissionsaregrantedbyuser
-
Signaturepermissionsaregrantedonlyto applicationssignedbythe
samedeveloperkey
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
AndroidSecurity Evaluation

Isolation bydifferent uidsper applicationisa majorsteptowards
limitingpotential damages

Basic MAC modeliseasyto understand

Networkand hardwareresourcesareprotectedbypermissions
-
Applicationsmustrequestthesepermissionsin theirmanifest
-
Makesiteasierto evaluatean application‘ssecurity
￿
Non-trivialsecurity decisionsareleftto theuser
￿
Possibilityto delegateactionsvia Pending Intentsmaycause
problems(„ConfusedDeputyProblem“)
￿
Code-Signingmightleadto a falsefeelingof trustat theuser‘sside
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
TheFuture?
-
Androidwill becomea majortargetformalware authors
-
Mobile Anti-Virus Solutionsarealreadyavailable
-
Androidsecurity modelseemsto bebetterdesignedthancompeting
operatingsystems
-
Developers must know and implement the security model at code level
-
currently focus is on platform version updates and features.
-
Users needto beinformedaboutsecurity risksand thepossible
impactof grantingaccesspermissions
-
Ifpossible, usersshouldberelievedfromhavingto takecritical
security decisions
Roland Schmitz, Mobile Malware Evolution and theAndroidSecurity Model, droidcon09, 4.11.09
Thanks for your attention!
Do you have any questions?