Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
---|---|---|---|---|---|
Searching... | 30000010319087 | QA76.774.A53 M57 2013 | Open Access Book | Book | Searching... |
Searching... | 33000000010493 | QA76.774.A53 M57 2013 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
Android Security: Attacks and Defenses is for anyone interested in learning about the strengths and weaknesses of the Android platform from a security perspective. Starting with an introduction to Android OS architecture and application programming, it will help readers get up to speed on the basics of the Android platform and its security issues.
Explaining the Android security model and architecture, the book describes Android permissions, including Manifest permissions, to help readers analyze applications and understand permission requirements. It also rates the Android permissions based on security implications and covers JEB Decompiler.
The authors describe how to write Android bots in JAVA and how to use reversing tools to decompile any Android application. They also cover the Android file system, including import directories and files, so readers can perform basic forensic analysis on file system and SD cards. The book includes access to a wealth of resources on its website: www.androidinsecurity.com. It explains how to crack SecureApp.apk discussed in the text and also makes the application available on its site.
The book includes coverage of advanced topics such as reverse engineering and forensics, mobile device pen-testing methodology, malware analysis, secure coding, and hardening guidelines for Android. It also explains how to analyze security implications for Android mobile devices/applications and incorporate them into enterprise SDLC processes.
The book's site includes a resource section where readers can access downloads for applications, tools created by users, and sample applications created by the authors under the Resource section. Readers can easily download the files and use them in conjunction with the text, wherever needed. Visit www.androidinsecurity.com for more information.
Author Notes
Anmol Misra is a contributing author of the book Defending the Cloud: Waging War in Cyberspace (Infinity Publishing, December 2011). His expertise includes mobile and application security, vulnerability management, application and infrastructure security assessments, and security code reviews.
He is currently Program Manager of the Critical Business Security External (CBSE) team at Cisco. The CBSE team is part of the Information Security Team (InfoSec) at Cisco and is responsible for the security of Cisco's Cloud Hosted Services. Prior to joining Cisco, Anmol was a Senior Consultant with Ernst & Young LLP. In his role, he advised Fortune 500 clients on defining and improving Information Security programs and practices. He helped large corporations to reduce IT security risk and achieve regulatory compliance by improving their security posture.
Anmol holds a master's degree in Information Networking from Carnegie Mellon University. He also holds a Bachelor of Engineering degree in Computer Engineering. He served as Vice President of Alumni Relations for the Bay Area chapter of the Carnegie Mellon Alumni Association.In his free time, Anmol enjoys long walks on the beaches of San Francisco. He is a voracious reader of nonfiction books--especially, history and economics--and is an aspiring photographer.
Abhishek Dubey has a wide variety of experience in information security, including reverse engineering, malware analysis, and vulnerability detection. He is currently working as a Lead/Senior Engineer of the Security Services and Cloud Operations team at Cisco. Prior to joining Cisco, Abhishek was Senior Researcher in the Advanced Threat Research Group at Webroot Software.
Abhishek holds a master's degree in Information Security and Technology Management from Carnegie Mellon University and also holds a B.Tech degree in Computer Science and Engineering. He is currently pursuing studies in
Table of Contents
Dedication | p. v |
Foreword | p. xiii |
Preface | p. xv |
About the Authors | p. xvii |
Acknowledgments | p. xix |
Chapter 1 Introduction | p. 1 |
1.1 Why Android | p. 1 |
1.2 Evolution of Mobile Threats | p. 5 |
1.3 Android Overview | p. 11 |
1.4 Android Marketplaces | p. 13 |
1.5 Summary | p. 15 |
Chapter 2 Android Architecture | p. 17 |
2.1 Android Architecture Overview | p. 17 |
2.1.1 Linux Kernel | p. 18 |
2.1.2 Libraries | p. 25 |
2.1.3 Android Runtime | p. 26 |
2.1.4 Application Framework | p. 26 |
2.1.5 Applications | p. 27 |
2.2 Android Start Up and Zygote | p. 28 |
2.3 Android SDK and Tools | p. 28 |
2.3.1 Downloading and Installing the Android SDK | p. 29 |
2.3.2 Developing with Eclipse and ADT | p. 31 |
2.3.3 Android Tools | p. 31 |
2.3.4 ddms | p. 34 |
2.3.5 adb | p. 35 |
2.3.6 ProGuard | p. 35 |
2.4 Anatomy of the "Hello World" Application | p. 39 |
2.4.1 Understanding Hello World | p. 39 |
2.5 Summary | p. 43 |
Chapter 3 Android Application Architecture | p. 47 |
3.1 Application Components | p. 47 |
3.1.1 Activities | p. 48 |
3.1.2 Intents | p. 51 |
3.1.3 Broadcast Receivers | p. 57 |
3.1.4 Services | p. 58 |
3.1.5 Content Providers | p. 60 |
3.2 Activity Lifecycles | p. 61 |
3.3 Summary | p. 70 |
Chapter 4 Android (in)Security | p. 71 |
4.1 Android Security Model | p. 71 |
4.2 Permission Enforcement-Linux | p. 72 |
4.3 Android's Manifest Permissions | p. 75 |
4.3.1 Requesting Permissions | p. 76 |
4.3.2 Putting It All Together | p. 79 |
4.4 Mobile Security Issues | p. 86 |
4.4.1 Device | p. 86 |
4.4.2 Patching | p. 86 |
4.4.3 External Storage | p. 87 |
4.4.4 Keyboards | p. 87 |
4.4.5 Data Privacy | p. 87 |
4.4.6 Application Security | p. 87 |
4.4.7 Legacy Code | p. 88 |
4.5 Recent Android Attacks-A Walkthrough | p. 88 |
4.5.1 Analysis of DroidDream Variant | p. 88 |
4.5.2 Analysis of Zsone | p. 90 |
4.5.3 Analysis of Zitmo Trojan | p. 91 |
4.6 Summary | p. 93 |
Chapter 5 Pen Testing Android | p. 97 |
5.1 Penetration Testing Methodology | p. 97 |
5.1.1 External Penetration Test | p. 98 |
5.1.2 Internal Penetration Test | p. 98 |
5.1.3 Penetration Test Methodologies | p. 99 |
5.1.4 Static Analysis | p. 99 |
5.1.5 Steps to Pen Test Android OS and Devices | p. 100 |
5.2 Tools for Penetration Testing Android | p. 100 |
5.2.1 Nmap | p. 100 |
5.2.2 BusyBox | p. 101 |
5.2.3 Wireshark | p. 103 |
5.2.4 Vulnerabilities in the Android OS | p. 103 |
5.3 Penetration Testing-Android Applications | p. 106 |
5.3.1 Android Applications | p. 106 |
5.3.2 Application Security | p. 113 |
5.4 Miscellaneous Issues | p. 117 |
5.5 Summary | p. 118 |
Chapter 6 Reverse Engineering Android Applications | p. 119 |
6.1 Introduction | p. 119 |
6.2 What is Malware? | p. 121 |
6.3 Identifying Android Malware | p. 122 |
6.4 Reverse Engineering Methodology for Android Applications | p. 123 |
6.5 Summary | p. 144 |
Chapter 7 Modifying the Behavior of Android Applications without Source Code | p. 147 |
7.1 Introduction | p. 147 |
7.1.1 To Add Malicious Behavior | p. 148 |
7.1.2 To Eliminate Malicious Behavior | p. 148 |
7.1.3 To Bypass Intended Functionality | p. 148 |
7.2 DEX File Format | p. 148 |
7.3 Case Study: Modifying the Behavior of an Application | p. 150 |
7.4 Real World Example 1-Google Wallet Vulnerability | p. 161 |
7.5 Real World Example 2-Skype Vulnerability (CVE-2011-1717) | p. 162 |
7.6 Defensive Strategies | p. 163 |
7.6.1 Perform Code Obfuscation | p. 163 |
7.6.2 Perform Server Side Processing | p. 167 |
7.6.3 Perform Iterative Hashing and Use Salt | p. 167 |
7.6.4 Choose the Right Location for Sensitive Information | p. 167 |
7.6.5 Cryptography | p. 168 |
7.6.6 Conclusion | p. 168 |
7.7 Summary | p. 168 |
Chapter 8 Hacking Android | p. 169 |
8.1 Introduction | p. 169 |
8.2 Android File System | p. 170 |
8.2.1 Mount Points | p. 170 |
8.2.2 File Systems | p. 170 |
8.2.3 Directory Structure | p. 170 |
8.3 Android Application Data | p. 173 |
8.3.1 Storage Options | p. 173 |
8.3.2 /data/data | p. 176 |
8.4 Rooting Android Devices | p. 178 |
8.5 Imaging Android | p. 181 |
8.6 Accessing Application Databases | p. 183 |
8.7 Extracting Data from Android Devices | p. 187 |
8.8 Summary | p. 187 |
Chapter 9 Securing Android for the Enterprise Environment | p. 193 |
9.1 Android in Enterprise | p. 193 |
9.1.1 Security Concerns for Android in Enterprise | p. 193 |
9.1.2 End-User Awareness | p. 197 |
9.1.3 Compliance/Audit Considerations | p. 197 |
9.1.4 Recommended Security Practices for Mobile Devices | p. 198 |
9.2 Hardening Android | p. 199 |
9.2.1 Deploying Android Securely | p. 199 |
9.2.2 Device Administration | p. 208 |
9.3 Summary | p. 211 |
Chapter 10 Browser Security and Future Threat Landscape | p. 213 |
10.1 Mobile HTML Security | p. 213 |
10.1.1 Cross-Site Scripting | p. 216 |
10.1.2 SQL Injection | p. 217 |
10.1.3 Cross-Site Request Forgery | p. 217 |
10.1.4 Phishing | p. 217 |
10.2 Mobile Browser Security | p. 218 |
10.2.1 Browser Vulnerabilities | p. 218 |
10.3 The Future Landscape | p. 220 |
10.3.1 The Phone as a Spying/Tracking Device | p. 220 |
10.3.2 Controlling Corporate Networks and Other Devices through Mobile Devices | p. 221 |
10.3.3 Mobile Wallets and NFC | p. 221 |
10.4 Summary | p. 222 |
Appendix A p. 223 | |
Appendix B p. 233 | |
B.1 Views | p. 233 |
B.2 Code Views | p. 235 |
B.3 Keyboard Shortcuts | p. 236 |
B.4 Options | p. 236 |
Appendix C p. 239 | |
Glossary | p. 241 |
Index | p. 251 |