YoVDO

The Misuse of Android Unix Domain Sockets and Security Implications

Offered By: Association for Computing Machinery (ACM) via YouTube

Tags

ACM CCS (Computer and Communications Security) Courses Cybersecurity Courses Mobile Security Courses Threat Models Courses Android Security Courses

Course Description

Overview

Explore a conference talk from CCS 2016 examining the security implications of Android Unix domain sockets misuse. Delve into the research conducted by experts from the University of Michigan and University of California, Riverside, as they present their findings on potential vulnerabilities in Android applications. Learn about Unix domain sockets, threat models, and authentication methods in Android systems. Discover the researchers' analysis of socket address usage, authentication practices, and common mistakes made by developers. Gain insights into real-world examples, including a case study on KingRoot, and understand proposed mitigations to enhance Android security. Conclude with a summary and demonstrations that illustrate the practical impact of these security issues.

Syllabus

Intro
Motivation (cont'd)
Contributions
Unix domain sockets
Threat model
ABSTRACT is the default
Authentication is needed
Highlights
Apps using Unix sockets (Q1)
Socket address analysis (Q2)
Authentication analysis (03)
Implementation
Overview
Real-world usage
Identified libraries
Weak authentication
Strong authentications
Common mistakes
Case study: KingRoot
Mitigations (cont'd)
Summary
Demos


Taught by

ACM CCS

Related Courses

Enterprise and Infrastructure Security
New York University (NYU) via Coursera Palo Alto Networks Cybersecurity Essentials II
Palo Alto Networks via Coursera Hacking Laboratuvarınızı Oluşturun
Udemy CISM Cert Prep: 3 Information Security Program Development and Management
LinkedIn Learning Ethical Hacking: Mobile Devices and Platforms
LinkedIn Learning