Presentation ByDeepak Katta

Android Privacy

Outline Introduction

Android Vs IoS

Privacy Issues

Spyware for Android

Samples of Spyware for Android

Attack Scenarios

Recommendations

References

IntroductionWhat is Privacy?

Should not use or disclose one’s private information without permission.

Introduction Now a days phones are having more features

similar to computer called smart phones.

With Smart Phone, we can: Text Instant Message Browse Internet Store and Share any type of Data Social Networking Can download any App Instantly and use it. And many more.

Smart phones are becoming hosts for sensitive data

IntroductionThese are the various Mobile Operating Systems

for Smart Phones:• IoS• Android• Windows• Symbian• Research in Motion (RiM – Blackberry)

Most of the smart phone users are going for either IoS or Android.

IntroductionGenerally, Attacker inject malicious code into

targeted smart phone and extract private and sensitive information.

Intrusion Detection System (IDS) is used to find such attacks but only known malwares can be found.

According to Charlie Miller, both Android and IoS provide Public Market like Android Market and App Store but they take different approaches to limit malicious Apps.

Code Signing: Android App Developers can use Self – Signing code on Android Apps.

App Source: Can download App from anywhere not only from market.

Removed App: Crowd Sourcing, Publish directly to market if more users complain delete from market and devices remotely.

Sandbox: Sandboxing is App Specific.

Code Signing: IoS App Developers must use code signing which is proposed from Apple.

App Source: Can be downloaded only from App Store.

Removed App: Reviewer committee checks the App before publishing and if any malicious found they will remove App.

Sandbox: All Apps have same access permissions.

Android Vs IoSMalicious users can develop Android Apps easily

because very little limits are imposed on Android App Development.

Another point is High Convenient makes low – security.

For this reason Android Privacy is serious concern.

Privacy IssuesIdentifiers Disclosure

Four Smart Phone Identifiers Phone Number International Mobile Equipment Identity (IMEI) International Mobile Subscriber Identity (IMSI) SIM Card Serial Number

Can Track the phone and Misuse the IMEI

SMS Misuse Basic functionality in smart phones. Authentication may be misused. Can send SMS to any number.

Privacy IssuesLocation Leakage

Most private information. Many Apps ask for location access like Maps and location

based searches.

Browser History Browsing history, cookies and passwords.

Root Exploits Jail Break Both Malicious user and Authorized user can use. Malicious user to gain root access of system. Authorized user for customizing their phone according to

their interest.

Spyware for AndroidAndroid OS is built upon the Linux Kernel and

supports most of its functionalities.

Android security mechanisms are based on Linux system.

Software Development for Android needs:Software Development Kit (SDK) – Tools for

developing programs.Emulator – To implement and test smart phone

App on computer. IDE – Allows users to run, compile and debug App.

Spyware for AndroidSpyware: Software or an App that can extract

user’s private information without any authentication.

Spyware silently extract user’s data and upload it to remote server.

We use only Android API to develop Spyware.

To reach Android Market Spyware can wilfully use self – signed APIs.

Samples of Spyware for Android

Phone Information Disclosure: getContentResolver ( ) – Returns ContentResolver

instance for user application package. getColumnIndex(String columnName) – to get index

of the given column getCount ( ) – Gives how many items are in Data Set.

Samples of Spyware for Android

Samples of Spyware for Android

Call log:Use API android.provider.CallLog.Calls which can

extract all details regarding call log.

Samples of Spyware for Android

Acquirement of E-mail:We use getAccount and getAccountsByType which

can list all types of accounts on the device.

Samples of Spyware for Android

Location Leakage:We use LocationManager class to extract location

informaion

Samples of Spyware for Android

Browsed HistoryWe use getAllVisitedUrls(ContentResover cr) which

returns the list of visited URLs.

Attack ScenariosSpyware can be developed and extract the

personal information of user.

IMEI can be misused.

Location Leakage of Celebrities is serious issue.

Blackmailing for money can be possible.

Anyone may use personal information for malicious activity.

RecommendationsFor Android:

Not to use crowd sourcing, replace it with source code examination and reviewer’s comments.

For Consumers:Often clean history records and sensitive data.Don’t download Apps from unauthorized sources.Use Anti Virus Software.

ReferencesANDROID PRIVACY by TE – EN WEI, ALBERT B.

JENG, HAHN-MING LEE, CHIH-HOW CHEN,CHIN-WEI TIEN.

Charlie Miller, “Mobile Attacks and Defense,” IEEE Security and Privacy.

Security in Computing 4/e by Charles P. Pfleeger.

All Images used in presentation are downloaded from Google images.