Docstoc

Smartphone Security

Document Sample
Smartphone Security Powered By Docstoc
					Institute for Applied Information Processing and Communications




                                       Smartphone Security

                                    Advanced Computer Networks

                                                December 15, 2010
                                                 Michael Gissing


  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                       1
Institute for Applied Information Processing and Communications




                                                         Outline
 •     Introduction
 •     System Architecture
 •     Market / App Store / …
 •     Communication
 •     Enterprise
 •     Research
 •     Conclusion
 •     Q&A




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                       2
Institute for Applied Information Processing and Communications




         INTRODUCTION


  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                       3
Institute for Applied Information Processing and Communications




                                               Recapitulation
 • New Threats
         • Attacks on the Smartphone
         • Attacks with the Smartphone


 • Smartphone Security
         •   Operating System
         •   AppStore and Applications
         •   Communication and Network
         •   Enterprise




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                       4
Institute for Applied Information Processing and Communications




         SYSTEM ARCHITECTURE


  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                       5
Institute for Applied Information Processing and Communications




                                                        Android




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                       6
Institute for Applied Information Processing and Communications




                                                     Measures
 •     Sandboxes
 •     Signed Code
 •     API Access
 •     Access to other applications / file system




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                       7
Institute for Applied Information Processing and Communications




                                             System Update
 • Release Cycles
 • Delta Update vs. Full Firmware
 • Jailbreakme patch
         • Community
         • Apple doesn„t support iPhone 1




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                       8
Institute for Applied Information Processing and Communications




                                                        Backup
 • Software
 • Local vs. Cloud
 • Encryption




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                       9
Institute for Applied Information Processing and Communications




         MARKET / APP STORE / …


  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      10
Institute for Applied Information Processing and Communications




                                                App Approval
 • Android Market
         • No approval


 • Apple App Store
         • Approval Process
         • http://developer.apple.com/appstore/guidelines.html
                • Available since September 2010




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      11
Institute for Applied Information Processing and Communications




                                            User Interaction
 • Grant Permissions
         • All shown?




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      12
Institute for Applied Information Processing and Communications




                                             Remote Wiping
 • Google removed 2 apps




 • Amazon Erases Orwell Books From Kindle




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      13
Institute for Applied Information Processing and Communications




                                                   App Rating
 • Google introduces App Rating
         •   All
         •   Pre-Teen
         •   Teen
         •   Mature




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      14
Institute for Applied Information Processing and Communications




         COMMUNICATION


  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      15
Institute for Applied Information Processing and Communications




                                             Communication
 • SSL?
 • Certificates?
 • Everything encrypted?

 • Man in the middle
         • Check certificates!




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      16
Institute for Applied Information Processing and Communications




         ENTERPRISE


  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      17
Institute for Applied Information Processing and Communications




                                                    Enterprise
 • Mobile Device Management
         •   Backup & Restore
         •   Update Over The Air
         •   Remote Lock & Wipe
         •   Mobile Tracking
         •   Policy & Provisioning
         •   Logging & Accounting




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      18
Institute for Applied Information Processing and Communications




         RESEARCH


  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      19
Institute for Applied Information Processing and Communications




                                      Android Permissions
 • Permissions
         • ACCESS_COARSE_LOCATION
                • Allows an application to access coarse (e.g., Cell-ID, WiFi) location
         • ACCESS_FINE_LOCATION
                • Allows an application to access fine (e.g., GPS) location
         • BRICK
                • Required to be able to disable the device (very dangerous!).



 • Permission based analysis
         • Smobilesystems
         • IAIK ;-)




  Michael Gissing                                                 15.12.2010     ACN – Smartphone Security
                                                                                                        20
Institute for Applied Information Processing and Communications



     An Android Application Sandbox system for
           suspicious software detection
 • Static Analysis
         • Like virus scanner


 • Dynamic Analysis
         • Run app in a sandbox




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      21
Institute for Applied Information Processing and Communications



       Applying Behavioral Detection on Android-
                   Based Devices
 • „Andromaly“
         • a behavioral-based detection framework for Android-powered mobile
           devices
 • Host-based Intrusion Detection System




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      22
Institute for Applied Information Processing and Communications




         CONCLUSION


  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      23
Institute for Applied Information Processing and Communications




         Q&A


  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      24
Institute for Applied Information Processing and Communications




         REFERENCES


  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      25
Institute for Applied Information Processing and Communications




                                                   References
 • "Threat Analysis of the Android Market"
   smobilesystems.com
 • Blasing, Thomas; Batyuk, Leonid; Schmidt, Aubrey-
   Derrick; Camtepe, Seyit Ahmet; Albayrak, Sahin; , "An
   Android Application Sandbox system for suspicious
   software detection," Malicious and Unwanted Software
   (MALWARE), 2010 5th International Conference on , vol.,
   no., pp.55-62, 19-20 Oct. 2010




  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      26
Institute for Applied Information Processing and Communications




                                                   References
 • Asaf Shabtai and Yuval Elovici
   “Applying Behavioral Detection on Android-Based
   Devices”
   Mobile Wireless Middleware, Operating Systems, and
   Applications
   Lecture Notes of the Institute for Computer Sciences,
   Social Informatics and Telecommunications Engineering,
   2010, Volume 48, Part 5, 235-249
 • http://www.heise.de/mobil/artikel/Sicherheit-von-Apps-fuer-
   Android-und-iPhone-1103681.html



  Michael Gissing                                                 15.12.2010   ACN – Smartphone Security
                                                                                                      27

				
DOCUMENT INFO