Embed Size (px)
Citation preview
Malware ImprovementsA Closer Look
1. Pranav Saini Department of Information Technology
BVCOE, New Delhi, India
2. Yogesh Madaan Department of Information Technology
BVCOE, New Delhi, India
ORGANIZATION OF PRESENTATION
1. Introduction
2. Android OS
3. Literature Review
4. Objectives of the Study
5. Research Findings & Conclusions
6. Future Scope & Challenges
7. References
INTRODUCTION
• The mobile phone market today performs very well. In many
countries, especially in Western Europe and North America, the
number of cell phone subscriptions exceeds the population count.
• According to the Gartner market research firm, smartphones
accounted for 66 percent of the total mobile phone market in 2014.
• Also, according to data collected by IDC, Android dominates the
smartphone OS market with a 76.6% share in 2014 and an average
market share of approx. 70% since 2012.
INTRODUCTION
•Every day, more users are using mobile devices to access services,
view data, and pursue personal/business interests. Moreover, many
of these devices are not controlled by the administrator, meaning that
sensitive data is not subject to the security and Data Loss Prevention
policies.
•To complicate matters, today’s mobile devices are not islands—
they are connected to an entire ecosystem of supporting cloud and
PC-based services. Many users directly synchronize their mobile
device with their home computer to back up key device settings and
data. In such scenarios, key assets may be stored in any number of
insecure locations.
INTRODUCTION
•In view of the above, we tried to review and suggest changes to the
security models of the Android OS, in order to understand the
impact it will have as its adoption grows within the world.
•The paper is mainly focussed on the Android platform,
development of various malwares for the platform, different attacks
possible and their effects and finally trying to provide a solution to
the increasing problems.
ANDROID OS•The remarkable history of Android started in 2005, when Google
acquired the 2003-founded start-up Android Inc. Until then, only little
was known about the young organization's work, whose main business
was developing software for mobile handsets.
•The Open Handset Alliance (a Google Initiative, 2007) announced the
development of Android, which featured a complete software platform for
mobile handsets including an operating system, middleware and key
mobile applications.
Android was the first mass-produced consumer-market open source
mobile platform that allowed developers to easily create applications and
users to readily install them.
ANDROID OS
FIG. 2.1 ANDROID ARCHITECTURE – SOFTWARE STACK
MALWARE CONCEPT
Malicious software ("malware") is designed specifically to target a mobile
device system, such as a tablet or smartphone to damage or disrupt the device.
Most mobile malware is designed to disable a mobile device, allow a malicious
user to remotely control the device or to steal personal information stored on
the device.
Among the mobile phones malware attacks, the Android smart phones are
largely targeted by the malware users and hackers. This is mainly due to the
reason that, Android applications market provides an open platform to all the
application. As Google is looking mainly for developing and selling Apps, they
are quite relaxed on the security aspects.
MALWARE CONCEPT – SOME EXAMPLES
A malware enters your phone when you download any malicious app into your
android phone. Most of the Android applications are vulnerable for any third
party intervention. Though the unauthorised third party access has been reported
earlier, you can still find increased malware attacks on the android phones.
Most dangerous Android malware attacks:
Fake Banking Apps: This lured the customers into entering their online account
login details.
DroidDream: It infected devices, breached the android security sandbox and
stole data.
AndroidOS fake player: It seems to be a media player and silently sends SMS to
premium SMS numbers.
MALWARE CONCEPT
In 2013 Android grew to a very large number: 87%. This was its share of the
global smartphone market then. It also grew to an even larger one: 97%. This
was Android’s share of global mobile malware.
Source: Forbes, 2014
LITERATURE REVIEWThe literature analysis carried here for almost a decade (from 2005 to 2014) from acclaimed researchers of international repute, is intended to serve the global Mobile Computing Community – Developers and Users alike - who need to take more informed decisions regarding Mobile Security and Risks associated with it.
1. Reinfelder, Lena, Zinaida Benenson, and Freya Gassmann compared Android and iPhone users according to their security and privacy awareness when handling apps. Based on an online survey conducted with over 700 German respondents (mostly university students) they found out that Android users seem to be more aware of the risks associated with the app usage than iPhone users.
2. Daniel Tse attempted to give feasible solutions to improve Android’s security model from the user’s awareness level as well as technical level.
LITERATURE REVIEW3. According to Ryan Farmer (Senior Resourcer and Consultant,
Acumin Consulting), there is no one-stop effective security measure that can be implemented on an Android device. He suggested that providing a suite of tools which can be installed on to a device, or offering an encrypted preloaded SD card, will ensure that exponential growth in mobile malware does not affect the organisation.
4. Research done by Yajin Zhou and Xuxian Jiang presented a systematic characterization of existing Android Malware. The results of this characterization of malware samples showed that (1) 86.0% of them repackage legitimate apps to include malicious payloads; (2) 36.7 contain platform-level exploits to escalate privelege; (3) 93.0% exhibit bot-like capability. Furthermore, evaluation with four existing mobile anti-virus software showed that the best case detects 79.6% of them the worst case detects only 20.2%.
OBJECTIVES OF THE STUDY
•To fill the research gaps and to sort out the emerging issues, the following
objectives are defined:
1. To increase awareness and basic knowledge about the standard
Android OS architecture and operation.
2. To identify the bottlenecks and loopholes in the Android Security
Model.
3. To analyse the development of botnets and malwares against the
current operating system and design its counterparts to defend system
from same types, in the coming future.
RESEARCH FINDINGS & CONCLUSIONS
1. On the basis of our study, we can easily conclude that Android security
majorly depends on the user awareness. If the users are aware of how
their smartphones can be attacked/broken into, they would perhaps
have a more guarded and preventive approach.
2. Although, due to the open source nature of this platform, persistence of
a malware for a longer time is much easier than that in other platforms.
Lack in implementation of security checks for an application even
being published on the Android Play Store makes it quite vulnerable.
3. We have analysed latest research to identify novel malware techniques
that can be expected to come into action in the foreseeable future.
4. We have also identified major system level enhancements for the
Android platform as well as novel countermeasures that can be used for
countering these advanced attacks.
RESEARCH FINDINGS & CONCLUSIONS
FUTURE SCOPES & CHALLENGES
This study will provide both developers and users alike, a deep insight into
the workings and shortcomings of the Android OS along with the following
points:
1. Restructuring/Modifying the Android Permissions Model : The
permissions model is based on permissions, which are constructs that
various APIs require calling apps to have before they will provide
certain services, can be seen as a preventive factor.
2. Alpha-testing of suspicious applications on the Android Play Store is
also an important issue to look into.
3. We hope to build a malware detection application in the coming future
based on these malware attacks.
REFERENCES
[1] YAJIN, Z., AND XUXIAN, J. Dissecting android malware:
Characterization and evolution. In Proceedings of the 33rd IEEE
Symposium on Security and Privacy (may 2012)..
[2] http://www.theinquirer.net/inquirer/news/2325812/androids-growth-to-
slow-following-record-capture-of-80-percent-market-share-in-2013
[3] Tse, Daniel, et al. "STRATEGIES IN IMPROVING ANDROID
SECURITY." (2014).
[4] http://androidprogramz.blogspot.in/2012/06/architecture-of-android-in-
order-to.html
[5]http://www.techotopia.com/index.php/
An_Overview_of_the_Android_Architecture
REFERENCES
[6]http://www.acumin.co.uk/download_files/WhitePaper/
android_white_paper_2.pdf
[7] Reinfelder, Lena, Zinaida Benenson, and Freya Gassmann. "Differences
between Android and iPhone Users in Their Security and Privacy Awareness.
"Trust, Privacy, and Security in Digital Business. Springer International
Publishing, 2014. 156-167.
[8] http://developer.android.com/tools/building/index.html
[9] http://www.symantec.com/connect/blogs/future-mobile-malware
[10] Gordon Kelly. “Report: 97% Of Mobile Malware Is On Android. This Is
The Easy Way You Stay Safe”. Forbes, 2013.
[11] Press Release, “Gartner Says Sales of Smartphones Grew 20 Percent in
Third Quarter of 2014.” Gartner, 2014.
THANK YOU
