SECURING BUSINESS DATA ON ANDROID PLATFORM

ADB Proxy for Mobile virtualization technology

INTRODUCTION

We live in the smart device era, people start use the smart device (phones and tablets) as the main computing device in daily basis. This revolution in technologies affects every computing system and shows the need of new systems architectures such as cloud computing and requires new security models to protect the users’ data. Android is one of the leading platforms adopted by smart phones industry and it has 87% of the current used smart phones in the world (87). In fact, by the end of 2014 Android applications store “Google Play” has more than 850,000 applications with more than 40 billion download (52). Therefore, our research project focuses on Android platform. The wide use of smart phones encourages organizations and companies to adopt them in their enterprise solutions and to access their intra-networks. In fact smart phones have many benefits that could help improve enterprise solutions, such as mobility which allow immediate access to customer’s data or feed the decision makers with real time information or provide quick feedback response. Therefore mobility can improve operational effectiveness and visibility across value chain, reducing operational cost of an organization, and enhancing decision making. However, when organizations start integrating smart phones to their enterprise solutions, they face many management and security challenges. First, the diversity of smartphone platforms is challenging the portability of the solution on various devices, especially for “bring your own device” BYOD approaches. Second, the mobility characterizing of smart phones make them easy to stolen which make organization data confidentiality under risk. Third the increasing number of mobile applications vulnerabilities discovered makes the mobile enterprise solution under high potential security risks. Indeed, the popularity of Android has attracted the attention of hackers and malware developers who spent double efforts to take advantage of smartphones vulnerabilities. In addition, the large users’ community offered excellent opportunities for social engineering attacks.

 Android Security

The Android platform uses the sandbox mechanism (9) to isolate applications and processes.
The sandbox refer to mechanism by which applications run with their own set of user and group identifiers (UID and GID, respectively). The constrained manner in which applications execute make it impossible for one application to read or write data from another. To facilitate information sharing and interprocess communication among applications and processes Android platform has a set of uses-permission (6) to allows applications gain access to the system resources. Furthermore, any application can declare and enforce permissions to share its modules with other applications (13). The application’s enforcing permissions and usespermission should be declared in the application’s Manifest file (2). The application Manifest file contains essential information about the application and it is written in XML format with predefined tags. During the application installation process, a prompt dialog contains the application’s required permissions (uses-permission and enforce permissions) will appear to the smart device user, and the user should accept or reject the application installation. After application’s installation, there is no possibility to modify or change the granted permissions to the application.

 Application Surface view

Each application window on the Android platform has its own surface view (51), which holds the pixel data that are being composited to the screen. The displayed screen holds many applications’ surfaces, like the foreground application activity, the status bar and the navigation bar.
All these application surfaces are managed and displayed on the screen by the surface flinger service.

 Surface Flinger service

The surface flinger (50) is a wide composition engine that runs as a daemon system service on the Android platform to perform the main following functions: 1) Composite multiple surfaces in a single frame buffer 2) Pass the composite frame buffer to one or more displays 3) Manage and synthesize the composite buffer allocation and data. When an application comes to the foreground; the surface flinger communicates with the window manager (40) service to receive the window status (visibility, z-order) and communicate with the activity manager (35) service to receive the foreground activity status.

SE-PERSONA : SECURE ENHANCEMENT CONTAINERS ON MOBILE PLATFORM

Many companies and organizations are trying to adapt Bring Your Own Device BYOD model (109) with their enterprise networks and systems to help their employees get the maximum benefits of the smart device’s usage. The employees like to use their own smart devices to connect to their company’s enterprise systems and do their work with greater flexibility and freedom.
Other companies have security concerns so they let their employees use the company smart devices and prevent the employees from using their own smart devices. In both cases, companies need a policy management system and a data isolation policy to overcome employees’ misuse of the smart devices with their enterprise systems (93). Mobile virtualization technology is one of the solutions that achieves data isolation and policy management in the two aforementioned models. In fact, mobile virtualiztion offers a flexibility with the smart devices usage and addresses the concerns over the personal data privacy, while delivering the security requirements of the enterprise systems. Therefore, the employee can have her/his personal mobile platform VM (Virtual Machine) side-by-side with the business mobile platform VM in the same smart device. The separation of the mobile platform VMs (personal and business) let the employee have full control of her/his private data and applications without affecting the enterprise system requirements of controlling their data security and policies management.

 Privacy Escalation attack

As the running foreground container is unaware of the background running containers in the same smart device, the privacy escalation attack model is defined as follow: A process P which belongs to a compromised container C´running in background, will be able to communicate or access data of a system resource R which is under restricted access policy in the foreground container C´´where C´and C´´belong to Cs; the set of containers in the smart device. The attack environment consists of two containers C1 and C2. We assume that accessing the GPS coordinate data and audio recorder functionality by the third party applications are restricted in C1.

 Architecture and Design

In Android 4.3 JB version, there are about 50-70 system services which give the mobile applications capabilities to communicate with the system resources through callable interfaces (25).
The Android platform provides Binder IPC mechanism (7) to allow communication between applications and system services. There are 150 built in permissions on Android platform to constrain the application accesses to the system resources (5). We classify the system resources into two types; 1) The simulated resources by which the resource could be simulate its state and data. For example, the location manager service that represents the geographic coordinates could be simulated to gives simulated coordinate (x=0,y=0). and 2) The unsimulated resources such as the bluetooth and network. Based on this classification we control the running third party applications and processes access to the system resources during the MMAC policy enforcement.
The idea behind this classification is to prevent the application’s segmentation fault or crashing while applying the MMAC policy enforcement. The applications that require access to a simulated system resource will receive a simulated data and those applications that require access to unsimulated system resources will receive denied access signal or will be terminated if they were actively running before the MMAC policy enforcement decision.

 Evaluation

SE-Persona implementation is based on Cells which use namespace isolation mechanisms and cgroup (control group) to provide isolation and secure environment. In order to evaluate the SE-Persona platform security we applied different attacks in order to gain higher privilege and expose privacy.

CONCLUSION

In this work we studied the smart device usage with the enterprise solutions. We proposed a security driven taxonomy for enterprise mobile applications, then we defined the security requirements that required by the enterprise solution to manage the security risks of the smart devices.
We surveyed the current proposed solutions ideas from academia and presented KNOX as an industry solution from Samsung. Also we investigated the security risks of the password visibility feature on the Android platform. We presented Capture-Me as a new screenshot attack to expose the user credentials from the mobile banking applications. We evaluated Capture- Me in a practical attack scenario with six mobile banking applications and PayPal’s mobile application. We explored the possible protection mechanisms to defeat the screenshot attacks on the Android platform with more than 130 mobile banking applications. We discovered that most of the mobile banking applications we examined do not use any protection mechanism to defeat the screenshot attacks. The experimental results of the Capture-Me attacks show the weakness of the (user id and password) as the only authentication mechanism used in many mobile banking applications. Our recommendation is that the mobile banking application should implement other authentication techniques such as the multi factor authentication in order to protect their users’ data and their system’s integrity. Finally, we investigate the security weakness of the virualization technology with smart devices (phones and tables), we were able to apply different attack models on Cells as an example of the OS-level virtualization architecture.

Le rapport de stage ou le pfe est un document d’analyse, de synthèse et d’évaluation de votre apprentissage, c’est pour cela rapport-gratuit.com propose le téléchargement des modèles complet de projet de fin d’étude, rapport de stage, mémoire, pfe, thèse, pour connaître la méthodologie à avoir et savoir comment construire les parties d’un projet de fin d’étude.

Table des matières

INTRODUCTION
CHAPTER 1 SECURING BUSINESS DATA ON ANDROID PLATFORM
1.1 Android Security
1.2 Private Data and Android Vulnerabilities
1.2.1 Smart Phone Privacy
1.2.2 Main Attacks
1.3 Enterprise Applications Taxonomy
1.4 Security Requirements
1.5 Security Solutions from Academia
1.5.1 Trust Droid
1.5.2 Unified Security Enhancement Framework
1.5.3 Polite Policy Framework
1.5.4 CRêPE
1.5.5 SE for Android
1.5.6 L4Android
1.5.7 Improving Security with OS-Level Virtualization
1.5.8 Matrix of Proposed Solutions and Security Requirements
1.6 Security Solutions from Industry
CHAPTER 2 CAPTURE-ME : ATTACKING THE USER CREDENTIAL IN MOBILE BANKING APPLICATIONS
2.1 Screenshot Functionality
2.1.1 Frame Buffer FB
2.1.2 Application Surface view
2.1.3 Surface Flinger service
2.1.4 Screenshot implementation on Android
2.1.5 ScreenShot Applications
2.2 Design and Implementation
2.2.1 Attack scenario
2.2.2 Preliminary Design Considerations
2.2.3 Monitoring and Screen Capture Phases
2.2.4 OCR Analysis Phase
2.2.4.1 Password language
2.2.4.2 Tesseract-ocr output
2.2.5 Implementation optimizations
2.3 Evaluation and Performance
2.3.1 Evaluation Test
2.3.2 Performance
2.4 Protection and Mitigation
CHAPTER 3 SE-PERSONA : SECURE ENHANCEMENT CONTAINERS
ON MOBILE PLATFORM
3.1 Android Virtualization
3.1.1 Virtualization Technology Classification
3.1.2 Business usages of Android Virtualization
3.1.3 Cells as OS-level Virtualization
3.2 Security Requirements
3.3 Attacks Models
3.3.1 Privacy Escalation attack
3.3.2 Privilege Escalation attack
3.3.3 Remote management Attack
3.4 Mitigating OS-level Virtualization by SE-Android
3.4.1 MMAC Policy on Android Virtualization
3.4.1.1 Context Awareness
3.4.1.2 The MMAC policy Rules Conflicts
3.4.2 SE-Policy in Android
3.4.2.1 Celld policy module
3.4.3 ADB Proxy for Mobile virtualization technology
3.5 Architecture and Design
3.5.1 PackageParser
3.5.2 PackageManager
3.5.3 SELinuxMMAC
3.5.4 Permission Controller Manager PCM
3.5.5 Root Permission Controller Manager Root PCM
3.6 Evaluation
3.6.1 Performance
3.6.2 Evaluation
CONCLUSION

Rapport PFE, mémoire et thèse PDFTélécharger le rapport complet

Télécharger aussi :

Laisser un commentaire

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *