Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Adaptive Android Kernel Live Patching

Hack In The Box Security Conference via YouTube

Overview

Explore an adaptive Android kernel live patching framework in this 54-minute conference talk from Hack In The Box Security Conference. Dive into the world of Android kernel vulnerabilities and their exploitation by malware and APTs. Learn about the challenges of patching these vulnerabilities and the innovative solution presented by the speakers. Discover how this framework enables hotpatching for unpatched kernels, works directly on binaries, and automatically adjusts to different device models and kernel versions. Understand the benefits for third-party developers and the potential impact on shortening patch deployment periods. Gain insights into Android security, malware analysis, and vulnerability research from experienced security researchers Tim Xia and Yulong Zhang. Follow along as they discuss various Android vulnerabilities, root attacks, and the limitations of current solutions. Examine the technical details of the proposed framework, including version magic, module structure checks, and memory allocation techniques. Conclude with a look at famous vulnerabilities, popular devices, and the future of Android security ecosystem alignment.

Syllabus

Introduction
Outline
Two types of vulnerabilities
Most security mechanisms of Android
Recent Android vulnerabilities
Conclusions
Tower Root
Pimpin Root
Pipe Root
Public POC
Root Apps
Google Chrome
Chemi
Ghost Push
Dark Spectres
Why
Long pattern chain
Device fragmentation
Google stats
Chinese stats
Capability mismatch
Security vendors
Limitations
Solution
Version Magic
Module Structure Check
Bypass Kernel Module Authentication
Circle Injection
Memory Allocation
From User Memory
Branch
No explicit operation
Optimization
Limitations of current solutions
Famous vulnerabilities
Most popular devices
Demos
Next steps
Call out
Ecosystem
Ecosystem Alignment
Questions

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Adaptive Android Kernel Live Patching

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.