A Framework for Android Security through Automation in Virtual Environments

Presented at AppSec USA 2013, Nov. 20, 2013, 1 p.m. (50 minutes).

This session introduces a practical approach to securing Android applications through an automated framework. The framework uses a simple interface and automatically evaluates applications - even hundreds of them - harvesting behavioral data and run patterns, facilitating the vast majority of evolving security tests. Citing research from using this framework, this session will also answer some of today's most pressing android security questions. This presentation will address the limitations of real time security and fragmented security models for security evaluations of Android applications, and will demonstrate how to resolve this using an automated virtual environment that analyzes behavior of Android apps while providing a layer of transparency between Android apps and Android users. Then it will present how I built an open source framework - the Android Security Evaluation Framework (ASEF) to help resolve security needs of a larger spectrum of Android users including researchers and developers. I will explain how to perform security evaluations on a bigger scale for app stores and large organizations by demonstrating scheduled automatic security evaluations that can be done remotely from an android device using ASEF and its agent. Citing results from using ASEF, I will also recommend safe practices to follow by being proactive about security measures before installing an app, as well as tips for effective security management after android apps are installed. I will also discuss the importance of Behavioral Analysis and Vulnerability Management of android devices along with idea of integrating security tests in the plug and play framework of ASEF.            Lastly, I will discuss the future of Android security through the eyes of automation and what tactics can be used to achieve conclusive and comprehensive coverage of upcoming Android security needs.

Presenters:

  • Parth Patel - Backend Developer / Security Engineer - Qualys
    I find a programmatic way to replace myself at work and when I do, I explore new challenges to work on. Android Security is my most recent interest. Please visit my Open Source Project at (http://code.google.com/p/asef/) I have presented my research work at Security Conferences like Sector 2012 (Toronto), BSides 2012 (Vegas, Dallas, Detroit) & S4 Con (San Francisco). I aspire to create a largest database of behavioral analysis of Android Applications and attempt to answer some of the most burning questions of Android Security. At Qualys, I enjoy building Backend tools(with UI) which are easy to use, adapt, integrate, modify, reuse and scale. Before Qualys, I have worked on security at companies including Ricoh Innovations, where I designed and developed the Secure Tap Transfer Protocol, which allows handheld devices to establish secure communications. At Connexed Inc, I worked to harden the security of their surveillance camera infrastructure. I hold a Master's degree in Computer Networking & Security from San Jose State University (2008). Specialties:Scripting, Automation, Design and Develop Frameworks, Regular Expressions and Pattern Matching, Data (mining, parsing, correlation), Reverse Engineering, Forensic Analysis, Vulnerability Management and Information Security.

Links:

Similar Presentations: