Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Network_Security_in_Android.pdf
Search
ValentineRutto
November 16, 2019
Programming
0
55
Network_Security_in_Android.pdf
ValentineRutto
November 16, 2019
Tweet
Share
More Decks by ValentineRutto
See All by ValentineRutto
Kickstarting your tech career
valentinerutto
1
42
The D in SOLID Principles
valentinerutto
0
220
Consuming Rest Api with retrofit in Android
valentinerutto
0
230
Exposing Network Result Status in MVVM
valentinerutto
0
72
Complex ui animation with Motion layout
valentinerutto
0
93
Tech Opportunities
valentinerutto
1
96
Android paging library
valentinerutto
0
250
Android Room persistence library
valentinerutto
0
160
UI/UX FOR MOBILE
valentinerutto
0
260
Other Decks in Programming
See All in Programming
バイブコーディングの正体——AIエージェントはソフトウェア開発を変えるか?
stakaya
5
800
Gemini CLIの"強み"を知る! Gemini CLIとClaude Codeを比較してみた!
kotahisafuru
3
950
Android 15以上でPDFのテキスト検索を爆速開発!
tonionagauzzi
0
190
プロダクトという一杯を作る - プロダクトチームが味の責任を持つまでの煮込み奮闘記
hiliteeternal
0
430
0から始めるモジュラーモノリス-クリーンなモノリスを目指して
sushi0120
0
250
あのころの iPod を どうにか再生させたい
orumin
2
2.3k
CLI ツールを Go ライブラリ として再実装する理由 / Why reimplement a CLI tool as a Go library
ktr_0731
3
1k
JetBrainsのAI機能の紹介 #jjug
yusuke
0
190
Workers を定期実行する方法は一つじゃない
rokuosan
0
140
Vibe Codingの幻想を超えて-生成AIを現場で使えるようにするまでの泥臭い話.ai
fumiyakume
21
10k
Jakarta EE Meets AI
ivargrimstad
0
620
CEDEC 2025 『ゲームにおけるリアルタイム通信への QUIC導入事例の紹介』
segadevtech
3
800
Featured
See All Featured
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
16k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
35
2.5k
Making the Leap to Tech Lead
cromwellryan
134
9.5k
Git: the NoSQL Database
bkeepers
PRO
431
65k
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
A better future with KSS
kneath
239
17k
[RailsConf 2023] Rails as a piece of cake
palkan
56
5.7k
How to train your dragon (web standard)
notwaldorf
96
6.2k
A Modern Web Designer's Workflow
chriscoyier
695
190k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
GraphQLの誤解/rethinking-graphql
sonatard
71
11k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
50
5.5k
Transcript
Network Security in Android
None
KOKO is mainstreaming liquid bio-ethanol cooking fuel as a fast,
safe and affordable alternative to dirty cooking fuels such as charcoal https://kokonetworks.com
Protecting your app from reverse engineering and man in the
middle attacks
SSL certificate pinning Obfuscation with proguard
SSL Certificate pinning Why SSL Certificate pinning? to prevent man
in the middle attack What is SSL? -Secure Socket Layer - its a protocol that has always been used to encrypt and secure transmitted data between server and client (website and browser).
SSL Certificate pinning What is ssl certificate pinning? is ensuring
that any client SSL request first validates that the server’s certificate exactly matches the bundle’s certificate previously stored in the application.
SSL Certificate pinning
SSL Certificate pinning What steps do we need? • Obtaining
a certificate for the desired host (preferably the whole certificate chain). • Pin the certificate to an instance of DefaultHttpClient
SSL Certificate pinning Get certificate public key from ssllabs This
is the hashed public key of the certificate
SSL Certificate pinning
SSL Certificate pinning
SSL Certificate pinning - Failure
Obfuscation What? -is a process of creating source code in
a form that is hard for human to understand. Why? To prevent reverse engineering To reduce your app size
1. Configure your gradle file (app/gradle) 2. Use default android
proguard rules or create your own 3. Edt your rules Obfuscation Steps
Obfuscated Code
Non-obfuscated code
Resources Proguard android ssl pinning practical proguard rules
Demo….!!!!!! Demo github link
Thank you !!