Android Security: Attacks and Defenses
Anmol Misra, Abhishek Dubey
Format: PDF / Kindle (mobi) / ePub
Android Security: Attacks and Defenses is for anyone interested in learning about the strengths and weaknesses of the Android platform from a security perspective. Starting with an introduction to Android OS architecture and application programming, it will help readers get up to speed on the basics of the Android platform and its security issues.
Explaining the Android security model and architecture, the book describes Android permissions, including Manifest permissions, to help readers analyze applications and understand permission requirements. It also rates the Android permissions based on security implications and covers JEB Decompiler.
The authors describe how to write Android bots in JAVA and how to use reversing tools to decompile any Android application. They also cover the Android file system, including import directories and files, so readers can perform basic forensic analysis on file system and SD cards. The book includes access to a wealth of resources on its website: www.androidinsecurity.com. It explains how to crack SecureApp.apk discussed in the text and also makes the application available on its site.
The book includes coverage of advanced topics such as reverse engineering and forensics, mobile device pen-testing methodology, malware analysis, secure coding, and hardening guidelines for Android. It also explains how to analyze security implications for Android mobile devices/applications and incorporate them into enterprise SDLC processes.
The book’s site includes a resource section where readers can access downloads for applications, tools created by users, and sample applications created by the authors under the Resource section. Readers can easily download the files and use them in conjunction with the text, wherever needed. Visit www.androidinsecurity.com for more information.
deﬁned here. Many applications choose to store sensitive information here, but it is not a good place because simple reverse-engineering techniques can divulge them AndroidManifest.xml Deﬁnes Android application components (activities, services, Broadcast Receivers), package information, permissions required by applications to interact with other applications as well as to access protected API calls, and permissions for other applications to interact with application components
Extras – any additional information that needs to be provided. These extra pieces of information are provided through android.os.Bundle. Through attributes, Intents allow the expression of operations and events. For example, an activity can pass on an Intent to the e-mail application to compose an application with an e-mail ID. Intents can be classified into two different types: explicit and implicit. Explicit Intents provide the component name (class name) that must be invoked through the
tag. Code Snippet 4 depicts a typical declaration of service in the Manifest file. The android:name attribute specifies a class name for the service. A service can be invoked by other applications if it has defined Intent-filters. 60 Android Security: Attacks and Defenses
classification categories outlined in Table 5.1: 1. Authentication Issues: Validates that user credentials are not being transmitted over unencrypted channel and if authentication mechanisms are in alignment with standard practices. 114 Android Security: Attacks and Defenses Figure 5.13(a) Figure 5.13 (a) Packet Capture of Yaaic Communication through Wireshark; (b) Analysis of Packets Captured through Wireshark 2. Access Controls: Validates that authenticated users can only access resources
used (e.g., file handling, etc.). This can result in performance issues but can also be available for malicious users/applications. 3. Error Handling: An application does not take in to account structure/ flow on a particular error and thus does not perform all housekeeping/ access control checks needed if a particular code path is executed. 4. Unsafe Java Native Interface (JNI) Calls: Since Android applications can call native code written in C through JNI, this exposes applications to