The Android operating system is built to protect its users and support the most complex to the simplest applications. Android is built on the Linux kernel and relies on many of Linux's security mechanisms to protect its users. Applications on the Android platform are supported and protected by the Android application framework by means of mechanisms such as the Permissions Framework and Androids Binder.
Unfortunately, application and system developers may sometimes weaken the inherent security strengths of Android by introducing high level application and low level security flaws to system software; often, this allows attackers to harm users or even take control of a victim's device or steal sensitive information.
"Android Security Cookbook" covers a variety of topics including analyzing android devices, operating systems, and applications down to code level for security vulnerabilities. It also discusses some measures that application developers can put in place to protect their applications and devices from common vulnerabilities and attacks.
"Android Security Cookbook" discusses many common vulnerabilities and security related shortcomings in Android applications and operating systems. The book breaks down and enumerates the processes used to exploit and remediate these vulnerabilities in the form of detailed recipes and walkthroughs. The book also teaches readers to use an Android Security Assessment Framework called Mercury and how to develop plugins to customize the framework. Other topics covered include how to perform secure networking from within Android applications, how to reverse-engineer Android applications to find common vulnerabilities, and how to find and remediate common memory corruption vulnerabilities on ARM devices.
In summary, "Android Security Cookbook" provides a practical analysis into many areas of Android application and operating system security and gives the reader the required skills to analyze the security of their Android devices.
|Product dimensions:||7.50(w) x 9.25(h) x 0.73(d)|
About the Author
Keith Makan is an ex-Computer Science and Physics Student and passionate hobbyist security researcher. He spends most of his free time reading source code, reverse-engineering, fuzz testing, and developing exploits for web application technology.
Keith works professionally as an IT auditor and security and vulnerability assessment specialist. Keith's personal research has won him spots on the Google Application Security Hall of Fame numerous times and he has developed exploits against Google Chrome's Webkit XSSAuditor, Firefox's NoScript Add-on, and often reports security flaws and develops exploits for Wordpress plugins.