CloudAppSec : Cloud Based Application Security - PowerPoint PPT Presentation

About This Presentation
Title:

CloudAppSec : Cloud Based Application Security

Description:

CloudAppSec : Cloud Based Application Security for Android Applications Animesh Nandanwar 85843974 Kshitij Desai 64167444 – PowerPoint PPT presentation

Number of Views:122
Avg rating:3.0/5.0
Slides: 11
Provided by: anim155
Learn more at: https://ics.uci.edu
Category:

less

Transcript and Presenter's Notes

Title: CloudAppSec : Cloud Based Application Security


1
CloudAppSec Cloud Based Application
Security for Android Applications
Animesh Nandanwar 85843974 Kshitij Desai
64167444 Mayuresh Randive 26924684
2
CloudAppSec
  • Cloud based service to analyze privileges
    required for an android mobile application
  • Protects and notifies mobile device user from
    malicious application that do not conform to
    security privileges

3
Motivation
  • Widespread adoption of android devices
  • Large number of mobile applications and
    application developers
  • Open Source Useful for attackers and defenders
  • But.. no way to verify authenticity of
    application
  • In past, many application like iCalendar
    compromised user security
  • Hence, design goal is to provide user security
    from applications

4
Malware Analysis of android application
  • Applications use Manifest.xml to request
    permissions
  • All Android apps must declare the permissions
  • they want to have
  • Maps directly to whats displayed on-screen when
    you install the application
  • Nobody actually pays attention when they install
    them
  • Some permission applications just dont require
  • e.g. iCalendar requires SEND_SMS permission

5
Static vs. Dynamic Malware Analysis
  • Two options when analyzing any given program
    static or dynamic analysis
  • Static analysis examining code, do analysis on
    android .Apk file, analyze APIs used in
    application
  • Dynamic analysis running application and
    observing code paths, logging system calls

6
CloudAppSec Design
  • Static analysis on app .APK file
  • Extract .apk and run static analysis to determine
    application permissions
  • Perform API search in extracted files, map
    searched APIs to permissions using API mapper
  • Notify user application permissions in users
    understandable manner and let users decide if
    they want to keep or uninstall application
  • iCalendar application analysis will return
    Application is using SEND_SMS API to user
  • User learns this and decides to uninstall
    application

7
CloudApp Architecture
1. User selects .APK file
3. Access API mapping
2. Upload .APK
5. Return APIs accessed by App and
corresponding permissions
4. Return API mappings
6. User analyzes permission
8
Placeholder for screenshots and Results
9
Placeholder for screenshots and Results
10
Thank you for your interest in our Project !!!
ANY QUESTIONS??
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "CloudAppSec : Cloud Based Application Security" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!