3. Security in Mind?
Android is a privilege-separated
operating system. Each application
runs through a unique Linux user ID.
No application has permission to
impact other applications.
Applications can‘t access the network
without prior consent
4. Security in Mind?
When installing an
application, the
user is requested
by the app
package installer
to grant
permission(s)
5. But!
Then, before or while running the
application, it is never checked again
by the user. If the permission was
granted, the app can then use the
desired features without prompting the
user – forever!
6. So
With clever social engineering the bad
guys convince the users to install a
„useful“ application, the user willingly
gives permission, and bingo – device
could be misused
8. Android Malware
• 10K: Middle of 2012!
• 100K: End of 2012!
http://blog.trendmicro.com/how-big-will-the-android-malware-threat-be-in-2012/
9.
10. Chris Di Bona from Google, November 2011:
”virus companies are playing on your fears to try to sell you bs protection
software for Android, RIM and IOS. They are charlatans and scammers. IF
you work for a company selling virus protection for android, rim or IOS
you should be ashamed of yourself.”
“The barriers to spreading such a program from phone to phone are large
and difficult enough to traverse when you have legitimate access to the
phone, but this isn’t independence day, a virus that might work on one
device won’t magically spread to the other.”
All the major vendors have app markets, and all the major vendors have
apps that do bad things, are discovered, and are dropped from the
markets.
16. ANDROIDOS_JIGENSHA.A
Impact Scope:
760,000 users' data leaked online in Japan
Malicious Behavior:
The malware collect User's contact list
includes phone number and names, then
sends them to a remote server.
21. Types of Threats
Spying Tools
Track user data like GPS
and send to a 3rd party
Rooter
Hacks phone to take
control
Premium Service
Secretly subscribes
user to paid services
Data Stealer
Steals personal
information
Malicious
Downloader
Downloads new apps
without user consent
Click Fraud
Triggers pay-per-click
activity on the device
25. Mobile App Reputation
• Mobile App Reputation is a cloud-based
technology that automatically identifies
mobile threats based on app behavior
– Crawl & collect huge number of Android apps
from various Android Markets
– Identifies existing and brand new mobile
malware
– Identifies apps that may abuse privacy / device
resources
– World’s first automatic mobile app evaluation
service
• Malware?
• Privacy Risk?
• High Resource
Consumption?
Mobile
App
Reputa<on
Apps
No
Issues
Issue
Iden<fied
26. Mobile App Reputation
Generates
reputation
scores and
detailed report
Collects Apps and
scans them in the
cloud
1.
Static Analysis:
Dissects app code
and private data
access.
2.
Correlates web
queries with Smart
Protection Network
3.
Dynamic Analysis:
Activates app to
analyze actual
behaviour
4.
27. Mobile Application Reputation Architecture
Data
Bus
/
Control
Bus
MSR
(Mobile
Sourcing)
MPAFI
(Mobile
PAFI)
MSA
(Mobile
StaDc
Analyzer)
MDA
(Mobile
Dynamic
Analyzer)
MSE
(Mobile
Scoring
Engine)
MDS
(Mobile
Data
Store)
SPN
(Smart
Protec<on
Network)
WRS/FRS
Correlate
Services
PAFI:
Pre-‐Analysis
File
Interscan
32. Developers!
• Ensure what public libraries do, before you use them!
• Corporate customers are very sensitive regarding Data
Leakage!
• CPU load and Battery impact plays a bigger and bigger
role in App selection!
• Quick and Dirty might not be the way to go for a
sustainable business!
• If you write Apps for a 3rd party, expect that the App will
be tested not only for functionality but also for potential
risks, negative impacts