SlideShare une entreprise Scribd logo

android Security

D
darkC0de

android Security

Technologie
1  sur  14
Télécharger pour lire hors ligne
Mohammed Alharbi
What is Android? •Android is a software stack for mobile devices that includes an operating system •Developed by Google and Open Handset Alliance ‘OHA’ •Android platform using the Java programming language •Largest market share ,more than Symbian and IOS
Application Components • Activities: An activity represents a single screen with a user interface. • Services: It is runs in the background . • Broadcast receivers: Responds to system-wide broadcast announcements. • Content providers: It is manages a shared set of application data.
Types of threats • Malware apps: The idea is to lure users into downloading a free or heavily discounted game, get them to launch it, and clandestinely install malware behind their back. • Drive-by exploits: The idea is to lure Android users to visit a website containing code that exploits a known weakness in a browser.
• Web Browser Vulnerability • available as of October 22, 2008. • Can affect any information browser have access on them. • GappII • The service runs behind the scene and monitors the status of current phone screen. • can be remotely controlled to install additional apps without user’s knowledge.
• UpdtKiller • Upload victims’ personal information and retrieve commands from a remote control and command (C&C) server. • Block antivirus software processes so that viruses can’t be detected. • UpdtBot • UpdtBot registers a remote Command and Control (C&C) server. • Can send text messages, make phone calls, and download and install apps.
Security Mechanism in Android Sandboxes Each application is associated with a different UID. Every application runs in its own Linux process. Each process runs on its own Java VM. Application’s directory is only available to the application.
Security Mechanism in Android Permissions • Any application needs explicit permissions to access the components of other applications. • These permissions are set by the package installer.
Security Mechanism in Android Signatures  Any Android application must be signed with a certificate whose private key is held by the developer.  Identify the code's author.  Detect if the application has changed.  Establish trust between applications.
How to protect ourselves • Download Apps Only from Trusted Sources • Always check app permissions. Whenever you download or update an app, you get a list of permissions for it. • Don't View Sensitive Information on Public Wi-Fi • Put a malware and antivirus scanner on your phone. • Protect Your Phone with a Password
Conclusion • Android has a unique security model, which focuses on putting the user in control of the device. • It is balance between security and usability.
Thank you ….

Recommandé

Android Security
Android SecurityAndroid Security
Android Security
Mehrnaz Amoon
 
Android security
Android securityAndroid security
Android security
Midhun P Gopi
 
Android Security
Android SecurityAndroid Security
Android Security
Suminda Gunawardhana
 
Analysis and research of system security based on android
Analysis and research of system security based on androidAnalysis and research of system security based on android
Analysis and research of system security based on android
Ravishankar Kumar
 
Android security
Android securityAndroid security
Android security
Mobile Rtpl
 
Android security in depth
Android security in depthAndroid security in depth
Android security in depth
Sander Alberink
 
Introduction to Android Development and Security
Introduction to Android Development and SecurityIntroduction to Android Development and Security
Introduction to Android Development and Security
Kelwin Yang
 
Sperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft talks: Android Security Threats
Sperasoft talks: Android Security Threats
Sperasoft
 

Recommandé

Android Security
Android SecurityAndroid Security
Android Security
Mehrnaz Amoon
 
Android security
Android securityAndroid security
Android security
Midhun P Gopi
 
Android Security
Android SecurityAndroid Security
Android Security
Suminda Gunawardhana
 
Analysis and research of system security based on android
Analysis and research of system security based on androidAnalysis and research of system security based on android
Analysis and research of system security based on android
Ravishankar Kumar
 
Android security
Android securityAndroid security
Android security
Mobile Rtpl
 
Android security in depth
Android security in depthAndroid security in depth
Android security in depth
Sander Alberink
 
Introduction to Android Development and Security
Introduction to Android Development and SecurityIntroduction to Android Development and Security
Introduction to Android Development and Security
Kelwin Yang
 
Sperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft talks: Android Security Threats
Sperasoft talks: Android Security Threats
Sperasoft
 
Android Security
Android SecurityAndroid Security
Android Security
Arqum Ahmad
 
Android Security
Android SecurityAndroid Security
Android Security
Lars Jacobs
 
Android sandbox
Android sandboxAndroid sandbox
Android sandbox
Anusha Chavan
 
Permission in Android Security: Threats and solution
Permission in Android Security: Threats and solutionPermission in Android Security: Threats and solution
Permission in Android Security: Threats and solution
Tandhy Simanjuntak
 
Understanding android security model
Understanding android security modelUnderstanding android security model
Understanding android security model
Pragati Rai
 
Android system security
Android system securityAndroid system security
Android system security
Chong-Kuan Chen
 
Android Security Overview and Safe Practices for Web-Based Android Applications
Android Security Overview and Safe Practices for Web-Based Android ApplicationsAndroid Security Overview and Safe Practices for Web-Based Android Applications
Android Security Overview and Safe Practices for Web-Based Android Applications
h4oxer
 
Android Device Hardening
Android Device HardeningAndroid Device Hardening
Android Device Hardening
anupriti
 
2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development 2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development
Cheng-Yi Yu
 
Deep Dive Into Android Security
Deep Dive Into Android SecurityDeep Dive Into Android Security
Deep Dive Into Android Security
Marakana Inc.
 
Brief Tour about Android Security
Brief Tour about Android SecurityBrief Tour about Android Security
Brief Tour about Android Security
National Cheng Kung University
 
Understanding Android Security
Understanding Android SecurityUnderstanding Android Security
Understanding Android Security
Asanka Dilruk
 
Stealing sensitive data from android phones the hacker way
Stealing sensitive data from android phones the hacker wayStealing sensitive data from android phones the hacker way
Stealing sensitive data from android phones the hacker way
n|u - The Open Security Community
 
Android Security - Common Security Pitfalls in Android Applications
Android Security - Common Security Pitfalls in Android ApplicationsAndroid Security - Common Security Pitfalls in Android Applications
Android Security - Common Security Pitfalls in Android Applications
BlrDroid
 
Смирнов Александр, Security in Android Application
Смирнов Александр, Security in Android ApplicationСмирнов Александр, Security in Android Application
Смирнов Александр, Security in Android Application
SECON
 
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthinkspa
 
Android Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon IndiaAndroid Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon India
Avinash Birnale
 
Mobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App SecurityMobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App Security
DevOps.com
 
Mobile security
Mobile securityMobile security
Mobile security
Stefaan
 
[Wroclaw #1] Android Security Workshop
[Wroclaw #1] Android Security Workshop[Wroclaw #1] Android Security Workshop
[Wroclaw #1] Android Security Workshop
OWASP
 
Emprola C.A. agrotrading revista digital
Emprola C.A. agrotrading revista digitalEmprola C.A. agrotrading revista digital
Emprola C.A. agrotrading revista digital
jmangulo100
 
What to expect from your msp email campaigns (slideshare)
What to expect from your msp email campaigns (slideshare)What to expect from your msp email campaigns (slideshare)
What to expect from your msp email campaigns (slideshare)
Presstacular
 

Contenu connexe

Tendances

Deep Dive Into Android Security
Deep Dive Into Android SecurityDeep Dive Into Android Security
Deep Dive Into Android Security
Marakana Inc.
 
Mobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App SecurityMobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App Security
DevOps.com
 

Tendances (20)

Android Security
Android SecurityAndroid Security
Android Security
 
Android Security
Android SecurityAndroid Security
Android Security
 
Android sandbox
Android sandboxAndroid sandbox
Android sandbox
 
Permission in Android Security: Threats and solution
Permission in Android Security: Threats and solutionPermission in Android Security: Threats and solution
Permission in Android Security: Threats and solution
 
Understanding android security model
Understanding android security modelUnderstanding android security model
Understanding android security model
 
Android system security
Android system securityAndroid system security
Android system security
 
Android Security Overview and Safe Practices for Web-Based Android Applications
Android Security Overview and Safe Practices for Web-Based Android ApplicationsAndroid Security Overview and Safe Practices for Web-Based Android Applications
Android Security Overview and Safe Practices for Web-Based Android Applications
 
Android Device Hardening
Android Device HardeningAndroid Device Hardening
Android Device Hardening
 
2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development 2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development
 
Deep Dive Into Android Security
Deep Dive Into Android SecurityDeep Dive Into Android Security
Deep Dive Into Android Security
 
Brief Tour about Android Security
Brief Tour about Android SecurityBrief Tour about Android Security
Brief Tour about Android Security
 
Understanding Android Security
Understanding Android SecurityUnderstanding Android Security
Understanding Android Security
 
Stealing sensitive data from android phones the hacker way
Stealing sensitive data from android phones the hacker wayStealing sensitive data from android phones the hacker way
Stealing sensitive data from android phones the hacker way
 
Android Security - Common Security Pitfalls in Android Applications
Android Security - Common Security Pitfalls in Android ApplicationsAndroid Security - Common Security Pitfalls in Android Applications
Android Security - Common Security Pitfalls in Android Applications
 
Смирнов Александр, Security in Android Application
Смирнов Александр, Security in Android ApplicationСмирнов Александр, Security in Android Application
Смирнов Александр, Security in Android Application
 
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
 
Android Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon IndiaAndroid Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon India
 
Mobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App SecurityMobile Threats and Trends Changing Mobile App Security
Mobile Threats and Trends Changing Mobile App Security
 
Mobile security
Mobile securityMobile security
Mobile security
 
[Wroclaw #1] Android Security Workshop
[Wroclaw #1] Android Security Workshop[Wroclaw #1] Android Security Workshop
[Wroclaw #1] Android Security Workshop
 

En vedette

Location Based Advertising 2015
Location Based Advertising 2015Location Based Advertising 2015
Location Based Advertising 2015
Nadia Z. Ismail
 
(ES) LH Euskadi 2015 Agenda Estrategikoa - Agenda estratégica FP Euskadi 2015
(ES) LH Euskadi 2015 Agenda Estrategikoa - Agenda estratégica FP Euskadi 2015(ES) LH Euskadi 2015 Agenda Estrategikoa - Agenda estratégica FP Euskadi 2015
(ES) LH Euskadi 2015 Agenda Estrategikoa - Agenda estratégica FP Euskadi 2015
Leire Hetel
 

En vedette (20)

Emprola C.A. agrotrading revista digital
Emprola C.A. agrotrading revista digitalEmprola C.A. agrotrading revista digital
Emprola C.A. agrotrading revista digital
 
What to expect from your msp email campaigns (slideshare)
What to expect from your msp email campaigns (slideshare)What to expect from your msp email campaigns (slideshare)
What to expect from your msp email campaigns (slideshare)
 
Location Based Advertising 2015
Location Based Advertising 2015Location Based Advertising 2015
Location Based Advertising 2015
 
(ES) LH Euskadi 2015 Agenda Estrategikoa - Agenda estratégica FP Euskadi 2015
(ES) LH Euskadi 2015 Agenda Estrategikoa - Agenda estratégica FP Euskadi 2015(ES) LH Euskadi 2015 Agenda Estrategikoa - Agenda estratégica FP Euskadi 2015
(ES) LH Euskadi 2015 Agenda Estrategikoa - Agenda estratégica FP Euskadi 2015
 
Mapa del software libre en España
Mapa del software libre en EspañaMapa del software libre en España
Mapa del software libre en España
 
Proyecto capacitacion mr en comunity manager best
Proyecto capacitacion mr en comunity manager best Proyecto capacitacion mr en comunity manager best
Proyecto capacitacion mr en comunity manager best
 
PMI Conference Traditional to Digital to Performance by Augustine Fou
PMI Conference Traditional to Digital to Performance by Augustine FouPMI Conference Traditional to Digital to Performance by Augustine Fou
PMI Conference Traditional to Digital to Performance by Augustine Fou
 
ARANDA COATED SOLUTIONS
ARANDA COATED SOLUTIONSARANDA COATED SOLUTIONS
ARANDA COATED SOLUTIONS
 
Inez miedema - no discount but partnerships
Inez miedema - no discount but partnershipsInez miedema - no discount but partnerships
Inez miedema - no discount but partnerships
 
Borkwalde-Mitte
Borkwalde-MitteBorkwalde-Mitte
Borkwalde-Mitte
 
Statistieken 2011 studenten.net platform
Statistieken 2011 studenten.net platformStatistieken 2011 studenten.net platform
Statistieken 2011 studenten.net platform
 
Fitline Greenfit Outdoor Fitness
Fitline Greenfit Outdoor FitnessFitline Greenfit Outdoor Fitness
Fitline Greenfit Outdoor Fitness
 
Wellness magazine detox
Wellness magazine detoxWellness magazine detox
Wellness magazine detox
 
21st CENTURY PORTUGUESE SURREALISM IN BERLIN
21st CENTURY PORTUGUESE SURREALISM IN BERLIN21st CENTURY PORTUGUESE SURREALISM IN BERLIN
21st CENTURY PORTUGUESE SURREALISM IN BERLIN
 
Un paseo por los nuevos cultivos
Un paseo por los nuevos cultivosUn paseo por los nuevos cultivos
Un paseo por los nuevos cultivos
 
Transforma un cuento
Transforma un cuentoTransforma un cuento
Transforma un cuento
 
MÁS TRABAJO DIGNO, SANO Y SEGURO PARA TODOS 10° Semana Argentina de la Salud ...
MÁS TRABAJO DIGNO, SANO Y SEGURO PARA TODOS 10° Semana Argentina de la Salud ...MÁS TRABAJO DIGNO, SANO Y SEGURO PARA TODOS 10° Semana Argentina de la Salud ...
MÁS TRABAJO DIGNO, SANO Y SEGURO PARA TODOS 10° Semana Argentina de la Salud ...
 
Anexo de tarea
Anexo de tareaAnexo de tarea
Anexo de tarea
 
Platinum e-Teach
Platinum e-TeachPlatinum e-Teach
Platinum e-Teach
 
EDM2015_lowres
EDM2015_lowresEDM2015_lowres
EDM2015_lowres
 

Similaire à android Security

Building a Mobile Security Program
Building a Mobile Security ProgramBuilding a Mobile Security Program
Building a Mobile Security Program
Denim Group
 
I haz you and pwn your maal
I haz you and pwn your maalI haz you and pwn your maal
I haz you and pwn your maal
Harsimran Walia
 
I haz you and pwn your maal whitepaper
I haz you and pwn your maal whitepaperI haz you and pwn your maal whitepaper
I haz you and pwn your maal whitepaper
Harsimran Walia
 
Building Custom Android Malware BruCON 2013
Building Custom Android Malware BruCON 2013Building Custom Android Malware BruCON 2013
Building Custom Android Malware BruCON 2013
Stephan Chenette
 
Security on android
Security on androidSecurity on android
Security on android
pk464312
 

Similaire à android Security (20)

Android security
Android securityAndroid security
Android security
 
Mobile security
Mobile securityMobile security
Mobile security
 
Mobile platform security models
Mobile platform security modelsMobile platform security models
Mobile platform security models
 
Building a Mobile Security Program
Building a Mobile Security ProgramBuilding a Mobile Security Program
Building a Mobile Security Program
 
I haz you and pwn your maal
I haz you and pwn your maalI haz you and pwn your maal
I haz you and pwn your maal
 
I haz you and pwn your maal
I haz you and pwn your maalI haz you and pwn your maal
I haz you and pwn your maal
 
Android Security Humla Part 1
Android Security Humla Part 1Android Security Humla Part 1
Android Security Humla Part 1
 
Android Seminar BY Suleman Khan.pdf
Android Seminar BY Suleman Khan.pdfAndroid Seminar BY Suleman Khan.pdf
Android Seminar BY Suleman Khan.pdf
 
I haz you and pwn your maal whitepaper
I haz you and pwn your maal whitepaperI haz you and pwn your maal whitepaper
I haz you and pwn your maal whitepaper
 
Android ppt
Android ppt Android ppt
Android ppt
 
Android Applications
Android ApplicationsAndroid Applications
Android Applications
 
Android ppt
Android pptAndroid ppt
Android ppt
 
Android App Developement
Android App DevelopementAndroid App Developement
Android App Developement
 
Android
AndroidAndroid
Android
 
Mobile Application Development powerpoint
Mobile Application Development powerpointMobile Application Development powerpoint
Mobile Application Development powerpoint
 
Hacking your Android (slides)
Hacking your Android (slides)Hacking your Android (slides)
Hacking your Android (slides)
 
How iOS and Android Handle Security Webinar
How iOS and Android Handle Security WebinarHow iOS and Android Handle Security Webinar
How iOS and Android Handle Security Webinar
 
Building Custom Android Malware BruCON 2013
Building Custom Android Malware BruCON 2013Building Custom Android Malware BruCON 2013
Building Custom Android Malware BruCON 2013
 
How to Test Security and Vulnerability of Your Android and iOS Apps
How to Test Security and Vulnerability of Your Android and iOS AppsHow to Test Security and Vulnerability of Your Android and iOS Apps
How to Test Security and Vulnerability of Your Android and iOS Apps
 
Security on android
Security on androidSecurity on android
Security on android
 

Dernier

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 

Dernier (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

android Security

  • 1.
  • 3. What is Android? •Android is a software stack for mobile devices that includes an operating system •Developed by Google and Open Handset Alliance ‘OHA’ •Android platform using the Java programming language •Largest market share ,more than Symbian and IOS
  • 4. Application Components • Activities: An activity represents a single screen with a user interface. • Services: It is runs in the background . • Broadcast receivers: Responds to system-wide broadcast announcements. • Content providers: It is manages a shared set of application data.
  • 5.
  • 6. Types of threats • Malware apps: The idea is to lure users into downloading a free or heavily discounted game, get them to launch it, and clandestinely install malware behind their back. • Drive-by exploits: The idea is to lure Android users to visit a website containing code that exploits a known weakness in a browser.
  • 7. • Web Browser Vulnerability • available as of October 22, 2008. • Can affect any information browser have access on them. • GappII • The service runs behind the scene and monitors the status of current phone screen. • can be remotely controlled to install additional apps without user’s knowledge.
  • 8. • UpdtKiller • Upload victims’ personal information and retrieve commands from a remote control and command (C&C) server. • Block antivirus software processes so that viruses can’t be detected. • UpdtBot • UpdtBot registers a remote Command and Control (C&C) server. • Can send text messages, make phone calls, and download and install apps.
  • 9. Security Mechanism in Android Sandboxes Each application is associated with a different UID. Every application runs in its own Linux process. Each process runs on its own Java VM. Application’s directory is only available to the application.
  • 10. Security Mechanism in Android Permissions • Any application needs explicit permissions to access the components of other applications. • These permissions are set by the package installer.
  • 11. Security Mechanism in Android Signatures  Any Android application must be signed with a certificate whose private key is held by the developer.  Identify the code's author.  Detect if the application has changed.  Establish trust between applications.
  • 12. How to protect ourselves • Download Apps Only from Trusted Sources • Always check app permissions. Whenever you download or update an app, you get a list of permissions for it. • Don't View Sensitive Information on Public Wi-Fi • Put a malware and antivirus scanner on your phone. • Protect Your Phone with a Password
  • 13. Conclusion • Android has a unique security model, which focuses on putting the user in control of the device. • It is balance between security and usability.