Cover image for Android security : attacks and defenses
Title:
Android security : attacks and defenses
Personal Author:
Publication Information:
Boca Raton : Taylor & Francis, 2013
Physical Description:
xx, 255 p. : ill. ; 25 cm.
ISBN:
9781439896464
Added Author:

Available:*

Library
Item Barcode
Call Number
Material Type
Item Category 1
Status
Searching...
30000010319087 QA76.774.A53 M57 2013 Open Access Book Book
Searching...
Searching...
33000000010493 QA76.774.A53 M57 2013 Open Access Book Book
Searching...

On Order

Summary

Summary

Android Security: Attacks and Defenses is for anyone interested in learning about the strengths and weaknesses of the Android platform from a security perspective. Starting with an introduction to Android OS architecture and application programming, it will help readers get up to speed on the basics of the Android platform and its security issues.

Explaining the Android security model and architecture, the book describes Android permissions, including Manifest permissions, to help readers analyze applications and understand permission requirements. It also rates the Android permissions based on security implications and covers JEB Decompiler.

The authors describe how to write Android bots in JAVA and how to use reversing tools to decompile any Android application. They also cover the Android file system, including import directories and files, so readers can perform basic forensic analysis on file system and SD cards. The book includes access to a wealth of resources on its website: www.androidinsecurity.com. It explains how to crack SecureApp.apk discussed in the text and also makes the application available on its site.

The book includes coverage of advanced topics such as reverse engineering and forensics, mobile device pen-testing methodology, malware analysis, secure coding, and hardening guidelines for Android. It also explains how to analyze security implications for Android mobile devices/applications and incorporate them into enterprise SDLC processes.

The book's site includes a resource section where readers can access downloads for applications, tools created by users, and sample applications created by the authors under the Resource section. Readers can easily download the files and use them in conjunction with the text, wherever needed. Visit www.androidinsecurity.com for more information.


Author Notes

Anmol Misra is a contributing author of the book Defending the Cloud: Waging War in Cyberspace (Infinity Publishing, December 2011). His expertise includes mobile and application security, vulnerability management, application and infrastructure security assessments, and security code reviews.

He is currently Program Manager of the Critical Business Security External (CBSE) team at Cisco. The CBSE team is part of the Information Security Team (InfoSec) at Cisco and is responsible for the security of Cisco's Cloud Hosted Services. Prior to joining Cisco, Anmol was a Senior Consultant with Ernst & Young LLP. In his role, he advised Fortune 500 clients on defining and improving Information Security programs and practices. He helped large corporations to reduce IT security risk and achieve regulatory compliance by improving their security posture.

Anmol holds a master's degree in Information Networking from Carnegie Mellon University. He also holds a Bachelor of Engineering degree in Computer Engineering. He served as Vice President of Alumni Relations for the Bay Area chapter of the Carnegie Mellon Alumni Association.In his free time, Anmol enjoys long walks on the beaches of San Francisco. He is a voracious reader of nonfiction books--especially, history and economics--and is an aspiring photographer.

Abhishek Dubey has a wide variety of experience in information security, including reverse engineering, malware analysis, and vulnerability detection. He is currently working as a Lead/Senior Engineer of the Security Services and Cloud Operations team at Cisco. Prior to joining Cisco, Abhishek was Senior Researcher in the Advanced Threat Research Group at Webroot Software.

Abhishek holds a master's degree in Information Security and Technology Management from Carnegie Mellon University and also holds a B.Tech degree in Computer Science and Engineering. He is currently pursuing studies in


Table of Contents

Dedicationp. v
Forewordp. xiii
Prefacep. xv
About the Authorsp. xvii
Acknowledgmentsp. xix
Chapter 1 Introductionp. 1
1.1 Why Androidp. 1
1.2 Evolution of Mobile Threatsp. 5
1.3 Android Overviewp. 11
1.4 Android Marketplacesp. 13
1.5 Summaryp. 15
Chapter 2 Android Architecturep. 17
2.1 Android Architecture Overviewp. 17
2.1.1 Linux Kernelp. 18
2.1.2 Librariesp. 25
2.1.3 Android Runtimep. 26
2.1.4 Application Frameworkp. 26
2.1.5 Applicationsp. 27
2.2 Android Start Up and Zygotep. 28
2.3 Android SDK and Toolsp. 28
2.3.1 Downloading and Installing the Android SDKp. 29
2.3.2 Developing with Eclipse and ADTp. 31
2.3.3 Android Toolsp. 31
2.3.4 ddmsp. 34
2.3.5 adbp. 35
2.3.6 ProGuardp. 35
2.4 Anatomy of the "Hello World" Applicationp. 39
2.4.1 Understanding Hello Worldp. 39
2.5 Summaryp. 43
Chapter 3 Android Application Architecturep. 47
3.1 Application Componentsp. 47
3.1.1 Activitiesp. 48
3.1.2 Intentsp. 51
3.1.3 Broadcast Receiversp. 57
3.1.4 Servicesp. 58
3.1.5 Content Providersp. 60
3.2 Activity Lifecyclesp. 61
3.3 Summaryp. 70
Chapter 4 Android (in)Securityp. 71
4.1 Android Security Modelp. 71
4.2 Permission Enforcement-Linuxp. 72
4.3 Android's Manifest Permissionsp. 75
4.3.1 Requesting Permissionsp. 76
4.3.2 Putting It All Togetherp. 79
4.4 Mobile Security Issuesp. 86
4.4.1 Devicep. 86
4.4.2 Patchingp. 86
4.4.3 External Storagep. 87
4.4.4 Keyboardsp. 87
4.4.5 Data Privacyp. 87
4.4.6 Application Securityp. 87
4.4.7 Legacy Codep. 88
4.5 Recent Android Attacks-A Walkthroughp. 88
4.5.1 Analysis of DroidDream Variantp. 88
4.5.2 Analysis of Zsonep. 90
4.5.3 Analysis of Zitmo Trojanp. 91
4.6 Summaryp. 93
Chapter 5 Pen Testing Androidp. 97
5.1 Penetration Testing Methodologyp. 97
5.1.1 External Penetration Testp. 98
5.1.2 Internal Penetration Testp. 98
5.1.3 Penetration Test Methodologiesp. 99
5.1.4 Static Analysisp. 99
5.1.5 Steps to Pen Test Android OS and Devicesp. 100
5.2 Tools for Penetration Testing Androidp. 100
5.2.1 Nmapp. 100
5.2.2 BusyBoxp. 101
5.2.3 Wiresharkp. 103
5.2.4 Vulnerabilities in the Android OSp. 103
5.3 Penetration Testing-Android Applicationsp. 106
5.3.1 Android Applicationsp. 106
5.3.2 Application Securityp. 113
5.4 Miscellaneous Issuesp. 117
5.5 Summaryp. 118
Chapter 6 Reverse Engineering Android Applicationsp. 119
6.1 Introductionp. 119
6.2 What is Malware?p. 121
6.3 Identifying Android Malwarep. 122
6.4 Reverse Engineering Methodology for Android Applicationsp. 123
6.5 Summaryp. 144
Chapter 7 Modifying the Behavior of Android Applications without Source Codep. 147
7.1 Introductionp. 147
7.1.1 To Add Malicious Behaviorp. 148
7.1.2 To Eliminate Malicious Behaviorp. 148
7.1.3 To Bypass Intended Functionalityp. 148
7.2 DEX File Formatp. 148
7.3 Case Study: Modifying the Behavior of an Applicationp. 150
7.4 Real World Example 1-Google Wallet Vulnerabilityp. 161
7.5 Real World Example 2-Skype Vulnerability (CVE-2011-1717)p. 162
7.6 Defensive Strategiesp. 163
7.6.1 Perform Code Obfuscationp. 163
7.6.2 Perform Server Side Processingp. 167
7.6.3 Perform Iterative Hashing and Use Saltp. 167
7.6.4 Choose the Right Location for Sensitive Informationp. 167
7.6.5 Cryptographyp. 168
7.6.6 Conclusionp. 168
7.7 Summaryp. 168
Chapter 8 Hacking Androidp. 169
8.1 Introductionp. 169
8.2 Android File Systemp. 170
8.2.1 Mount Pointsp. 170
8.2.2 File Systemsp. 170
8.2.3 Directory Structurep. 170
8.3 Android Application Datap. 173
8.3.1 Storage Optionsp. 173
8.3.2 /data/datap. 176
8.4 Rooting Android Devicesp. 178
8.5 Imaging Androidp. 181
8.6 Accessing Application Databasesp. 183
8.7 Extracting Data from Android Devicesp. 187
8.8 Summaryp. 187
Chapter 9 Securing Android for the Enterprise Environmentp. 193
9.1 Android in Enterprisep. 193
9.1.1 Security Concerns for Android in Enterprisep. 193
9.1.2 End-User Awarenessp. 197
9.1.3 Compliance/Audit Considerationsp. 197
9.1.4 Recommended Security Practices for Mobile Devicesp. 198
9.2 Hardening Androidp. 199
9.2.1 Deploying Android Securelyp. 199
9.2.2 Device Administrationp. 208
9.3 Summaryp. 211
Chapter 10 Browser Security and Future Threat Landscapep. 213
10.1 Mobile HTML Securityp. 213
10.1.1 Cross-Site Scriptingp. 216
10.1.2 SQL Injectionp. 217
10.1.3 Cross-Site Request Forgeryp. 217
10.1.4 Phishingp. 217
10.2 Mobile Browser Securityp. 218
10.2.1 Browser Vulnerabilitiesp. 218
10.3 The Future Landscapep. 220
10.3.1 The Phone as a Spying/Tracking Devicep. 220
10.3.2 Controlling Corporate Networks and Other Devices through Mobile Devicesp. 221
10.3.3 Mobile Wallets and NFCp. 221
10.4 Summaryp. 222
Appendix A

p. 223

Appendix B

p. 233

B.1 Viewsp. 233
B.2 Code Viewsp. 235
B.3 Keyboard Shortcutsp. 236
B.4 Optionsp. 236
Appendix C

p. 239

Glossaryp. 241
Indexp. 251