Researching Android Device Security with the Help of a Droid Army

Presented at Black Hat USA 2014, Aug. 6, 2014, 5 p.m. (60 minutes)

In the last few years, Android has become the world's leading smart phone operating system. Unfortunately, the diversity and sheer number of devices in the ecosystem represent a significant challenge to security researchers. Primarily, auditing and exploit development efforts are less effective when focusing on a single device because each device is like a snowflake: unique. This presentation centers around the speaker's approach to dealing with the Android diversity problem, which is often called "fragmentation." To deal with the issue, Joshua created a heterogeneous cluster of Android devices. By examining and testing against multiple devices, you can discover similarities and differences between devices or families of devices. Such a cluster also enables quickly testing research findings or extracting specific information from each device. When you leave this presentation, you will understand why the diversity problem exists and how to tackle it by creating a cluster of your own. Joshua will show you how to build such a cluster, provide a set of tools to manage one, and show you all the ways to leverage it to be more successful in your auditing and exploit development tasks.

Presenters:

• Joshua J. Drake / jduck - Accuvant LABS   as Joshua Drake
  Joshua J. Drake is a Director of Research Science at Accuvant LABS and lead author of the "Android Hacker's Handbook." Joshua focuses on original research such as reverse engineering and the analysis, discovery, and exploitation of security vulnerabilities. He has over 10 years of experience auditing and exploiting a wide range of application and operating system software with a focus on Android since early 2012. In prior roles, he served at Metasploit and VeriSign's iDefense Labs. Joshua previously spoke at Black Hat, RSA, CanSecWest, REcon, Ruxcon/Breakpoint, Toorcon, and DerbyCon. Other notable accomplishments include exploiting Oracle's JVM for a win at Pwn2Own 2013, successfully compromising the Android browser via NFC with Georg Wicherski at Black Hat USA 2012, and winning the DEF CON 18 CTF with the ACME Pharm team in 2010.

Links:

• https://www.blackhat.com/us-14/archives.html#researching-android-device-security-with-the-help-of-a-droid-army
• https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2014/video/Researching Android Device Security with the Help of a Droid Army.mp4
• https://www.youtube.com/watch?v=dIYeNgU5EAg
• https://www.blackhat.com/docs/us-14/materials/us-14-Drake-Researching-Android-Device-Security-With-The-Help-Of-A-Droid-Army.pdf

Similar Presentations:

• DerbyCon 6.0 Recharge (2016) / Stagefright: An Android Exploitation Case Study
• Black Hat USA 2015 / Stagefright: Scary Code in the Heart of Android
• DEF CON 23 (2015) / Stagefright: Scary Code in the Heart of Android