Android has 81.5% of the smartphone market now, and it is also suffering from the explosive growth of malicious applications (or apps). These apps steal users' secret data and transmit it out of the phones. By ana...
详细信息
ISBN:
(纸本)9781450338325
Android has 81.5% of the smartphone market now, and it is also suffering from the explosive growth of malicious applications (or apps). These apps steal users' secret data and transmit it out of the phones. By analyzing the required permissions and the abnormal behaviors, some malicious apps may be easily detected. However, in this paper, we present a bidirectional covert channel in Android, named biTheft, which steals secrets and privacies covertly without any permission. biTheft firstly collects secret data from a set of unprotected shared resources in Android system. Then, it analyzes and infers secrets from the data. With the Intent mechanism, biTheft transmits secrets by legally launching some activities of other apps without requiring any permission itself. biTheft also monitors the usages and statuses of the shared resources to receive commands from remote server. We implement a biTheft scenario, and demonstrate that some types of secrets can be stolen and transmitted out. With pre-agreement, biTheft dynamically adjusts according with the remote server commands. Comparing with the traditional covert channels, biTheft is more practical in the real world scenarios.
Near Field Communication (NFC) is a technology widely used for security-critical applications like access control or payment systems. Many of these systems rely on the security assumption that the card has to be in cl...
详细信息
ISBN:
(纸本)9781450336239
Near Field Communication (NFC) is a technology widely used for security-critical applications like access control or payment systems. Many of these systems rely on the security assumption that the card has to be in close proximity to communicate with the reader. We developed NFCGate, an Android application capable of relaying NFC communication between card and reader using two rooted but otherwise unmodified Android phones. This enables us to increase the distance between card and reader, eavesdrop on, and even modify the exchanged data. The application should work for any system built on top of ISO 14443-3 that is not hardened against relay attacks, and was successfully tested with a popular contactless card payment system and an electronic passport document.
Randomized Aggregatable privacy-Preserving Ordinal Response, or RAPPOR, is a technology for crowdsourcing statistics from end-user client software, anonymously, with strong privacy guarantees. In short, RAPPORs allow ...
详细信息
ISBN:
(纸本)9781450329576
Randomized Aggregatable privacy-Preserving Ordinal Response, or RAPPOR, is a technology for crowdsourcing statistics from end-user client software, anonymously, with strong privacy guarantees. In short, RAPPORs allow the forest of client data to be studied, without permitting the possibility of looking at individual trees. By applying randomized response in a novel manner, RAPPOR provides the mechanisms for such collection as well as for efficient, high-utility analysis of the collected data. In particular, RAPPOR permits statistics to be collected on the population of client-side strings with strong privacy guarantees for each client, and without linkability of their reports. This paper describes and motivates RAPPOR, details its differential-privacy and utility guarantees, discusses its practical deployment and properties in the face of different attack models, and, finally, gives results of its application to both synthetic and real-world data.
Research on effective and efficient mobile threat analysis becomes an emerging and important topic in cybersecurity research area. Static analysis and dynamic analysis constitute two of the most popular types of techn...
详细信息
ISBN:
(纸本)9781450336239
Research on effective and efficient mobile threat analysis becomes an emerging and important topic in cybersecurity research area. Static analysis and dynamic analysis constitute two of the most popular types of techniques for security analysis and evaluation; nevertheless, each of them has its strengths and weaknesses. To leverage the benefits of both approaches, we propose a hybrid approach that integrates the static and dynamic analysis for detecting security threats in mobile applications. The key of this approach is the unification of data states and software execution on critical test paths. The approach consists of two phases. In the first phase, a pilot static analysis is conducted to identify potential critical attack paths based on Android APIs and existing attack patterns. In the second phase, a dynamic analysis follows the identified critical paths to execute the program in a limited and focused manner. Attacks shall be detected by checking the conformance of the detected paths with existing attack patterns. The method will report the types of detected attack scenarios based on types of sensitive data that may be compromised, such as web browser cookie.
暂无评论