YoVDO

Call Me Back! Attacks on System Server and System Apps in Android through Synchronous Callback

Offered By: Association for Computing Machinery (ACM) via YouTube

Tags

ACM CCS (Computer and Communications Security) Courses Cybersecurity Courses System Architecture Courses Android Security Courses

Course Description

Overview

Explore a critical security analysis of Android's system architecture in this conference talk presented at CCS 2016. Delve into the vulnerabilities of Android's System Server and System Apps, focusing on synchronous callback attacks. Understand the mechanics of how system services are provided and the role of callbacks during Inter-Process Communication (IPC). Examine various malicious callback techniques, including blocking, exception-throwing, and self-poisoning. Investigate the impact on other system apps and consider meaningful attack scenarios. Discuss potential defense approaches and address key research questions regarding detection methods and identified vulnerabilities. Gain valuable insights into Android security from experts Kai Wang, Yuqing Zhang, and Peng Liu as they present their findings at the 23rd ACM Conference on Computer and Communications Security.

Syllabus

Intro
Android System Server
How a System Service is provided
Callback during IPC
What is a Callback Handle
Malicious Callback: Block
Malicious Callback: Exception
Malicious Callback: Self-Poisoning
Other Victims System Apps
Research Questions
Meaningful Attacks
Defense Approaches
Question 1: How to Detect?
Question 2: Detected Vulnerabilities


Taught by

ACM CCS

Related Courses

Check Point Jump Start: Harmony Mobile
Checkpoint via Coursera
Check Point Jump Start: Harmony Mobile
Checkpoint via edX
Mobile Security Fundamentals
Cybrary
CNIT 128: Hacking Mobile Devices
CNIT - City College of San Francisco via Independent
Learning Mobile Device Security
LinkedIn Learning