Professional Documents
Culture Documents
MDD08 Security
MDD08 Security
1
All aps share the content providers, notification
system etc and need to be explicitly secured
Android Application Runtime: Android apps are most often written in the Java programming language and run in the Android runtime (ART).
However, many apps, including core Android services and apps, are native apps or include native libraries. Both ART and native apps run within
the same security environment, contained within the Application Sandbox. Apps get a dedicated part of the file system in whic h they can write
private data, including databases and raw files.
https://source.android.com/security
2
Here we can see the application runtime
using the shared space on the android
System to start new activities (screens)
3
4
4
Implicit intents do not name a specific component, but instead declare a general action to perform, which
allows a component from another app to handle it. For example, if you want to show the user a location on a
map, you can use an implicit intent to request that another capable app show a specified location on a map.
Explicit intents specify which application will satisfy the intent, by supplying either the target app's package
name or a fully-qualified component class name. You'll typically use an explicit intent to start a component in
your own app, because you know the class name of the activity or service you want to start. For example, you
might start a new activity within your app in response to a user action, or start a service to download a file in the
background.
5
6
6
7
7
8
9
10
10
+ MDD08 Security
08A Android Security
Architecture
08B App Permissions
08C Mobile Attacks
08D Usable Security
11
12
Normal/ Dangerous
Signature
12
13
13
14
https://developer.android.com/guide/topics/permissions/overview
14
+ MDD08 Security
08A Android Security
Architecture
08B App Permissions
08C Mobile Attacks
08D Usable Security
15
Intent Vulnerabilities
There are two main ways that the security of intents can be compromised:
• Intent interception involves a malicious app receiving an intent that was
not intended for it. This can cause a leak of sensitive information, but more
importantly it can result in the malicious component being activated
instead of the legitimate component. For example, if a malicious activity
intercepted an intent then it would appear on the screen instead of the
legitimate activity.
• Intent spoofing is an attack where a malicious application induces
undesired behavior by forging an intent.
16
“Cyber Defense company counted more than 4.18
million malicious Android apps in 2019. New
negative record value for Android malware: The
experts at G DATA CyberDefense counted more than
4.18 million malicious apps in 2019, with an
average of around 11,500 new Android malicious
apps appearing every day. The focus is on adware, in
order to access personal data and resell it.”
17
Melissa Densmore, UCT CSC2002S
18
19
https://www.itworldcanada.com/blog/understanding -android-malware-families-uamf-the-foundations-
article-1/441562
Melissa Densmore, UCT CSC2002S
19
20
20
+ 21
Sample Test
21
+ 22
CSC2002S
22
+ MDD08 Security
08A Android Security
Architecture
08B App Permissions
08C Mobile Attacks
08D Usable Security
23
24
Informative Permission Aim for SPAs
Rationales
Transparency Simplicity
24