YoVDO

The Misuse of Android Unix Domain Sockets and Security Implications

Offered By: Association for Computing Machinery (ACM) via YouTube

Tags

ACM CCS (Computer and Communications Security) Courses Cybersecurity Courses Mobile Security Courses Threat Models Courses Android Security Courses

Course Description

Overview

Explore a conference talk from CCS 2016 examining the security implications of Android Unix domain sockets misuse. Delve into the research conducted by experts from the University of Michigan and University of California, Riverside, as they present their findings on potential vulnerabilities in Android applications. Learn about Unix domain sockets, threat models, and authentication methods in Android systems. Discover the researchers' analysis of socket address usage, authentication practices, and common mistakes made by developers. Gain insights into real-world examples, including a case study on KingRoot, and understand proposed mitigations to enhance Android security. Conclude with a summary and demonstrations that illustrate the practical impact of these security issues.

Syllabus

Intro
Motivation (cont'd)
Contributions
Unix domain sockets
Threat model
ABSTRACT is the default
Authentication is needed
Highlights
Apps using Unix sockets (Q1)
Socket address analysis (Q2)
Authentication analysis (03)
Implementation
Overview
Real-world usage
Identified libraries
Weak authentication
Strong authentications
Common mistakes
Case study: KingRoot
Mitigations (cont'd)
Summary
Demos


Taught by

ACM CCS

Related Courses

Ethical Hacking for Mobile Phones, Facebook & Social Media!
Udemy Android Security: Effective Permission Handling
Pluralsight Learning Mobile Device Security
LinkedIn Learning Securing Android Apps
LinkedIn Learning Ethical Hacking | Metasploit Tutorial | من الصفر للاحتراف
Udemy