1. Brief
No magic at all!
Who is the course written for?
2. The big picture
Do We Need to Secure an Android Application?
Different Use Cases and Their Security Considerations
Security as a Spectrum, Not a Binary Choice
Exercise 1
Quiz 1
3 attempts allowed
3. Principles and Methodologies
Gravity of principles (The rules of the game)
The Fail-Safe vs Fail-Secure Principle (Planning for the Unexpected)
Fail-Safe Principle in Software Development
Fail-Secure Principle
Saltzer-Schroeder article
Least Common Mechanism
The Significance of the Principle
Practical Examples
Exercise 2
Separation of Privilege and Least Privilege
Some of the benefits of Least Privilege
Some of the benefits of the Separation of Privilege
Examples of Separation of Privilege & Least Privilege
Exercise 3
The Zero Trust Principle: Trust No One, Verify Everything
Examples of Zero Trust
Access Control:
Micro-segmentation:
Multi-factor Authentication (MFA):
Applying Zero Trust to Android Development
SELinux & App permissions
Exercise 4
KISS: The Principle of Least Complexity in Security
Examples of the Principle of Least Complexity in Android
Some KISS principle best practices
Exercise 5
Defense in Depth
Examples
Physical Security:
Network Security:
Application Security:
Data Security:
User Training and Awareness:
Exercise 6
Defensive, Offensive, and Aggressive Programming
Development stance
Development method (methodology)
Defensive programming
When to use Defensive programming
Pros
Cons
Offensive programming
What is acceptable?
What should be handled
Pros
Cons
Aggressive programming
Best practice
Exercise 7
Notes on Modularity, cohesion, and coupling
The Importance of Software Design and Implementation Beyond Platform-Specific Techniques
Principles and Software Complexity
Software Complexity and Security Risks
Final Thoughts on Core Programming Concepts
Exercise 8
Quiz 2
3 attempts allowed
4. Securing the Development Lifecycle
Design Review
Exercise 9
Code Review
The imperative role of code review
Kick-off Meeting
Code Review Checklist
Security Code Review Process
Preparation:
Static Analysis:
Dynamic Analysis:
Post-Review:
Manual Code Review
Developer Updates and Follow-up
Follow coding standards and best practices:
Look for common security vulnerabilities:
Understand the dependencies:
Conduct threat modeling:
Use automated tools and perform manual reviews:
Security Code Review Examples
An example of URL Injection
Exercise 10
Regular Security Assessments
Importance of Regular Security Assessments
Important Elements of Continual Assessments
Exercise 11
Security Requirements
Code Integrity
Booting Securely
Compiler Optimizations
Address Space Layout Randomization (ASLR)
Code Obfuscation
Data Protection
Authentication and Authorization
Strengthened Authentication
RBAC or role-based access Control
Incident Response
Monitoring and Logging
Updates on Security
Plan for Security Incident Response
Exercise 12
Integrating Security Testing
Security Testing Methods
Static Application Security Testing and Static Code Analyzers (SAST)
Dynamic Application Security Testing (DAST)
Penetration Testing
Fuzz testing
Security Testing Techniques and Tools
Code Review
AI
Secure Code Libraries
Integrating Security Testing into Android Development
Continuous Integration Pipeline
Security Testing Examples
Exercise 13
Quiz 3
3 attempts allowed
5. Threat Modeling, Standards and Guidelines
Shostack’s Four Question Framework
Exercise 14
Threat Modelling frameworks
TARA
Exercise 15
Security Standards and Guidelines
Some organization to know
MITRE
CVE
CWE
OWASP
Choosing the Right Framework
Exercise 16
Some keywords to know
Vulnerability Severity Score
Vulnerability Risk
Attack Vector
Attack Surface
Privilege Escalation
Zero-Day Vulnerability
Exercise 17
Quiz 4
3 attempts allowed
6. Attack and Defense
We don’t need to experience it again!
Why are we not learning from history?
Let’s simplify
All the ways to get inside
Different Scenarios
General steps
An insider
The plane is hijacked
No guard watching the doors
Shaky building
Superhero is forbidden!
You don’t know my language
He has a mask
Exercise 18
How you will be attacked
Unfold the target
Extract information from the unfolded app
Look for a vulnerability
Examine the founding
Prepare to attack
Attack
Exercise 19
How to Defend
Defensive Techniques
In the development process
Minimizing the surface attack
Compiler & tools
Run-time
Implementation & Language Specific
Data Protection
Network & protocols
OS Mechanisms
Libraries
System level
Testing
Exercise 20
Act as a chief
Quiz 5
3 attempts allowed
7. Common Programming Mistakes
Memory safety
The Challenge of Memory Safety in C and C++
Rust: A Safer Alternative?
Why Hasn’t Rust Been Widely Adopted Yet?
A Potential Transition Strategy
Exercise 21
C and C++
Buffer overflow & Out-of-bund write
Expired pointer dereference (CWE-825)
Use after free (CWE-416)
Double free (CWE-415)
Out-of-Bounds Read (CWE-125)
Buffer Over-Read (CWE-126)
Buffer Under-Read (CWE-127)
NULL Pointer Dereference (CWE-476)
Access of Uninitialized Pointer (CWE-824)
Exercise 22
Java
Serialization Vulnerabilities (CWE-502: Deserialization of Untrusted Data)
Ineffective Exception Handling (CWE-209: Information Exposure Through Error Messages)
Use of Reflection (CWE-470: Use of Externally-Controlled Input to Select Classes or Code)
Insecure Configuration and Hard-Coded Credentials (CWE-798: Use of Hard-coded Credentials)
Unchecked Input Leading to Injection (CWE-89: SQL Injection, CWE-79: XSS)
Integer Overflow/Underflow (CWE-190 / CWE-191)
Exercise 23
Kotlin
Null Safety Misconceptions
Improper Coroutines Usage (Race Conditions and Data Races)
Extension Functions Misuse
Data Class Copy Functions
Default Parameters and Overloading
NULL Pointer Dereference (CWE-476)
Exercise 24
Real world examples
Linux-Related CVEs
Android-Related CVEs
Exercise 25
Quiz 6
3 attempts allowed
8. Data Validation
Untrusted Data Sources
Types of Untrusted Data Sources
External storage:
User input:
Network connections:
Third-party libraries:
Dealing with Untrusted Data Sources
Input validation:
Encoding and escaping data:
Limiting third-party library usage:
Sandboxing and isolation:
Exercise 26
Input Validation
Input Range Validation
Input Length Validation
Importance of Input Length Restrictions
Prevention of Buffer Overflow Attacks
Protection Against Denial of Service (DoS) Attacks
Data Integrity
Usability
Implementation Techniques
Whitelisting and Blacklisting
Input format
Regular Expressions
Type-checking and Casting
Application Framework and Library Input Validation
Some libraries and methods for input validation:
Real-life Incidents
The Morris Worm (1988):
The infamous Heartbleed bug that affected OpenSSL (2014):
Exercise 27
Encoding Methods
HTML Encoding
URL Encoding
JavaScript Encoding
SQL Encoding or SQL Escaping
Unicode Encoding
Incidents and History
Exercise 28
Sanitizing user inputs
Importance of Input Sanitization
SQL Injection:
Cross-site scripting (XSS):
Command Injection:
Buffer Overflow:
Why use Input Sanitization Libraries?
Input Sanitization Libraries for C/C++
Libinjection:
StringSan:
libtidy:
Input Sanitization Libraries for Java
OWASP ESAPI:
Apache Commons Validator:
Google Guava:
Input Sanitization Libraries in Kotlin (Android)
Android Saripaar:
Validators Kotlin:
Exercise 29
Quiz 7
3 attempts allowed
9. Android Security Model
Let’s open the onion layers
Exercise 30
Application Sandbox and Android Runtime
Exercise 31
Application Signing
Exercise 32
Permission and Package Manager
Exercise 33
SELinux
Exercise 34
AndroidManifest and Components
Inter-process communication
AIDL (application level)
Service Binding
Interface Methods
AIDL Transaction Security
Bound Services Security
Cross-process Communication
Broadcasts and Intents
Android Broadcasts
Securing Android Broadcasts
Android Intents
Securing Android Intents
Content provider
Example Implementation
Exercise 35
HAL Layer
System Daemon Isolation
Hardware Abstraction Security
Vendor HAL and Secure Implementation
Binderized HAL
HIDL (HAL Interface Definition Language)
Direct Memory Access (DMA)
Exercise 36
Play Integrity
Play Integrity API: A Comprehensive Solution
Key Considerations for Play Integrity API Implementation
Play Integrity API Integration
Platform Compatibility
9.1 Play Integrity API: A Comprehensive Solution
9.2 Key Considerations for Play Integrity API Implementation
9.3 Play Integrity API Integration
9.4 Platform Compatibility
Exercise 37
Jetpack libraries
Quiz 8
3 attempts allowed
10. Protecting Data
Data life-cycle
In-Transit
In-Memory
Temporary
Persistent (Long-Term)
Exercise 38
What Google has done to address insecure storage
Recent Android security improvements
Scoped Storage
Secure File Storage
Android Keychain and KeyStore for Secure Credential Storage
Keychain and KeyStore: A Brief Overview
Using the Android Keychain for Secure Credential Storage
Using the Android KeyStore for Secure Key Storage
Using Hardware-Backed Keys for Added Security
SharedPreference - Securely storing
Encrypt SQLite Database (SQLCipher + Room)
Dynamic Code Loading Restrictions (Android 14)
Exercise 39
File Integrity Verification
Exercise 40
Private Space
Exercise 41
Quiz 9
3 attempts allowed
11. Authentication, Network, and Protocols
Android AccountManager for Access Control
Credential Manager
Exercise 42
Android Biometric Authentication
History of Biometric Authentication
Advantages of Biometric Authentication
Integrating Android Biometric Authentication
Potential Risks
Exercise 43
Android Network Security Configuration
Overview
Components
Examples
Implementation
Exercise 44
Sniffing
Security Considerations:
Best Practices
Traffic Protection
Data Handling
Exercise 45
Certificate Pinning in Android Applications
What Is Certificate Pinning?
Another example for OkHttp
Exercise 46
Implementing SSL/TLS for Android Network Communications
Exercise 47
OAuth and OpenID Connect for Android Applications
OAuth
OAuth 2.0 defines four grant types (authorization flows) to acquire an access token:
OpenID Connect
OIDC extends OAuth by providing additional features like:
Implementing OAuth and OIDC in Android Applications
Exercise 48
Bluetooth
Bluetooth Security Protocols
Classic Bluetooth vs. Bluetooth Low Energy (BLE)
Pairing Modes
Man-in-the-Middle (MITM) Protection
Bluetooth Profiles and Associated Risks
Securing BLE Advertising and GATT Communications
Nearby Permissions
Preventing Bluetooth Sniffing
Exercise 49
Quiz 10
3 attempts allowed
12. Practical Scenarios
Financial Android Application
Project Description
Architecture
1) What are we building?
2) What can go wrong?
3) What are we going to do about it?
Protect Stored Data
Network Security & Anti-MITM
Credential & QR Security
Push Notification Safety
Logging & Cache Protections
4) Did we do a good job?
Exercise 50
Key Provider Service
Project Description
Architecture
1) What are we building?
2) What can go wrong?
3) What are we going to do about it?
Restricting the AIDL Interface
Secure Key Storage
Secure Remote Fetch (If Applicable)
Minimal Privileges & SELinux
4) Did we do a good job?
Exercise 51
Sensor HAL Layer Daemon
Project Description
Architecture
1) What are we building?
2) What can go wrong?
3) What are we going to do about it?
Secure SOME/IP
Subscription Access Control
DoS Mitigation
Privilege Separation
4) Did we do a good job?
Exercise 52
Vehicle Data Logger Application
Project Description
Architecture
1) What are we building?
2) What can go wrong?
3) What are we going to do about it?
Encrypt Data at Rest
Secure Bluetooth Pairing & Transfer
Physical Security & Consent
Logs/Cache Management
4) Did we do a good job?
Exercise 53
Quiz 11
3 attempts allowed
13. Compilers and Tools
Clang and GCC Security Features
Compiler Warnings
Stack Protection
Address Space Layout Randomization (ASLR)
Library order randomization
Data Execution Prevention (DEP)
Control Flow Integrity (CFI)
Fortify Source
Android Sanitizer
Exercise 54
Obfuscation
What is Obfuscation?
Minifying or shrinking is not obfuscation!
ProGuard and its Role in Obfuscation
An Example of ProGuard’s Obfuscation
The most important features of ProGuard
Code Shrinking:
Code Obfuscation:
Code Optimization:
Pre-verification:
proguard-android.txt:
proguard-android-optimize.txt:
Pros and Cons of Using ProGuard
Pros:
Cons:
Retrofit
Gson
Room
R8
Exercise 55
Notes on hiding keys, secrets and credentials
Exercise 56
Static and Dynamic Analysis Tools
What is static and dynamic code analysis?
Static Code Analysis
C/C++
Java
Kotlin
Python
CppCheck output
cpplint output
checkstyle
Dynamic Code Analysis
C/C++
Java
Kotlin
Android
Python
Hints on Static Analyzer tools
Example of Dynamic Code Analysis in Android:
Exercise 57
Quiz 12
3 attempts allowed
14. Appendices
Last word
About the Author
Abbreviations Glossary
References
Security Standards and Guidelines
A detailed STRIDE and TARA comparison
Useful tools
Secure Android Design and Development
From App Layer to HAL – Aligned with Android 15
Secure Android Design and Development
From App Layer to HAL – Aligned with Android 15
"Secure Android Design & Development" is an effort to provide a compiled guideline that collects cybersecurity principles, threat modeling, the Android security model, compilers, and tools together to make it possible to design and develop more securely from the HAL layer to the application layer.
The instructor is letting you choose the price you pay for this course!
The instructor is letting you choose the price you pay for this course!
"Secure Android Design & Development" is an effort to provide a compiled guideline that collects cybersecurity principles, threat modeling, the Android security model, compilers, and tools together to make it possible to design and develop more securely from the HAL layer to the application layer.
About
About the Course
"Secure Android Design & Development" is a guideline for developers working with Android in various sectors, including automotive and mobile devices. This course deepens your understanding of system security architecture, which is crucial for effective design, development, and security.
It covers key principles and thoroughly examines Android's layered security model. With practical scenarios and tools for threat assessment, this guide empowers developers to create secure and resilient applications for any Android-enabled platform.
- Comprehensive Coverage: Explore essential security principles and methodologies tailored for Android development across various industries, including automotive and mobile devices.
- System-Level Security Insights: Gain a deeper understanding of system security architecture, enhancing your ability to design, develop, and secure robust applications.
- Practical Guidance: Benefit from real-world scenarios and actionable strategies to effectively address security challenges through best practices.
- Threat Assessment Tools: Learn to utilize modern tools and techniques for threat modeling throughout the development lifecycle.
- For All Developers: Suitable for seasoned professionals and newcomers, making security concepts accessible and applicable.
- Aligns with Android 15
Secure Android Development Guide – Best Practices for Android App Security
Price
Course Price
Minimum price
$129.00
$179.00
You pay
$179.00Author earns
$143.20Instructor
About the Instructor
Mohammad Hossein Heydarchi
With over 15 years in embedded development, he specializes in creating system-level services for automotive, telecom, and industrial applications. His background in electronic engineering and focus on security give him a holistic understanding of systems across web, Windows, and embedded platforms. Throughout his career, he’s held roles from developer to project manager, deepening his expertise across multiple technical perspectives. Inspired by challenges in Android security, particularly in AAOS/AOSP, he wrote this book to share with developers.
Material
Course Material
The Leanpub 60 Day 100% Happiness Guarantee
Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
Now, this is technically risky for us, since you'll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, that we're happy to offer a full money back guarantee for everything we sell.
You can only find out how good something is by trying it, and because of our 100% money back guarantee there's literally no risk to do so!
So, there's no reason not to click the Add to Cart button, is there?
See full terms...
Earn $8 on a $10 Purchase, and $16 on a $20 Purchase
We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.
(Yes, some authors have already earned much more than that on Leanpub.)
In fact, authors have earned over $14 million writing, publishing and selling on Leanpub.
Learn more about writing on Leanpub
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.
Learn more about Leanpub's ebook formats and where to read them
Write and Publish on Leanpub
You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!
Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.
Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF and/or EPUB files and then publish with one click!) It really is that easy.