1 of 40

Mobile Systems and Smartphone Security�(MOBISEC 2020)

Prof: Yanick Fratantonio�EURECOM

Intro to App Development

2 of 40

This slides deck

Key info on how an Android app looks like

Key info on how to develop them

Key info on how to run them

DEMO on all three steps

Website walkthrough

3 of 40

Android apps in a nutshell

They are written in Java, C/C++, Kotlin

Android apps “live” in the context of Android framework

Android framework exposes a gigantic number of APIs
APIs ~ "library functions"

APIs are useful for

1) apps to interact with the “external world” (via the API)
2) the Android framework to interact with the Android app

Where does the execution start?

4 of 40

Android APIs

Extension to Java SDK APIs

Many APIs from the Java world are part of the Android APIs

Android APIs are implemented within the Android framework

6 of 40

Example of APIs: HTTP request (doc)

URL url = new URL("http://www.android.com/");

HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();

try {

InputStream in = new � BufferedInputStream(urlConnection.getInputStream());

readStream(in);

} finally {

urlConnection.disconnect();

}

7 of 40

Example of APIs: Log message (doc)

Log.i("MYAPP", "Logging a message");

Log.e("MOBISEC", "Test message");

8 of 40

Example of APIs: access to GPS/location info (doc)

LocationListener list = new MyLocationListener();

list.requestLocationUpdates(

LocationManager.GPS_PROVIDER, 5000,� 10, locationListener);

class MyLocationListener implements LocationListener {

@Override

public void onLocationChanged(Location loc) {

Toast.makeText("Location" + loc.getLatitude() +� ", " + loc.getLongitude());

}

9 of 40

Android Framework APIs

Too many to be enumerated

Massive documentation from Google

Google for "android <apinameyouneverheardabout>"

Check results from Google/Android's documentation
Check results from stackoverflow

10 of 40

Package name

Each app has a package name

Example: "com.facebook.katana"

The package name acts as a "unique" identifier across the system

Constraints: package name needs to be *unique*:

1) across apps installed on a specific Android device
2) across the Google Play Store

11 of 40

Basics on Android apps

There is no "main" function (like in C programs)

The user interacts via the Graphical UI

Many types of UI Widgets: EditText, Button, ...
No command line interface

Many APIs are "event-driven"

1) You register a "listener" X
2) X's callback is invoked later on

Apps are built as a combination of "components"

12 of 40

Four main component types

Activity

Service

Broadcast Receiver

Content Provider

Each of these has its own "life cycle"

13 of 40

Activity (guide, ref)

Entry point for interacting with the user. It represents a single screen with a user interface.

You can have many: each of them defines a UI

You can define which one is the "main" one

This is the chosen one when you start your app

If the app allows it, an external app can start these activities at will

14 of 40

Activity Life Cycle

15 of 40

Service

Meant to perform an action in the background for some period of time, regardless of what the user is doing in foreground (the user could be switching between activities)

Example: a music player service

They do not provide a user interface

16 of 40

Broadcast Receiver

They are meant to respond to system-wide events

They have a well-defined entry point as well

The system can deliver these events even to apps that are currently not running

Example of events: battery charging, sms is received

17 of 40

Content Provider

They manage a shared set of app data

High-level API to access data so that other apps and services can query / interact with it

They abstract away the storing mechanism

Most often based on SQLite database (file-based)

18 of 40

Communication between components: Intents (doc)

How can these components talk?

Android-defined objects that encode an "intent"

Use cases

Notation: "A.X" refers to app A's component X
A.X wants to start A.Y (Example: "Go to next activity")
A.X wants to send data to B.Z
The user clicks on A's icon ⇒ The launcher app sends an intent to A.MA
Note: each component has its life cycle! A.Y could already be "started"

19 of 40

Explicit vs. Implicit Intents

Explicit

The intent "explicitly" specifies which component it wants to talk to
It specifies the target's full package name / component

Implicit

The intent just describes the type of action to perform (and, optionally, some data)

Good source of info / tutorial: link

20 of 40

Example of Explicit Intent

{

...

Intent i = new Intent(this, SecondActivity.class);

i.setData("Here is some data for act2");

i.putExtra("arg1", "And here some more");

startActivity(i);

...

}

Add more data with a "Bundle", a key-value store

21 of 40

Example of Implicit Intent

{

...

String url = "http://www.google.com";

Intent i = new Intent(Intent.ACTION_VIEW);

i.setData(Uri.parse(url));

startActivity(i);

...

}

Action

Intent is sent around the system, with the hope that some other apps will do something about it

22 of 40

Intent Filters

Intent filters are a mechanism for apps to declare something like:

"My component X can handle intents of type <TYPE>"

When an app (a different one, or even itself!) sends an implicit intent, the "system" knows that it can count on X to handle that action

23 of 40

Android framework versions / API levels (doc)

Android has many versions

Latest one (Sept 2020): Android 11.0 (but not all devices get it)
Last supported by my old device (Nexus 5X): Android 8.1

Each version introduces new features and new APIs

It builds on previous versions in an "additive" way
Old APIs are deprecated, but very rarely removed
New Android versions are (usually) "backward compatible" with old ones

Each version is identified by an "API level", an integer

24 of 40

Android framework versions / API levels

25 of 40

Android framework versions / API levels

Each device runs one Android framework version

It is associated with one API level (Example: my Nexus's API level is 27)

It implicitly supports apps targeting older Android versions

Example: apps targeting Android 5.0 can run on my Android 8.1 device

Each app needs to specify which versions it can work on

26 of 40

Android framework versions / API levels

Minimum API level

Lowest API level the app can run on
If app uses APIs introduced in API level 10, it cannot run on API level 5

Target API level

API level for which the app was designed and tested
App can run on API level higher than this
The framework knows whether it needs to enable compatibility-related functionality
Ideally: this is the latest Android version available

27 of 40

Enough Theory...

28 of 40

Example of Activity

public class MainActivity extends Activity {

/** Called when the activity is first created. */

@Override

public void onCreate(Bundle savedInstanceState) {

super.onCreate(savedInstanceState);

setContentView(R.layout.activity_main);

Log.i("MOBISEC", "Hello world!");

}

29 of 40

The Manifest file (doc)

The most important file of an Android app

It specifies all key information needed by the framework to run the app

It is an XML file

30 of 40

Manifest: Package Name

<?xml version="1.0" encoding="utf-8"?>

<manifest xmlns:android="http://schemas.android.com/apk/res/android"

package="com.example.myapp"

android:versionCode="1"

android:versionName="1.0" >

...

</manifest>

No one writes these things manually...

31 of 40

Manifest: List of components

</activity>

</activity>

</service>

</application>

</manifest>

32 of 40

Manifest: Intent Filters

<intent-filter>

</intent-filter>

</activity>

33 of 40

Manifest: Main Activity

<intent-filter>

</intent-filter>

</activity>

34 of 40

Manifest: Min / target SDK

<uses-sdk android:minSdkVersion="23"

android:targetSdkVersion="27" />

</manifest>

Semantics

App can't run on devices with API level < 23 (Android 6.0)
App can run on all version of Android >= 23 to latest one (29, Android 10)
App has been designed and tested for API level 27 / Android 8.1

35 of 40

Manifest: Permissions (doc)

<uses-permission android:name="android.permission.SEND_SMS"/>

</manifest>

Permissions protect many security-related capabilities

From opening an Internet connection to sending SMS
Check this page for a quite comprehensive list

36 of 40

Android Studio and Android SDK

37 of 40

How do you actually develop apps?

Android Studio

Current version: 3.5
It works on Windows, MAC OS, Linux
My material focuses on Linux

The way to go for:

Developing Android apps (from source code, to manifest, to resources)
Managing Android SDK

Tools to play with apps, compile/build them, generate an APK

Managing Android Virtual Devices (AVD) aka Android emulators
Running your apps on the emulator (or on your own device)

38 of 40

Key things to learn

From source code to APK

How to create a new app / project
Compile the app / build the APK

From APK to executing code on an emulator

Install Android SDK / System image
Create a new emulator
Start the emulator
Run the APK

39 of 40

Important "paths"

<android-studio>/bin/studio.sh

~/Android/Sdk/platforms-tools/{adb,fastboot}

~/Android/Sdk/build-tools/<version>/aapt

~/.android/avd/*

~/AndroidStudioProjects/<name>/app/build/outputs/apk/debug/app-debug.apk

If you don't find it: $ find -name "*.apk"

40 of 40

Website Walkthrough

Important info and links (mobisec-f20.reyammer.io)

Feedback form
Slides
Info on the analysis system
FAQ

Top practical thing to learn (TBA)

How to submit Android apps and get feedback from the system