ebook img

Understanding and Improving Security of the Android Operating System PDF

290 Pages·2017·7.88 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Understanding and Improving Security of the Android Operating System

SSyyrraaccuussee UUnniivveerrssiittyy SSUURRFFAACCEE Dissertations - ALL SURFACE December 2016 UUnnddeerrssttaannddiinngg aanndd IImmpprroovviinngg SSeeccuurriittyy ooff tthhee AAnnddrrooiidd OOppeerraattiinngg SSyysstteemm Edward Paul Ratazzi Syracuse University Follow this and additional works at: https://surface.syr.edu/etd Part of the Engineering Commons RReeccoommmmeennddeedd CCiittaattiioonn Ratazzi, Edward Paul, "Understanding and Improving Security of the Android Operating System" (2016). Dissertations - ALL. 592. https://surface.syr.edu/etd/592 This Dissertation is brought to you for free and open access by the SURFACE at SURFACE. It has been accepted for inclusion in Dissertations - ALL by an authorized administrator of SURFACE. For more information, please contact [email protected]. ABSTRACT Successfulrealizationofpracticalcomputersecurityimprovementsrequiresanunderstanding andinsightintothesystem’ssecurityarchitecture,combinedwithaconsiderationofend-users’ needsaswellasthesystem’sdesigntenets.InthecaseofAndroid,asystemwithanopen, modulararchitecturethatemphasizesusabilityandperformance,acquiringthisknowledgeand insightcanbeparticularlychallengingforseveralreasons.InspiteofAndroid’sopensource philosophy,thesystemisextremelylargeandcomplex,documentationandreferencematerials arescarce,andthecodebaseisrapidlyevolvingwithnewfeaturesandfixes.Tomakematters worse,thevastmajorityofAndroiddevicesinusedonotruntheopensourcecode,butrather proprietaryversionsthathavebeenheavilycustomizedbyvendorsforproductdifferentiation. Proposingsecurityimprovementsormakingcustomizationswithoutsufficientinsightintothe systemtypicallyleadstoless-practical,less-efficient,orevenvulnerableresults.Pointsolutionsto specificproblemsriskleavingothersimilarproblemsinthedistributedsecurityarchitecture unsolved.Far-reachinggeneral-purposeapproachesmayfurthercomplicateanalreadycomplex system,andforceend-userstoenduresignificantperformanceandusabilitydegradations regardlessoftheirspecificsecurityandprivacyneeds.Inthecaseofvendorcustomization, uninformedchangescanintroduceaccesscontrolinconsistenciesandnewvulnerabilities.Hence, thelackofmethodologiesandresourcesavailableforgaininginsightaboutAndroidsecurityis hinderingthedevelopmentofpracticalsecuritysolutions,soundvendorcustomizations,and end-userawarenessoftheproprietarydevicestheyareusing. Addressingthisdeficiencyisthesubjectofthisdissertation.Newapproachesforanalyzing, evaluatingandunderstandingAndroidaccesscontrolsareintroducedandusedtocreatean interactivedatabaseforusebysecurityresearchersaswellassystemdesignersandend-user productevaluators.Casestudiesusingthenewtechniquesaredescribed,withresultsuncovering problemsinAndroid’smultiuserframeworkandvendor-customizedSystemServices.Finally,the newinsightsareusedtodevelopandimplementanovelvirtualization-basedsecurity architecturethatprotectssensitiveresourceswhilepreservingAndroid’sopenarchitectureand expectedlevelsofperformanceandusability. UNDERSTANDING AND IMPROVING SECURITY OF THE ANDROID OPERATING SYSTEM by Edward Paul Ratazzi B.S.,RensselaerPolytechnicInstitute,1987 M.S.,SyracuseUniversity,1992 M.S.,RensselaerPolytechnicInstitute,2006 DISSERTATION Submittedinpartialfulfillmentoftherequirementsforthedegreeof DoctorofPhilosophyinElectrical&ComputerEngineering SyracuseUniversity December2016 ThisisaworkoftheU.S.GovernmentandisnotsubjecttocopyrightprotectionintheUnited States.Foreigncopyrightsmayapply. DISCLAIMER Theviewsexpressedinthisdissertationarethoseoftheauthoranddonotreflecttheofficial policyorpositionoftheUnitedStatesAirForce,DepartmentofDefense,ortheU.S.Government. v Dedicatoamiononno,EdwardRatazzi,Sr. — Dedicatedtomygrandpop,HenryPaul,Jr. vi Acknowledgments Mydeepestgratitudegoestothosearoundmewhomadecompletingthisdissertationpossible. First,tomyadvisor,Prof.WenliangDu.EventhoughImetyouwithacareer’sworthofexperience alreadybehindme,yourinsightsaboutconductingresearch,distillingproblemsandcritical thinkinghavechangedmyprofessionallife.IwillconsidermyselfagreatsuccessifIcanpassalong toothersevenafractionofwhatIlearnedfromyou.Iamespeciallythankfulforyourpatience, approachability,friendlystyle,andunderstandingofmyoutsidecommitmentstoworkandfamily. Tomydefensecommittee,Prof.JoonPark,Prof.Shiu-KaiChin,Prof.JianTang,Prof.YuzheTang, andProf.HengYin,fortakingtimeoutofyourbusyschedulestoreadthisdissertation,provide valuablefeedbackandserveonmycommittee. TotheInformationDirectorateoftheAirForceResearchLaboratoryforitscommitmentto career-longlearningandprofessionaldevelopment.Tomypastandpresentcolleaguesthere, includingDr.WarrenDebany,Jr.,Dr.KamalJabbour,Dr.DavyBelk,JoeCamera,Lt.Col.David Bibighaus,Dr.DanPease,andDr.LokYan.Yousupportedandguidedmyreturntograduate school,andprovidedmuch-neededencouragementalongtheway.Iamparticularlyindebtedto mysupervisorandfriend,JimPerretta.Forthelastfouryearsyouhaveshelteredmefrommany day-to-daydistractionssothatIcouldfocusonconductinganddocumentingmyin-house research.NowthatIamdone,Ihopetorisetothenewchallengesandopportunitiesyour leadershipbringstome. TothecurrentandformerstudentsoftheComputerSecurityResearchGroupatSyracuse, vii especiallyAmitAhlawat,FrancisAkowuah,AshokBommisetti,NianJi,Dr.YousraAafer,Dr.Xiao Zhang,JiamingLiu,KailiangYing,YifeiWang,HaoHao,HaichaoZhang,andLushaWang.Iamin aweofyourtechnicalskillsandgratefulforthecountlesshoursofdiscussionswe’vehad,bothin groupmeetingsandone-on-one.Iwishyouallthebestandhopewecancollaborateagaininthe future. ToeveryoneattheGriffissInstitute,especiallyBillWolf,ReganJohnson,TracyDiMeo,Dr.Josh White,andJimHanna.Youprovidedacomfortable,quietandwell-connectedenvironmentin whichtostudy,research,collaborate,andwrite.Withoutyoursupport,completingthis dissertationwouldhavebeentremendouslymoredifficultandlengthy. Tomyparents,RandaandEdRatazzi.Byexample,youtaughtmethevalueofeducation,theneed forperseverance,andtheimportanceofoptimism,allingredientsIfoundtobeessentialfor completingmystudies. Finallyandmostimportantly,tomywifeShirleyandchildrenEmilyandNicholas.Youencouraged mewhenthingsweretough,cheeredmysuccesses,andmadecountlesssacrificesalongtheway. Yourloveandconfidencearethecornerstoneofthisandallotheraccomplishmentsofmine. Syracuse,NewYork December2016 viii Contents Abstract i ListofFigures xiv ListofTables xvi 1 Introduction 1 1.1 Securityenhancementsproposedbythescientificliterature . . . . . . . . . . . . . . 3 1.2 Securityenhancementsavailabletoend-users . . . . . . . . . . . . . . . . . . . . . 4 1.3 ThesisandContributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 1.4 Dissertationorganization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 2 Background 10 2.1 UniquenessofMobileDevices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 2.2 TutorialonAndroidSecurity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 2.2.1 Development . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 2.2.2 Download . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 2.2.3 Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 2.2.4 Run-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 2.2.5 Removal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 3 AndroidAccessControlEvaluationMethodology 20 3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 3.1.1 ThreatModel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 ix

Description:
Test Results. I MotoX- . Test Results. J Linux Namespaces Analysis. J. Background . /proc/sys/net/ipv6/neigh/bridge0/retrans_time_ms. I/Netd.
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.