Difference between revisions of "OWASP SeraphimDroid Project"

OWASP SeraphimDroid

OWASP Seraphimdroid is a privacy and security protection app for Android devices. It enables users to protect their devices against malicious software (viruses, trojans, worms, etc.), phishing SMS, MMS messages, execution of dangerous USSD codes, theft and loosing. Also, it enables user to protect their privacy and to control the usage of applications and services via various kinds of locks.

Introduction

OWASP Seraphimdroid is a privacy and security protection app for Android devices. It enables users to protect their devices against malicious software (viruses, trojans, worms, etc.), phishing SMS, MMS messages, execution of dangerous USSD codes, theft and loosing. Also, it enables user to protect their privacy and to control the usage of applications and services via various kinds of locks. It also enables remote locking and wiping, geofencing and various other protections against phishing, malware and theft. It can also be used for parental control of what applications can be used, what can be installed or uninstalled on device. Application has also educational purpose to teach and point out risks and threats for security and privacy of mobile users.

Project development is done on GitHub: https://github.com/nikolamilosevic86/owasp-seraphimdroid

Release of OWASP Seraphimdroid is available on Google Play: https://play.google.com/store/apps/details?id=org.owasp.seraphimdroid

Description

The aim of this project is to research all threats and risks coming from permissions and to actively alarm user of the application about those risks. Also, using different kind of heuristics and machine learning SeraphimDroid application should keep user data and money safe. Application should prevent other applications to execute actions that cost money without user's knowledge and acknowledgement.

The secondary goal of the project is to publish documentation about researched topics, such as how can some permissions be misused, what are the heuristic approaches to prevent other application executing malicious actions etc.

Licensing

GNU GPL v3 License (allows commercial use, but requires that modifications to your code stay open source, thus prohibiting proprietary forks of your project)

What is OWASP SeraphimDroid?

OWASP SeraphimDroid provides:

• Documentation on how Android permissions can be misused
• Security Android application
• Application that keeps user secure and teaches him about risks

Donate for OWASP Seraphimdroid

<paypal>OWASP Seraphimdroid project</paypal>

Mailing list

Project mailing list

Presentation

OWASP Mobile Top 10 and OWASP Seraphimdroid

Project Leader

Nikola Milosevic [1]

Related Projects

• OWASP_Mobile_Project

Ohloh

• https://www.ohloh.net/p/owasp-seraphimdroid

Quick Download

• Google Play: https://play.google.com/store/apps/details?id=org.owasp.seraphimdroid
• Code: https://github.com/nikolamilosevic86/owasp-seraphimdroid
• Documents and publications:
  • Documentation v1: https://github.com/nikolamilosevic86/owasp-seraphimdroid/blob/gsoc/Documentation.docx
  • Article about android permissions, published by Digital Forensics magazine: http://inspiratron.org/AndroidSecurity.pdf

News and Events

• (6.9.2015) New version (v2.0) of OWASP Seraphimdroid is released on Google play store
• (10.7.2015) OWASP Seraphimdroid is participating at OWASP Summer Code Sprint 2015
• (2.10.2014) OWASP Seraphimdroid was featured on a front page and interview with a project leader was published in Libre!, Serbian online magazine about open source. Issue 29 of the Libre! magazine, where the interview was published can be seen here
• (5.9.2014) The first release of OWASP Seaphimdroid was released on Google play
• (1.6.2014) OWASP Searaphimdroid participates on Google Summer of Code
• (2.2.2014) Article about malicious use of Android permissions was published by Digital Forensics magazine. This paper was a result of research conducted on OWASP Seraphimdroid project. Article can be viewed here

Classifications