Presented at
DeepSec 2016 „Ten“,
Unknown date/time
(Unknown duration).
System services represent one of the core components in Android, implementing many fundamental Android features such as media playback, graphics or network connectivity. The fact that the large majority of system services exposes a remote interface that can be called by other unprivileged applications or services makes them an excellent attack vector. From a system security perspective this task makes even more sense since most of the components and processes executed behind each system service run with high or increased privileges.
The presentation will focus on a fuzzing approach that can be used for testing system services in Android, providing in-depth information about the implementation of the tools developed to accomplish this task and examples of actual vulnerabilities that were discovered in the latest versions of Android.
Presenters:
-
Alexandru Blanda
- Intel Corporation
Alexandru Blanda is a software security engineer, part of the Open Source Technology Center at Intel Corporation. He is currently working on projects related to the overall security of the Android OS, mainly focusing on methods to improve the efficiency of fuzzing techniques inside this environment and discovering ways to uncover vulnerabilities inside different components of the operating system.
Links:
Similar Presentations: