Académique Documents
Professionnel Documents
Culture Documents
Application
Sandbox
Thomas Bläsing
DAI-Labor
TU Berlin
Agenda
• Introduction
‣ What is Android ?
‣ Malware on smartphones
‣ Design
‣ Conclusion
• Summary
‣ Future work / Bibliography
• Dalvik VM
‣ register-based VM for Java
source: http://www.techflare.com.au/media/102-android%20-%20system-architecture.jpg
• interesting topic
• paper „Android: Next Target?“
‣ Schmidt et al
‣ Design
‣ Conclusion
(ii) User
• wants to know what the Application is exactly doing on the phone
• e.g. access personal data although App didn‘t have the permission
APK
AndroidManifest.xml
APK
AndroidManifest.xml
classes.dex
APK
AndroidManifest.xml
classes.dex
Ressources
pictures
layout.xml
libraries (.so)
...
APK
AndroidManifest.xml
AndroidManifest.xml
classes.dex
classes.dex
Ressources
pictures
layout.xml
libraries (.so)
...
APK
AndroidManifest.xml
classes.dex
Ressources
pictures
layout.xml
libraries (.so)
...
APK
static
analysis
AndroidManifest.xml
classes.dex
Ressources
pictures
layout.xml
libraries (.so)
...
APK
static V1 ( {1,0} )
analysis
AndroidManifest.xml
classes.dex
Ressources
pictures
layout.xml
libraries (.so)
Android
... Emulator
APK
static V1 ( {1,0} )
analysis
AndroidManifest.xml
classes.dex
Ressources - install
- exec
- random input
pictures
layout.xml
libraries (.so)
Android
... Emulator
APK
static V1 ( {1,0} )
analysis
AndroidManifest.xml
classes.dex
Ressources - install
- exec
- random input
pictures
layout.xml
libraries (.so)
Android
... Emulator
APK
static V1 ( {1,0} )
analysis
AndroidManifest.xml
classes.dex
Ressources - install
- exec
- random input V2 ( {1,0} )
pictures
layout.xml
libraries (.so)
Android
... Emulator
APK
static V1 ( {1,0} )
analysis
AndroidManifest.xml
classes.dex
Ressources - install
- exec
- random input V2 ( {1,0} )
pictures
layout.xml
libraries (.so)
Android
... Emulator
?!
APK
static V1 ( {1,0} )
analysis
• 2 step analysis
‣ Does the result of the static analysis imply the result of the dynamic analysis ?
• Android Honeypot
‣ Honeynet
thanks
for your
attention