Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Network_Security_in_Android.pdf
Search
ValentineRutto
November 16, 2019
Programming
0
55
Network_Security_in_Android.pdf
ValentineRutto
November 16, 2019
Tweet
Share
More Decks by ValentineRutto
See All by ValentineRutto
Kickstarting your tech career
valentinerutto
1
42
The D in SOLID Principles
valentinerutto
0
220
Consuming Rest Api with retrofit in Android
valentinerutto
0
230
Exposing Network Result Status in MVVM
valentinerutto
0
72
Complex ui animation with Motion layout
valentinerutto
0
91
Tech Opportunities
valentinerutto
1
96
Android paging library
valentinerutto
0
250
Android Room persistence library
valentinerutto
0
160
UI/UX FOR MOBILE
valentinerutto
0
250
Other Decks in Programming
See All in Programming
MDN Web Docs に日本語翻訳でコントリビュートしたくなる
ohmori_yusuke
1
130
Workers を定期実行する方法は一つじゃない
rokuosan
0
110
CDK引数設計道場100本ノック
badmintoncryer
2
510
ISUCON研修おかわり会 講義スライド
arfes0e2b3c
1
470
構文解析器入門
ydah
6
1.6k
RailsGirls IZUMO スポンサーLT
16bitidol
0
200
ソフトウェア設計とAI技術の活用
masuda220
PRO
22
6.1k
CIを整備してメンテナンスを生成AIに任せる
hazumirr
0
100
GPUを計算資源として使おう!
primenumber
1
270
Flutterで備える!Accessibility Nutrition Labels完全ガイド
yuukiw00w
0
170
#QiitaBash MCPのセキュリティ
ryosukedtomita
1
1.5k
レトロゲームから学ぶ通信技術の歴史
kimkim0106
0
120
Featured
See All Featured
Java REST API Framework Comparison - PWX 2021
mraible
31
8.7k
It's Worth the Effort
3n
185
28k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
656
60k
Building a Modern Day E-commerce SEO Strategy
aleyda
42
7.4k
Docker and Python
trallard
45
3.5k
KATA
mclloyd
30
14k
Designing for Performance
lara
610
69k
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
Stop Working from a Prison Cell
hatefulcrawdad
271
21k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
Agile that works and the tools we love
rasmusluckow
329
21k
Adopting Sorbet at Scale
ufuk
77
9.5k
Transcript
Network Security in Android
None
KOKO is mainstreaming liquid bio-ethanol cooking fuel as a fast,
safe and affordable alternative to dirty cooking fuels such as charcoal https://kokonetworks.com
Protecting your app from reverse engineering and man in the
middle attacks
SSL certificate pinning Obfuscation with proguard
SSL Certificate pinning Why SSL Certificate pinning? to prevent man
in the middle attack What is SSL? -Secure Socket Layer - its a protocol that has always been used to encrypt and secure transmitted data between server and client (website and browser).
SSL Certificate pinning What is ssl certificate pinning? is ensuring
that any client SSL request first validates that the server’s certificate exactly matches the bundle’s certificate previously stored in the application.
SSL Certificate pinning
SSL Certificate pinning What steps do we need? • Obtaining
a certificate for the desired host (preferably the whole certificate chain). • Pin the certificate to an instance of DefaultHttpClient
SSL Certificate pinning Get certificate public key from ssllabs This
is the hashed public key of the certificate
SSL Certificate pinning
SSL Certificate pinning
SSL Certificate pinning - Failure
Obfuscation What? -is a process of creating source code in
a form that is hard for human to understand. Why? To prevent reverse engineering To reduce your app size
1. Configure your gradle file (app/gradle) 2. Use default android
proguard rules or create your own 3. Edt your rules Obfuscation Steps
Obfuscated Code
Non-obfuscated code
Resources Proguard android ssl pinning practical proguard rules
Demo….!!!!!! Demo github link
Thank you !!