Nov 2016
7 Mon
8 Tue
9 Wed
10 Thu 08:45 AM – 06:00 PM IST
11 Fri 08:45 AM – 06:00 PM IST
12 Sat
13 Sun
KL
Kartik Lalan
@kartiklalan
Android Security Internals
Submitted Jul 29, 2016
Section:
Workshop
Technical level:
Intermediate
Security implementation from OS level, extending till App level security, covering best practices for making applications. Focus on how Security has been implemented from OS side, how certain vulnerabilities are exploited and what mistakes do app developers do which can be exploited. This will be a hands-on session, which will involve introduction to OS from scratch and will cover advance topics which followers can easily grasp.
Patern of workshop will be initial introduction to new concepts, then implementing them and Small challenges will be offered so that participants can relate with real world scenario.
Outline
Intended for Android Developers, Team-Leads, Architects, Security Engineers.
Concepts like Keystore, Rooting Detection, MSF Shell code, Reverse Engineering app, ADB commands, App ID - Sandbox, Signing Apps, etc.
Requirements
Hardware - Laptop running MAC/Linux/Windows + Rooted Android phone/Tablet or even emulator will work
Software -
Below link contains setups needed during workshop - supporting Windows/Macintosh host, same will be available for Linux over the Internet.
(Mandatory)
https://drive.google.com/drive/folders/0B5W6CghYLo25UWhma1lfeUMyYUU?usp=sharing
(Mandatory)
Also make sure to have Android Studio with Virtual Device ready (refer- http://nestedif.com/android-environment-tools/creating-new-android-virtual-device-emulator-using-android-studio/ also enable virtualization from BIOS + download HAXM from AVD Manager https://www.youtube.com/watch?v=7ek1ZPqZEWw )
Oracle Virtual Box https://www.virtualbox.org/wiki/Downloads with KaliLinux OS https://www.kali.org/downloads/ configured to try reverse shell.
Speaker bio
A Computer Science graduate, working on Android & Info-Security. I also write technical Blogs in leisure time - www.nestedif.com. M.Tech. in CS with Specialization in Information & Network Security. Prior to my M.Tech. I have been working as Android Developer. Currently working as Security Engineer at Security Centre of Excellence - Philips Innovation Campus. I am much interested in exploring out of box exploits.
Conduct Frequent talks and workshops on Android and Info.Sec at several places including OWASP - Null Bangalore Chapter.
Links
Slides
https://drive.google.com/open?id=0B61XTI7JAIJreVR2UUdlX08ta2s
Comments
Hosted by
droidconIN is an annual conference on Android, part of the worldwide series of events.
more
{{ gettext('Login to leave a comment') }}
{{ gettext('Post a comment…') }}{{ errorMsg }}
{{ gettext('No comments posted yet') }}