Play all

Intro

$ Android is everywhere!!

$ Bugs in Android (First Half of 2017)..

$ Okay! Why is it hard to find these bugs?

$ Static Analysis: Existing tools

$ Ideal Static analysis tool

$ Tracking user data: pointer analysis

$ Kernel drivers are small!!

$ DR.CHECKER: Story of the name

$ DR.CHECKER Overview

$ DR.CHECKER: SDTraversal

$ DR.CHECKER: Vulnerability Detectors

$ DR.CHECKER: Bue in Mediatek Accdet driver

$ DR.CHECKER: Bug in Samsung SensorHub drive

$ DR.CHECKER: Open Source and Dockerized

$ DR.CHECKER is not enough!!

$ Dynanic Analysis: Fuzzing!!

$ Fuzzing: Good Luck!!

$ Fuzzing: Highly constrained input

$ Drivers Expect Highly structured input

$ Bugs are hard to trigeer

$ DIFUZE: Idea

$ DIFUZE: Overview

$ DIFUZE: Interface Recovery

$ DIFUZE: Structure Generation

$ DIFUZE: On Device Execution

$ DIFUZE: Evaluation

$ DIFUZE: Bug Types

$ DIFUZE: Open Source

$ In Progress: drchecker.io

$ Tracking user data: Taint Propagation

Description:

Explore a comprehensive conference talk on Android kernel driver security analysis techniques. Delve into DR.CHECKER, a static analysis tool designed to overcome limitations by focusing on bug-prone kernel drivers. Learn about its ability to balance scalability and precision while minimizing unsoundness. Discover DIFUZE, a dynamic analysis fuzzing tool that addresses challenges in driver input constraints and bug triggering. Gain insights into interface recovery, structure generation, and on-device execution techniques. Examine real-world bug examples in Mediatek and Samsung drivers, and understand the ongoing developments in user data tracking and taint propagation. Access open-source tools and resources to enhance your Android security analysis skills.

Unleashing D* on Android Kernel Drivers

nullcon

Add to list

#Conference Talks #nullcon #Programming #Software Development #Software Testing #Dynamic Analysis #Static Analysis #Fuzzing

0:00 / 0:00