DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun,...
-
Upload
percival-myles-collins -
Category
Documents
-
view
217 -
download
0
Transcript of DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun,...
![Page 1: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/1.jpg)
DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices
Fall 2015
Instructor: Kun Sun, Ph.D.
![Page 2: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/2.jpg)
Roadmap Introduction
Overview
DeepDroid-Permission
DeepDroid-Behavior
Evaluation
Conclusion
![Page 3: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/3.jpg)
Introduction Smartphones are increasingly adopted in
workspace “51% of end users rely on smartphones to perform daily
business activities.”——Cisco
However, Android devices are not easily managed for system design Permission: Coarse and not
configurable Device Administration API SEAndroid: legacy
phones(85.8%<version 4.3), inadequate MAC in middleware
![Page 4: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/4.jpg)
Current Status Device OEMs add their own
management APIs Samsung SAFE & Knox HTC APIs 3LM APIs …
MDM vendors bustle about all these extended APIs
![Page 5: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/5.jpg)
Current Research Customize system to enforce policies
Require tremendous modification to source code
Portability issue for Android branches and OEMs
Rewrite Android apps Intercept security sensitive APIs
from multiple layers Lack of isolation between App and
management code
![Page 6: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/6.jpg)
Roadmap Introduction
Overview
DeepDroid-Permission
DeepDroid-Behavior
Evaluation
Conclusion
![Page 7: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/7.jpg)
Overview
centralized controller system_server for middleware
permissions
client-server architecture system services, content
providers, etc.
Communication-Binder RPC to services/Callbacks Intent Content Providers Messengers Ashmem …
system_server
/system/bin/mediaserver
com.android.phone
android.process.acore
android.process.media
……
![Page 8: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/8.jpg)
Overview (cont.)
Operations inside of process boundary
Based on Linux system calls Comply with Linux DAC
Linux privilege authorized right after process creation
setgroups/setresgid/setresuid
Activity Manager
Create process that can:• read/write sdcard• access network• use camera• read contacts
![Page 9: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/9.jpg)
Our approach Dynamic memory instrumentation
/system/bin/mediaserver
com.android.phone
android.process.acore
android.process.media
……
system_server
behavior extraction & enforcement
flexible permission
![Page 10: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/10.jpg)
Our approach (cont.) System call tracking
Tracking process creation for privilege authorization
Tracking process operations
![Page 11: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/11.jpg)
Why our approach? Stable system architecture
permission mechanism, system services, binder realization, etc.
Reduce source code modification to configuration carry little burden on vendor
customization Central management
isolation transparent to apps
![Page 12: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/12.jpg)
Roadmap Introduction
Overview
DeepDroid-Permission
DeepDroid-Behavior
Evaluation
Conclusion
![Page 13: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/13.jpg)
DeepDroid-Permission system_server is the core of permission
mechanism. A few checking interfaces
Permission
Checkinter-process
Monitoring Code
Enterprise Policy Repository
system_server
Key: Java method redirection
![Page 14: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/14.jpg)
DeepDroid-Permission
interpretor
V
byte code
classes.dex
…
…
dalvik-LinearAlloc
nativeFunc
insns
accessFlags
…
Method…
…
…
native code
libx.so
…
…
![Page 15: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/15.jpg)
--runtime-init--setuid=10028--setgid=10028--setgroups=1015, 3003, 1006, 1007android.app.ActivityThread
DeepDroid-Permission Some permissions (user groups) are
checked in Kernel.
system_server
zygote app process
monitoring
fork
1: launch request
2: recognize app
3: reset groups &track until setuid
![Page 16: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/16.jpg)
Roadmap Introduction
Overview
DeepDroid-Permission
DeepDroid-Behavior
Evaluation
Conclusion
![Page 17: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/17.jpg)
DeepDroid-Behavior Interactions between apps and system services
ioctl(binderFd, BINDER_WRITE_READ, &bwr) By tampering Global Offset Table (GOT) of libbinder.so
access to servicescall-backsIntentContentProvidersMessengerashmem……
app
libc.so libc.so
system_server android.process.acore
libbinder.so libbinder.so
…
Behavior Enforcement
upperlayers
upperlayers
Binder driver
![Page 18: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/18.jpg)
DeepDroid-Behavior Synchronous invocation
E.g., getLastKnownLocation(), getDeviceId()
return value
requests
system process
BR_TRANSACTION
BC_REPLY
pairwise within binder thread
interfaces defined in aidl& in .java
reflect on write buffer
![Page 19: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/19.jpg)
DeepDroid-Behavior Asynchronous invocation
With oneway callback(e.g., onLocationChanged)
callback value
get a remote handle
system process
BC_TRANSACTION
reflect on write buffer
interfaces defined in aidl or in .java
counterpart recognization1) servicemanager
2) IBinder instances
![Page 20: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/20.jpg)
DeepDroid-Behavior Parameter types
IBinder: map remote handles to uid/pid
ParcelFileDescriptor: shared memory (content provider, media, etc.)
Parcelable: rebuild objects with built-in CREATOR
![Page 21: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/21.jpg)
Roadmap Introduction
Overview
DeepDroid-Permission
DeepDroid-Behavior
Evaluation
Conclusion
![Page 22: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/22.jpg)
Tested ResourcesResource Permission Group PEP1 Process
IMEI READ_PHONE_STATE packagecom.android.phone
Phone # READ_PHONE_STATE package
location ACCESS_FINE_LOCATION package system_server
contacts READ_CONTACTS package android.process.acore
camera CAMERA camera package/PCG2 mediaserver
account GET_ACCOUNTS package system_server
logs READ_LOGS log PCG2
app processnetwork INTERNET inet package/PCG2
SMS SEND_SMS package com.android.phone
1PEP: permission enforcement point2PCG: Process Creation Guard
![Page 23: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/23.jpg)
Tested Devices
Device Android OS
Nexus S(Samsung) Android OS 2.3.6
Sony LT29i Android OS 4.1.2Android OS 4.2.2
Galaxy Nexus(Samsung) Android OS 4.0
Samsung Galaxy Note II
Android OS 4.1
Samsung Galaxy Note 3 Android OS 4.3
Nexus 5(LG) Android OS 4.4
Meizu MX II Flyme 3.2(Android OS 4.2.1)
Huawei Honor 3c Android OS 4.2
![Page 24: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/24.jpg)
Performance
![Page 25: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/25.jpg)
Performance (cont.)
![Page 26: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/26.jpg)
Performance (cont.)
Normal Quadrant
Traced Quadrant
NormalCaffeineMark
Trace CaffeineMark
MX II 2508.5 2507.6 6367.2 6207.5
LT29i 4653.8 4553.6 14125.5 13998.5
Nexus S 1750.0 1705.6 5982.8 5959.9
Benchmark Scores
![Page 27: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/27.jpg)
Roadmap Introduction
Overview
DeepDroid-Permission
DeepDroid-Behavior
Evaluation
Conclusion
![Page 28: DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Fall 2015 Instructor: Kun Sun, Ph.D.](https://reader034.fdocuments.in/reader034/viewer/2022051516/56649e7c5503460f94b7ee0b/html5/thumbnails/28.jpg)
Conclusion We propose a framework to achieve a fine-
grained control on Android resources.
DeepDroid dynamically instruments and traces core processes of Android system. Based on stable structures across multiple OS versions, DeepDroid is easily ported.
DeepDroid requires little firmware configuration rather than customizing Android source code.