'SecureMe - Droid' Android Security Application null Delhi NCR Meet 24 October 2015 Combined null Delhi / OWASP Delhi Chapter Monthly Meet
Abstract
SecureMe – Droid is an Android security application that notifies the user of publicly known vulnerabilities found in the installed version of applications on the user’s device. The application has been built on a client-server model so that user’s device has to perform least CPU operations and the network traffic is also limited.
The current version of SecureMe – Droid uses only NVD CVE XML database to find vulnerabilities and security weaknesses in apps using its application name, package name and version number.
SecureMe – Droid has an easy to use interface which allows user to configure the scanning options, check installed applications for vulnerabilities along with other application behavior actions.
Android broadcast action "android.intent.action.PACKAGEADDED” is released when a new Android application package is installed and "android.intent.action.PACKAGEREPLACED" is released when an existing Android application package is either upgraded or replaced. Do not that these broadcast actions are automatically generated and released by Android itself when a new Android app is installed/ upgraded/replaced.
SecureMe – Droid passively listens for these two broadcast actions to identify when a new application has been installed or an existing application is upgraded or replaced.Settings allow to tweak the app notifications and search depth according to user's choice. The app allows the user to choose from Intense (2010-2014) to Low (only 2014) CVE database to search for vulnerabilities and weaknesses. Default search depth is Medium (2012-2014).
User can check single, multiple or all apps for vulnerabilities using an easy to use user-interface.
The Scheduled Scan feature allows the user to configure a scheduled scan of installed apps using SecureMe – Droid. At present scheduler can run weekly/monthly/yearly.
To avoid exploitation due to excessive Android permission, SecureMe – Droid requires only two permissions to run on an Android:
1. Internet Access (android.permission.INTERNET)
2. Run at startup (android.permission.RECEIVEBOOTCOMPLETEDSecureMe – Droid does not access or transmit any sensitive user information and respects privacy at all times. The data that accessed from user's device are:
The only information which gets accessed and transmitted are listed below:
1. Application Name
2. Application Package Name
3. Application Version Number
4. Application Version Name
5. SecureMe – Droid Search Depth setting (1-5 only)
6. SecureMe – Droid Vulnerability Details settings (1 or 0)
Speaker
Timing
Starts at Saturday October 24 2015, 12:45 PM. The sessions runs for about 1 hour.