Skip to Content

Android Security

Attacks and Defenses

By Anmol Misra, Abhishek Dubey

Auerbach Publications – 2013 – 280 pages

Purchasing Options:

  • Add to CartHardback: $59.95
    978-1-43-989646-4
    April 8th 2013

Description

Android Security: Attacks and Defenses is for anyone interested in learning about the strengths and weaknesses of the Android platform from a security perspective. Starting with an introduction to Android OS architecture and application programming, it will help readers get up to speed on the basics of the Android platform and its security issues.

Explaining the Android security model and architecture, the book describes Android permissions, including Manifest permissions, to help readers analyze applications and understand permission requirements. It also rates the Android permissions based on security implications and covers JEB Decompiler.

The authors describe how to write Android bots in JAVA and how to use reversing tools to decompile any Android application. They also cover the Android file system, including import directories and files, so readers can perform basic forensic analysis on file system and SD cards. The book includes access to a wealth of resources on its website: www.androidinsecurity.com. It explains how to crack SecureApp.apk discussed in the text and also makes the application available on its site.

The book includes coverage of advanced topics such as reverse engineering and forensics, mobile device pen-testing methodology, malware analysis, secure coding, and hardening guidelines for Android. It also explains how to analyze security implications for Android mobile devices/applications and incorporate them into enterprise SDLC processes.

The book’s site includes a resource section where readers can access downloads for applications, tools created by users, and sample applications created by the authors under the Resource section. Readers can easily download the files and use them in conjunction with the text, wherever needed. Visit www.androidinsecurity.com for more information.

Reviews

… a must-have for security architects and consultants as well as enterprise security managers who are working with mobile devices and applications.

—Dr. Dena Haritos Tsamitis, Director of the Information Networking Institute; and Director of Education, CyLab, Carnegie Mellon University

If you are facing the complex challenge of securing data and applications for Android, this book provides valuable insight into the security architecture and practical guidance for safeguarding this modern platform.

—Gerhard Eschelbeck, Chief Technology Officer and Senior Vice President, Sophos

… a great introduction to Android security, both from a platform and applications standpoint. … provides the groundwork for anybody interested in mobile malware analysis … a great starting point for anybody interested in cracking the nitty-gritty of most Android apps.

—Nicholas Falliere, Founder of JEB Decompiler

… Dubey and Misra have filled a critical gap in software security literature by providing a unique and holistic approach to addressing this critical and often misunderstood topic. They have captured the essential threats and countermeasures that are necessary to understand and effectively implement secure Android-driven mobile environments.

—James Ransome, Senior Director of Product Security, McAfee, An Intel Company

Good book for Android security enthusiasts and developers that also covers advanced topics like reverse engineering of Android applications. A must have book for all security professionals.

—Sanjay Kartkar, Cofounder of Quick Heal Technologies

… an excellent book for professional businesses that are trying to move their corporate applications on mobile/Android platforms. It helped me understand the threats foreseen in Android applications and how to protect against them.

—Jagmeet Malhotra, Vice President of Markets & International Banking, Royal Bank of Scotland

The book gives security professionals and executives a practical guide to the security implications and best practices for deploying Android platforms and applications in the (corporate) environment.

Steve Martino, VP Information Security, Cisco

Contents

Introduction

Why Android

Evolution of Mobile Threats

Android Overview

Android Marketplaces

Summary

Android Architecture

Android Architecture Overview

Linux Kernel

Libraries

Android Runtime

Application Framework

Applications

Android Start Up and Zygote

Android SDK and Tools

Downloading and Installing the Android SDK

Developing with Eclipse and ADT

Android Tools

DDMS

ADB

ProGuard

Anatomy of the "Hello World" Application

Understanding Hello World

Summary

Android Application Architecture

Application Components

Activities

Intents

Broadcast Receivers

Services

Content Providers

Activity Lifecycles

Summary

Android (in)Security

Android Security Model

Permission Enforcement—Linux

Android’s Manifest Permissions

Requesting Permissions

Putting It All Together

Mobile Security Issues

Device

Patching

External Storage

Keyboards

Data Privacy

Application Security

Legacy Code

Recent Android Attacks—A Walkthrough

Analysis of DroidDream Variant

Analysis of Zsone

Analysis of Zitmo Trojan

Summary

Pen Testing Android

Penetration Testing Methodology

External Penetration Test

Internal Penetration Test

Penetration Test Methodologies

Static Analysis

Steps to Pen Test Android OS and Devices

Tools for Penetration Testing Android

Nmap

BusyBox

Wireshark

Vulnerabilities in the Android OS

Penetration Testing—Android Applications

Android Applications

Application Security

Miscellaneous Issues

Summary

Reverse Engineering Android Applications

Introduction

What is Malware?

Identifying Android Malware

Reverse Engineering Methodology for Android Applications

Summary

Modifying the Behavior of Android Applications without Source Code

Introduction

To Add Malicious Behavior

To Eliminate Malicious Behavior

To Bypass Intended Functionality

DEX File Format

Case Study: Modifying the Behavior of an Application

Real World Example 1—Google Wallet Vulnerability

Real World Example 2—Skype Vulnerability (CVE-2011-1717)

Defensive Strategies

Perform Code Obfuscation

Perform Server Side Processing

Perform Iterative Hashing and Use Salt

Choose the Right Location for Sensitive Information

Cryptography

Conclusion

Summary

Hacking Android

Introduction

Android File System

Mount Points

File Systems

Directory Structure

Android Application Data

Storage Options

/data/data

Rooting Android Devices

Imaging Android

Accessing Application Databases

Extracting Data from Android Devices

Summary

Securing Android for the Enterprise Environment

Android in Enterprise

Security Concerns for Android in Enterprise

End-User Awareness

Compliance/Audit Considerations

Recommended Security Practices for Mobile Devices

Hardening Android

Deploying Android Securely

Device Administration

Summary

Browser Security and Future Threat Landscape

Mobile HTML Security

Cross-Site Scripting

SQL Injection

Cross-Site Request Forgery

Phishing

Mobile Browser Security

Browser Vulnerabilities

The Future Landscape

The Phone as a Spying/Tracking Device

Controlling Corporate Networks and Other Devices through Mobile Devices

Mobile Wallets and NFC

Summary

Appendix A

Appendix B

B.1 Views

B.2 Code Views

B.3 Keyboard Shortcuts

B.4 Options

Appendix C

Glossary

Author Bio

Anmol Misra is a contributing author of the book Defending the Cloud: Waging War in Cyberspace(Infinity Publishing, December 2011). His expertise includes mobile and application security, vulnerability management, application and infrastructure security assessments, and security code reviews.

He is currently Program Manager of the Critical Business Security External (CBSE) team at Cisco. The CBSE team is part of the Information Security Team (InfoSec) at Cisco and is responsible for the security of Cisco’s Cloud Hosted Services. Prior to joining Cisco, Anmol was a Senior Consultant with Ernst & Young LLP. In his role, he advised Fortune 500 clients on defining and improving Information Security programs and practices. He helped large corporations to reduce IT security risk and achieve regulatory compliance by improving their security posture.

Anmol holds a master’s degree in Information Networking from Carnegie Mellon University. He also holds a Bachelor of Engineering degree in Computer Engineering. He served as Vice President of Alumni Relations for the Bay Area chapter of the Carnegie Mellon Alumni Association.In his free time, Anmol enjoys long walks on the beaches of San Francisco. He is a voracious reader of nonfiction books—especially, history and economics—and is an aspiring photographer.

Abhishek Dubey has a wide variety of experience in information security, including reverse engineering, malware analysis, and vulnerability detection. He is currently working as a Lead/Senior Engineer of the Security Services and Cloud Operations team at Cisco. Prior to joining Cisco, Abhishek was Senior Researcher in the Advanced Threat Research Group at Webroot Software.

Abhishek holds a master’s degree in Information Security and Technology Management from Carnegie Mellon University and also holds a B.Tech degree in Computer Science and Engineering. He is currently pursuing studies in Strategic Decisions and Risk Management at Stanford University. He has served as Vice President of Operations and Alliances for the Bay Area chapter of the Carnegie Mellon Alumni Association. This alumni chapter is 5,000 students strong. In his free time, Abhishek is an avid distance runner and photographer. He also enjoys rock climbing and being a foodie.

Name: Android Security: Attacks and Defenses (Hardback)Auerbach Publications 
Description: By Anmol Misra, Abhishek Dubey. Android Security: Attacks and Defenses is for anyone interested in learning about the strengths and weaknesses of the Android platform from a security perspective. Starting with an introduction to Android OS architecture and application programming, it...
Categories: IT Security, Software Engineering & Systems Development, Networks