On Lightweight Mobile Phone Application Certification
description
Transcript of On Lightweight Mobile Phone Application Certification
![Page 1: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/1.jpg)
William Enck, Machigar Ongtang, and Patrick McDaniel
![Page 2: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/2.jpg)
Mobile Phone Threats
CabirUsed on Symbian platformDid not exploit codeRepeatedly request file transfer via
Bluetooth
Other viruses more malicous
![Page 3: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/3.jpg)
Threat Down
Proof of ConceptNo damage doneProves that attack vector exists
DestructiveDelete dataMostly harmless
SpywareBugging the phone via software
![Page 4: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/4.jpg)
Threat Down II
Direct payoffCalling premium servicesDirectly generate revenue for attacker
Information ScavengersSteal user data like contacts
Ad-ware Botnet
Voice spam
![Page 5: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/5.jpg)
Why Kirin?
Android defines sets of permissions Permissions are static Certain combinations can be used
maliciously
![Page 6: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/6.jpg)
Security requirements engineering Three basic concepts
AssetsFunctional RequirementsSecurity Requirements
![Page 7: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/7.jpg)
Assets
Extracted from Android platformPermissionsIntentsComponents
Example: Microphone Input, call activity
![Page 8: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/8.jpg)
Functional Requirements
Descriptions of how Assets interact with rest of the system
Example:Redirecting international calls to calling card
numberRecording audio using MediaRecorder API
![Page 9: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/9.jpg)
Determine Assets Security Goals and Threats Consider things such as confidentiality,
integrity, and availability. How can functional requirements be
abusedThreat descriptions
![Page 10: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/10.jpg)
Develop Asset’s Security Requirements Define what combination of permissions
might be harmful Example:
Receive phone stateRecord audioAccess the Internet
![Page 11: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/11.jpg)
Determine Security Mechanisms Limited by PackageInstaller Permissions only set at install time Can’t set policies not defined in by
AndroidMonitoring how many SMS messages sent
during a set time period
![Page 12: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/12.jpg)
Kirin Rules
Dangerous combination of permissionsGPS + Internet + Start On BootInstall Shortcut + Uninstall ShortcutDebug
![Page 13: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/13.jpg)
Kirin Rule Syntax
KSL – Kirin Security Language
![Page 14: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/14.jpg)
Kirin Security Service
Three componentsService and ContentProvider that is a
database of rulesPatches to the PackageInstaller applicationActivity to manage the rules
![Page 15: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/15.jpg)
![Page 16: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/16.jpg)
![Page 17: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/17.jpg)
Evaluation
Assumed apps in market do not contain malware
Investigate further apps not passing security rules
Downloaded top 20 apps from each of the 16 categories, 311 total
![Page 18: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/18.jpg)
Empirical Results
12 failed to pass 3 failed Rule 2
Phone State + Record Audio + Internet
9 failed Rules 4 and 5Access {fine, coarse} location + Internet +
Receive Boot Complete
![Page 19: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/19.jpg)
![Page 20: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/20.jpg)
![Page 21: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/21.jpg)
Mitigating Malware
Only protects against complex attacks Useful in stopping some attacks like
SMS spam or information gathering No runtime logic
Limitation of Android, not Kirin
![Page 22: On Lightweight Mobile Phone Application Certification](https://reader035.fdocuments.net/reader035/viewer/2022062500/568159a1550346895dc6f3ef/html5/thumbnails/22.jpg)