Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Network_Security_in_Android.pdf
Search
ValentineRutto
November 16, 2019
Programming
0
58
Network_Security_in_Android.pdf
ValentineRutto
November 16, 2019
Tweet
Share
More Decks by ValentineRutto
See All by ValentineRutto
Kickstarting your tech career
valentinerutto
1
44
The D in SOLID Principles
valentinerutto
0
220
Consuming Rest Api with retrofit in Android
valentinerutto
0
230
Exposing Network Result Status in MVVM
valentinerutto
0
76
Complex ui animation with Motion layout
valentinerutto
0
94
Tech Opportunities
valentinerutto
1
98
Android paging library
valentinerutto
0
250
Android Room persistence library
valentinerutto
0
160
UI/UX FOR MOBILE
valentinerutto
0
260
Other Decks in Programming
See All in Programming
Flutter with Dart MCP: All You Need - 박제창 2025 I/O Extended Busan
itsmedreamwalker
0
150
@Environment(\.keyPath)那么好我不允许你们不知道! / atEnvironment keyPath is so good and you should know it!
lovee
0
120
1から理解するWeb Push
dora1998
7
1.9k
How Android Uses Data Structures Behind The Scenes
l2hyunwoo
0
440
Updates on MLS on Ruby (and maybe more)
sylph01
1
180
Oracle Database Technology Night 92 Database Connection control FAN-AC
oracle4engineer
PRO
1
440
GitHubとGitLabとAWS CodePipelineでCI/CDを組み比べてみた
satoshi256kbyte
4
220
デザイナーが Androidエンジニアに 挑戦してみた
874wokiite
0
350
CloudflareのChat Agent Starter Kitで簡単!AIチャットボット構築
syumai
2
480
そのAPI、誰のため? Androidライブラリ設計における利用者目線の実践テクニック
mkeeda
2
290
RDoc meets YARD
okuramasafumi
4
170
今から始めるClaude Code入門〜AIコーディングエージェントの歴史と導入〜
nokomoro3
0
130
Featured
See All Featured
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
30
9.7k
Build your cross-platform service in a week with App Engine
jlugia
231
18k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
51
5.6k
4 Signs Your Business is Dying
shpigford
184
22k
Raft: Consensus for Rubyists
vanstee
140
7.1k
Gamification - CAS2011
davidbonilla
81
5.4k
Product Roadmaps are Hard
iamctodd
PRO
54
11k
Site-Speed That Sticks
csswizardry
10
810
Balancing Empowerment & Direction
lara
3
620
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
252
21k
Build The Right Thing And Hit Your Dates
maggiecrowley
37
2.9k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
126
53k
Transcript
Network Security in Android
None
KOKO is mainstreaming liquid bio-ethanol cooking fuel as a fast,
safe and affordable alternative to dirty cooking fuels such as charcoal https://kokonetworks.com
Protecting your app from reverse engineering and man in the
middle attacks
SSL certificate pinning Obfuscation with proguard
SSL Certificate pinning Why SSL Certificate pinning? to prevent man
in the middle attack What is SSL? -Secure Socket Layer - its a protocol that has always been used to encrypt and secure transmitted data between server and client (website and browser).
SSL Certificate pinning What is ssl certificate pinning? is ensuring
that any client SSL request first validates that the server’s certificate exactly matches the bundle’s certificate previously stored in the application.
SSL Certificate pinning
SSL Certificate pinning What steps do we need? • Obtaining
a certificate for the desired host (preferably the whole certificate chain). • Pin the certificate to an instance of DefaultHttpClient
SSL Certificate pinning Get certificate public key from ssllabs This
is the hashed public key of the certificate
SSL Certificate pinning
SSL Certificate pinning
SSL Certificate pinning - Failure
Obfuscation What? -is a process of creating source code in
a form that is hard for human to understand. Why? To prevent reverse engineering To reduce your app size
1. Configure your gradle file (app/gradle) 2. Use default android
proguard rules or create your own 3. Edt your rules Obfuscation Steps
Obfuscated Code
Non-obfuscated code
Resources Proguard android ssl pinning practical proguard rules
Demo….!!!!!! Demo github link
Thank you !!