Android is an Open source Mobile operating system, Linux based with modification to use devices such as mobile phones, computer tablets, and smart watches. Today’s market is being dominated by Android followed by iOS.

The above figure shows the Android market taken from http://www.statista.com. Let us understand basic Android Architecture and walk through different types of vulnerabilities in a Mobile application.

Android contains the following components:

  • System apps (Applications)
  • Java API Framework
  • Android Runtime
  • Native C/C++ Libraries
  • Hardware Abstraction Layer (HAL)
  • Linux Kernel

 

System Apps

Android OS has a set of core apps for Messages, Email, Calendars, Contacts etc. These apps provide access to the applications that users download so that Developers can enhance more capabilities. For instance, a user’s third-party app can be a custom-built Calendar or Messaging app – If a developer builds a delivering Messaging app, they can use the existing functionality exposed by core apps.

 

Android Platform Architecture

Source: https://developer.android.com/guide/platform

 

Java API Framework

Similar to Systems apps, Java API framework exposes its core functionality as API written in Java Language. The following are the building blocks as components and services:

  • View System – Provides rich UI controls like lists, grid, text boxes, buttons and embedded web browser.
  • Content Providers – Enables User’s App to share data with other Apps such as Contacts, Camera
  • Notification Manager – Provides functionality for custom notification alerts in status bar.
  • Resource Manager – Access to graphics, layout file and other non-code resources.
  • Activity Manager – Manages Navigation back stack, App life cycle and share own data.

 

Android Runtime

Android Runtime (ART) helps in converting Dalvik byte (Android JVM) into Native instructions. ART can run on multiple Virtual machines on Low-memory devices by DEX code execution. Major features of ART include:

  • Optimised Garbage Collection
  • For Android 9 and above Conversion of App packages Dalvik Executable format (DEX) to more compact machine code.
  • Ahead of Time (AOT) and Just in Time (JIT) Compilation

 

Native C/C++ Libraries

If any App requires C or C++ libraries, one can use Android NDK to access Native Libraries from native code.

 

Hardware Abstraction Layer

HAL contains Standard Interfaces which provides access to different hardware items like Camera, Bluetooth, Wi-Fi modules. Android system loads the respective module based on Framework API calls.

 

Linux Kernel

This is the foundation of Android Platform. Linux kernel is the backbone of Android Runtime (ART) for memory management and threading functionalities.

Throughout the series we’ll be exploring various Android Mobile vulnerabilities using various tools like:

 

Tool name Purpose
Android SDK To build Application, Create Virtual device, Android device Emulator
Drozer Simulate malicious application in Android
JADX Reverse Engineering APK files
Burpsuite Proxy intercepting tool
Dex2Jar Converts .dex of an APK to .jar or vice versa
Genymotion Another Emulator
As new tools emerge, we will also take a look at selected tools.  

 

Also, we will be looking different types of vulnerabilities through custom built mobile vulnerable applications like Android InsecureBank V2 and purposely Insecure Vulnerable Android Application (PIVAA)  and how to mitigate those vulnerabilities in Mobile security standards.

Next time we look at some important tools needed.

Join us in a partnership founded in research, education and execution

Our success is built on protecting our clients’ success. We have a distinguished track record of supporting our clients in building secure by design environments. Our consultants have successfully ushered in new security practices in leading pharmaceutical, energy and retail institutions. Bramfitt has over 50 specialists around the world and we are committed to forging long-term relationships with our clients, providing them with genuine insight and practical advice, and supporting them as they navigate the everchanging security landscape.

Let us be your partner for the next phase of your security journey.

EMEA Headquarters
Tower 42, 25 Old Broad Street London, EC2N 1HN
+44 (0) 208 187 4234
AMER Headquarters
45 Rockefeller Plaza, 20th Floor New York, NY 10111
+1 (800) 468-6046
APAC Headquarters
96 Wanneroo Rd, Yokine WA 6060, Australia
Social
iasme consortium
iasme consortium
cyber essentials
cyber essentials plus
iot security assured
pentest
ukas iso 9001ukas iso 27001
Back to top
Get in touch