1.8 Android Architecture

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

3 hours 58 minutes
Video Transcription
Okay, so let's begin our ender a discussion like we did our IA West topics. So what we'll do is we'll look at the Android timeline and then we'll get into the architecture more in depth. So Android is a mobile operating system developed by Google,
and it was invented by a couple of guys in Palo Alto, California named Any Reuben Rich Minor and Nick Sears.
It's based on the Linux operating system, and it was originally invented for digital cameras. But the guys in Palo Alto decided that there wasn't a market for this. So in 2005 along came Global, and they purchased it for about $50 million. At the end of 2000 and the beginning of 2008
Google released the Android operating system 1.0 commercially for the first time
and opened the Android Marketplace, which is tthe Eagle Place store now now. Although Android was developed by Google, about 84 device manufacturers also had a say in the OS is development. These manufacturers, along with Google, formed the open answer alliance.
This allows android to interact with the different hardware on the different devices
since 2000 and Google has released different versions of its OS, and in 2009 it released version 1.5. Code named Cupcake. The Android Os since has undergone various patches and updates, and with each version comes a new dessert, Me. The latest version, Version nine, is code named Android Pie.
When discussing the android architecture, there's two concepts to understand. Here. The first is the system. Architecture in the second is the platform architecture. The basic idea here is that the platform arc Dexter is built from a software stack that creates the OS middleware and applications.
The system market texture is more focused on how functionality has provided between the different layers.
Let me give you a good way to think about this. Take the applications, for instance, the applications, for example, SMS phone, et cetera. They live in the application layer on top of the software stack. Now, when we talk about how this application communicates, that's when we're talking about the system architecture.
But don't worry. We're gonna break this down in the following slides, so just hang with me.
Here's a representation of the system architecture. This provides us with several layers to interact with the bottom layer, which is the colonel. This is the heart of the android system. The colonel gives us access to device drivers and other components so we could build drivers or custom kernels as developers.
The service is the colonel provides air talked about morn when we discussed
the software stack next
that how this is the interface that allows us to develop devices that work with Android, no matter what type of hardware that we have.
The Internet system service's are modular focused, and these allow us to communicate with the underlying hardware for instance, a service, maybe a window notification, while a media service would be used while recording or playing different types of media.
Now the binder i p. C. That's important for us. This allows into process communication across process boundaries, which are provided to applications. This allows high level frameworks to interact with the android system Service's. Lastly, we have the application framework.
This is used by developers who access AP eyes, which map directly to the underlying how
applications need access to low level drivers to perform their functionality. Here we see the platform architecture. This, in essence, is a software stack that exposes different resource is the system makes available to us or controls the limits. Colonel that handles process management, memory management device drivers for hardware and security
This is the little level functionality of the OS.
See how this provides an interface through the use of modules libraries to interact with the hardware that a present within the Java classes the Android run time in the devil virtual machine. He's provide a way for each application to run its own process its own instance of the art or D v M.
The container. If you will execute Dex files and compiles other Java sources
so they can run on Android. We're gonna talk about Dex files a little later, so hold tight. If you aren't sure what they are for now, just know that it's an executed will file.
Many of the core android components are built using C and C plus plus libraries. The Java AP eyes in the layer above allow you to access these libraries in your application. For instance, you can access the C or C plus plus library of the media framer through the job. E P I framework, The Job p I framework
this gives you the means to build applications in tow, Access service is and system components.
These are important to us when we dive into applications, so I'm gonna hold off explaining the components until we break the stack down a bit further in the following slides. The last layer is a core set of system maps for SMS e mail, etcetera.
The zaps give developers access to the service the application provides without having to build it into the hap themselves.
Okay, so let's briefly go over the anatomy of the android stack. We covered some of this already, but there's some components in the stack that require a bit more explanation. So here we have the limits, Colonel and how and Limits Colonel will contain the device drivers needed for the application toe work. The how provides a layer of abstraction that isn't of the hardware.
And as applications require drivers,
they are loaded into the colonel as modules.
As we mentioned earlier. Specific android components and service's are built from the code that require native C and C plus plus libraries. This works together with the job AP framework to enable application functionality if we need to transmit data over the Internet using as a cell, then we mean need to access the native See library for SSL,
the injury run time. This is what allows an application to run in its own process.
The Android run Time is written to run several virtual machines at once by executing Dex files designed for a specific memory environment. This is the same as the Daleks virtual machine, however. The Android Runtime provides more features such as garbage collection, compilation optimization and the bugging support.
It's also important to note that in Android version five point now and later,
the downtick virtual machine has all but been replaced by the Android run time. But it still includes a support for it. And as we look into applications more, we're still gonna want to know what the Delphic Virtual Machine does.
So the until your feature set of Android is available through a P I's Reign Andjaba. These are really building blocks of android applications. Thes building blocks include a view system to build your applications. This is the U. Y. This includes text boxes, buttons or other touch components.
Content providers enables APS to share data. For instance, the Champ application needs access to contacts
or maybe even needs to share its owned it. Then you have the managers. The different managers provide different access, depending on the marriage you need. For instance, the resource manager allows you to access strings specific to certain locales, graphics and lamb files. The notification manager. This enables APS to display custom alerts,
the telephony manager,
telephony service's and so on and so forth. To see all the managers in the AP eyes, take a look at the Android documentation. All of them are available for developers to take avenge of while developing their applications.
Lastly, we have the application layer. This is where the users interact with the applications. The core android absolute here in any applications you install also reside here, so that about wraps up the architecture. But before we talk about the applications more in depth, let's take a look at the android's security model.
Up Next
Mobile Malware Analysis Fundamentals

In the Mobile Malware Analysis Fundamentals course, participants will obtain the knowledge and skills to perform basic malware analysis on mobile devices. Participants will perform these tasks by learning and implementing tools and techniques while examining malicious programs.

Instructed By