Call Me Back! Attacks on System Server and System Apps in Android through Synchronous Callback
Offered By: Association for Computing Machinery (ACM) via YouTube
Course Description
Overview
Explore a critical security analysis of Android's system architecture in this conference talk presented at CCS 2016. Delve into the vulnerabilities of Android's System Server and System Apps, focusing on synchronous callback attacks. Understand the mechanics of how system services are provided and the role of callbacks during Inter-Process Communication (IPC). Examine various malicious callback techniques, including blocking, exception-throwing, and self-poisoning. Investigate the impact on other system apps and consider meaningful attack scenarios. Discuss potential defense approaches and address key research questions regarding detection methods and identified vulnerabilities. Gain valuable insights into Android security from experts Kai Wang, Yuqing Zhang, and Peng Liu as they present their findings at the 23rd ACM Conference on Computer and Communications Security.
Syllabus
Intro
Android System Server
How a System Service is provided
Callback during IPC
What is a Callback Handle
Malicious Callback: Block
Malicious Callback: Exception
Malicious Callback: Self-Poisoning
Other Victims System Apps
Research Questions
Meaningful Attacks
Defense Approaches
Question 1: How to Detect?
Question 2: Detected Vulnerabilities
Taught by
ACM CCS
Related Courses
Check Point Jump Start: Harmony MobileCheckpoint via Coursera Check Point Jump Start: Harmony Mobile
Checkpoint via edX Mobile Security Fundamentals
Cybrary CNIT 128: Hacking Mobile Devices
CNIT - City College of San Francisco via Independent Learning Mobile Device Security
LinkedIn Learning