1. InfoconDB
  2. CCC
  3. 30C3 (2013)
  4. Android DDI: Dynamic Dalvik Instrumentation of Android Applications and the Android Framework

Android DDI: Dynamic Dalvik Instrumentation of Android Applications and the Android Framework

Presented at 30C3 (2013), Dec. 29, 2013, 4 p.m. (60 minutes)

As application security becomes more important on Android we need better tools to analyze and understand them. Android applications are written in Java and a run in the Dalvik VM. Until now most analysis is done via disassembling and monitored execution in an emulator. This talk presents a new technique to instrument Android applications executed in the DVM. The talk will introduce the new technique in great detail including many small examples and a whole attack based on it. We will go step by step to show you what can be achieved using this technique. As application security becomes more important on Android we need better tools to analyze and understand them. Android applications are written in Java and a run in the Dalvik VM. Until now most analysis is done via disassembling and monitored execution in an emulator. This talk presents a new technique to instrument Android applications executed in the DVM. The talk will introduce the new technique in great detail including many small examples and a whole attack based on it. We will go step by step to show you what can be achieved using this technique. Outline: General Introduction Background Introduction to Android and Dalvik Applications Introduction to Dynamic Instrumentation Basics (Native Code) Introducing: Android DDI Details Tools Examples Real World Attack Example Conclusions Take Away: This talk is highly technical, you will learn about new techniques for analyzing and modifying Android applications. You will want to try out what you saw in this talk.

Presenters:

  • Collin Mulliner
    Collin Mulliner is a researcher in the Systems Security Lab at Northeastern University. Collin's main interest is the security and privacy of mobile and embedded devices with an emphasis on mobile and smart phones. Since 1997 Collin has developed software and did security work for Palm OS, J2ME, Linux, Symbian OS, Windows Mobile, Android, and the iPhone. In 2006 he p0wnd Windows Mobile using MMS and broke iOS, Android, and Windows Mobile with SMS in 2009. Collin's specifically interested in the areas of vulnerability analysis and offensive security.

Links:

Similar Presentations: