Analyzing Security Property of Android Application

Analyzing Security Property of Android Application

The implementation of Facebook SSO loginprotocol on Android. User is not shown on Fig. 2 for concisionand the user will interact with Android when it needs to suchas clicking login button or inputting user’s credentials.1) User requests to login to SP and SP initiates a requestto Facebook SDK asking for user’s access token.2) Facebook SDK relays the request to Facebook serverwith user’s credentials of its Facebook account identity.3) Facebook server verifies the credentials from the userand upon successful verification, cookies are returnedback to the user together with a form indicating whatdata will the SP has access to user’s Facebook account.4) User consents the authorization.5) Facebook generates the access token and returns it toFacebook SDK.6) Facebook SDK delivers the access token to SP and SPlogs the user in.SP Facebook SDK Facebook Authentication & Authorization Server 1 3 4 5 2 6 Fig. 2: Typical SSO Login ProcessC. Method OverviewIn order to formally verify the Facebook SSO implemen-tation on Android, one needs to build a formal model of theprotocol out of its implementation beforehand. In this section,the author first introduces the overview of the method he usesto model the protocol.Basically, the analysis consists of four stages. They are pro-tocol extraction stage; protocol modelling stage; verificationstage and finally result analysis stage. Each stage generatesartifacts and the artifacts are used as input in the next stage.The security analyst needs to manually analyze the artifactsgenerated in the final stage to identify and to confirm possiblevulnerabilities in the model.1) Protocol Extraction:Because Facebook does not docu-ment how they implement the SSO protocol, in order to buildthe formal model correctly, one needs to understand what aretransmitted between Facebook SDK and Facebook server andwhat are the semantics of the transmitted messages. To findout these information, the author performs a static analysisto Facebook SDK by manually inspecting its source code tounderstand what the SDK does during the login process andhow the SDK communicates with SP and Facebook server.Then, by dynamically running the protocol the author capturesthe network traffic between Facebook SDK and Facebookserver. After that, by removing the redundant messages andparameters, the captured network traffic is refined for theconvenience of modelling process. CodeShoppy

 Analyzing Security Property of Android Application

Protocol Modelling:With the refined protocol derivedin the previous stage, the author builds the formal model intyped Pi-calculus [16] which is the modelling language usedin Proverif [16], a verifier of the author’s choice to verifythe formal model. The main obstacle in this stage is the gapbetween the concrete implementation and the high-level modelrepresentation.To ease this problem, the author first intuitively transformsthe refined protocol into an intermediate representation whichis close to typed Pi-calculus. Later, the intermediate repre-sentation can be translated to typed Pi-calculus much easier.The refined protocol is then modelled in a basic formal modelin typed Pi-calculus which contains no adversaries. Based onthe basic model, the author introduces four different attackerson top of the model and derives four formal models withproperties to be check. The first attacker model is the networkattacker which the attacker eavesdrops on the communicationchannel, namely, the network; the second is the maliciousSP which provides the user with services and let the userslogin with their identities on the IdP; the third and fourthare a malicious app in the system and they differs only atwhether the malicious app in the system can obtain the rootprivilege or not. The properties defined by security analyston these four attacker models include authentication property,authorization property and secrecy property which are mostrelevant to protocol security and user’s privacy.3) Verification and Analysis:The four formal models ofthe refined protocol derived in the last stage are used as inputsto be checked against the security analyst defined propertiesin this stage. After the verification, Proverif generates theverification reports for the models. By inspecting the reports,security analyst identifies violations of the properties beingchecked and possible vulnerabilities of the protocol. If so, thesecurity analyst reconstructs attacks on the real world device.D. Verification ResultsProverif generates verification reports for the four attackermodels after the verification process terminates. Only one ofthe authorization properties can be proved true and the otherare either false or can not be proved. The models verifiedshow that in all attacker models, Facebook server will finishthe authorization process at the wish of a “user” whether it isthe real user or is the attacker who compromised the user’scredentials and is pretending to be that user. The results alsoindicate that in some cases, there might exist replay attackfor the SP. However, this is not a vulnerability in real worldbecause of the widely adopted https [17] protocol in networkcommunication and it is an false positive in verification resultsof the models ..https://codeshoppy.com/android-app-ideas-for-students-college-project.html

httphttps://codeshoppy.com/android-app-ideas-for-students-college-project.html

Categories