Ragib Hasan
Nitesh Saxena
ABSTRACT
The proliferation of mobile computing devices has enabled immense opportunities for everyday users. At the same time, however, this has opened up new, and perhaps more severe, possibilities for attacks. In this paper, we explore a novel generation of mobile malware that exploits the rich variety of sensors available on current mobile devices.
Two properties distinguish the proposed malware from the existing state-of-the-art. First, in addition to the misuse of the various traditional services available on modern mobile devices, this malware can be used for the purpose of targeted context-aware attacks. Second, this malware can be commanded and controlled over context-aware, out-of-band channels as opposed to a centralized infrastructure. These communication channels can be used to quickly reach out to a large number of infected devices, while offering a high degree of undetectability. In particular, unlike traditional network-based communication, the proposed sensing-enabled channels cannot be detected by monitoring the cellular or wireless communication networks. To demonstrate the feasibility of our proposed attack, we present different flavors of command and control channels based on acoustic, visual, magnetic and vibrational signaling. We further build and test a proof-of-concept Android application implementing many such channels.
- ButtKickers -- Low Frequency Audio Transduceers. Available at http://www.thebuttkicker.com/.Google Scholar
- iPhone Microhone Frequency Response. Available at http://bit.ly/IDWfei/.Google Scholar
- Mobile Threat Report. Available at http://bit.ly/ImefoN/.Google Scholar
- PPLive. Available at http://www.synacast.com/en/.Google Scholar
- SopCast - Free P2P internet TV. Available at http://www.sopcast.org/.Google Scholar
- Suggested Viewing Distance for HDTV (Calculator). Available at http://hdinstallers.com/calculator.htm.Google Scholar
- M. Aboleaze and A. Elnaggar. Reducing memory references for FFT calculation. In Proc. of the International Conference on Computer Design, pages 26--28, 2006.Google Scholar
- A. J. Aviv, M. Sherr, M. Blaze, and J. M. Smith. Evading cellular data monitoring with human movement networks. In Proc. of USENIX HotSec, 2010. Google ScholarDigital Library
- H. Bassen. Radiofrequency interference with medical devices. a technical information statement. IEEE Engineering in Medicine and Biology, 17(3):111--114, 1998.Google Scholar
- L. Cai and H. Chen. Touchlogger: inferring keystrokes on touch screen from smartphone motion. In Proc. of USENIX HotSec, 2011. Google ScholarDigital Library
- E. Cochran, J. Lawrence, and C. Christensen. Quake-Catcher Network. Available at http://qcn.stanford.edu/, 2008.Google Scholar
- P. Dhungel, X. Hei, K. W. Ross, and N. Saxena. The pollution attack in p2p live video streaming: measurement results and defenses. In Proc. of P2P-TV, 2007. Google ScholarDigital Library
- G. Geng, G. Xu, M. Zhang, Y. Yang, and G. Yang. An improved sms based heterogeneous mobile botnet model. In Proc. of IEEE ICIA, 2011.Google ScholarCross Ref
- K. Gopalan and S. Wenndt. Audio steganography for covert data transmissions by imperceptible tone insertion. In Communication systems and applications, Available at http://qcn.stanford.edu/, 2004.Google Scholar
- D. J. Griffiths. Introduction to Electrodynamics (Third Edition). Prentice Hall, 1999.Google Scholar
- J. Han, E. Owusu, T.-L. Nguyen, A. Perrig, and J. Zhang. ACComplice: Location Inference using Accelerometers on Smartphones. In Proc. of COMSNETS, Jan. 2012. Google ScholarDigital Library
- Harris Interactive. Teenagers: A Generation Unplugged. Available at http://bit.ly/IyH71E, 2008.Google Scholar
- Harris Interactive. The Harris Poll - Cell Phone Usage Continues to Increase. Available at http://bit.ly/IpgefF, 2008.Google Scholar
- J. Hua and K. Sakurai. A sms-based mobile botnet using flooding algorithm. In Proc. of WISTP, 2011. Google ScholarDigital Library
- I. Ion, M. Langheinrich, P. Kumaraguru, and S. Capkun. Influence of user perception, security needs, and social factors on device pairing method choices. In Proc. of SOUPS, 2010. Google ScholarDigital Library
- M. Jakobsson and K. Johansson. Retroactive detection of malware with applications to mobile platforms. In Proc. of USENIX HotSec, 2010. Google ScholarDigital Library
- R. Kainda, I. Flechais, and A. W. Roscoe. Two heads are better than one: Security and usability of device associations in group scenarios. In Proc. of SOUPS, pages 1--13, 2010. Google ScholarDigital Library
- H. Kim, J. Smith, and K. G. Shin. Detecting energy-greedy anomalies and mobile malware variants. In Proc. of MobiSys. ACM, 2008. Google ScholarDigital Library
- R. Kim. The World's a Cell-phone Stage. SFC, Available at http://bit.ly/IpgSdf, 2006.Google Scholar
- Knowledge Networks. New Study Shows Mobile Phones Merging New, Established Roles: Communicator, Shopping Aide, Entertainment and Research Hub. Available at http://bit.ly/IDWyWv, 2008.Google Scholar
- M. Knysz, X. Hu, Y. Zeng, and K. G. Shin. Can open wifi networks be lethal weapons for botnets? In Proc. of INFOCOM, to appear, 2012.Google Scholar
- A. Kobsa, R. Sonawalla, G. Tsudik, E. Uzun, and Y. Wang. Serial hook-ups: A comparative usability study of secure device pairing methods. In Proc. of SOUPS, 2009. Google ScholarDigital Library
- A. Kumar, N. Saxena, G. Tsudik, and E. Uzun. Caveat emptor: A comparative study of secure device pairing methods. In Proc. of PerCom, 2009. Google ScholarDigital Library
- D. Lee. College Student's Hand-phone Usage Culture Survey. In University Culture Newspaper, 2002.Google Scholar
- S. Lee, K. Fu, T. Kohno, B. Ransford, and W. Maisel. Clinically significant magnetic interference of implanted cardiac devices by portable headphones. Heart rhythm : the official journal of the Heart Rhythm Society, 6(10), October 2009.Google Scholar
- S. Lohr. As Cellphones Bulk Up, How Much Is Too Much? Available at http://nyti.ms/IEk3hV, 2005.Google Scholar
- C. V. Lopes and P. Q. Aguiar. Acoustic modems for ubiquitous computing. IEEE Pervasive Computing, Mobile and Ubiquitous Systems, 2(3):62--71, July-September 2003. Google ScholarDigital Library
- Market Analysis and Consumer Research Organisation. Study of Mobile Phone Usage Among the Teenagers And Youth In Mumbai. Available at http://bit.ly/JrjaCQ, 2004.Google Scholar
- P. Marquardt, A. Verma, H. Carter, and P. Traynor. (sp)iPhone: decoding vibrations from nearby keyboards using mobile phone accelerometers. In Proc. of ACM CCS, 2011. Google ScholarDigital Library
- P. Meerwald. KissFFT and ARM NEON. Online at http://bit.ly/WtSjDI, 2011.Google Scholar
- E. Mills. Attacking home automation networks over power lines. CNET, Available at http://cnet.co/JCm8Ji.Google Scholar
- C. Mulliner and J.-P. Seifert. Rise of the iBots: Owning a telco network. In Proc. of MALWARE, Oct. 2010.Google ScholarCross Ref
- Muzak Inc. Music and More for any Businesses. Available at http://www.muzak.com/.Google Scholar
- S. Nagaraja, A. Houmansadr, P. Piyawongwisal, V. Singh, P. Agarwal, and N. Borisov. Stegobot: a covert social network botnet. In Proc. of IH, 2011. Google ScholarDigital Library
- E. Owusu, J. Han, S. Das, A. Perrig, and J. Zhang. ACCessory: Keystroke Inference using Accelerometers on Smartphones. In Proc. of HotMobile), Feb. 2012. Google ScholarDigital Library
- W. K. Park. Mobile Phone Addiction. In Mobile Communications: Re-negotiation of the Social Sphere, 2006.Google Scholar
- T. Reed, J. Geis, and S. Dietrich. Skynet: a 3g-enabled mobile attack drone and stealth botmaster. In Proc. of USENIX WOOT, 2011. Google ScholarDigital Library
- N. Saxena and J. H. Watt. Authentication technologies for the blind or visually impaired. In Proc. of USENIX HotSec, 2009. Google ScholarDigital Library
- R. Schlegel, K. Zhang, X. yong Zhou, M. Intwala, A. Kapadia, and X. Wang. Soundcomber: A stealthy and context-aware sound trojan for smartphones. In Proc. of NDSS, 2011.Google Scholar
- A. N. Selian. Mobile Phones and Youth: A Look at the U.S. Student Market. Available at http://bit.ly/ZnVMA4, 2004.Google Scholar
- K. Singh, S. Sangal, N. Jain, P. Traynor, and W. Lee. Evaluating bluetooth as a medium for botnet command and control. In Proc. of DIMVA, 2010. Google ScholarDigital Library
- P. L. Sunderland. Fieldwork and the Phone. 1999.Google Scholar
- T. A. Wikle. America's Cellular Telephone Obsession: New Geographies of Personal Communication. In Journal of American and Comparative Cultures, 2001.Google Scholar
- C. Xiang, F. Binxing, Y. Lihua, L. Xiaoyi, and Z. Tianning. Andbot: towards advanced mobile botnets. In Proc. of USENIX LEET, 2011. Google ScholarDigital Library
- Y. Zeng, K. Shin, and X. Hu. Design of SMS commanded and controlled and P2P structured mobile botnets. In Proc. of ACM WiSec, 2012. Google ScholarDigital Library
Index Terms
- Sensing-enabled channels for hard-to-detect command and control of mobile devices
Recommendations
Mobile and ubiquitous malware
MoMM '09: Proceedings of the 7th International Conference on Advances in Mobile Computing and MultimediaMobile malware is an increasing threat to the world of handheld devices, which can prove to be costlier than PC viruses in the future. The current method used to combat mobile malware is virus signature matching which is based on the slow process of ...
Intelligent mobile malware detection using permission requests and API calls
AbstractMalware is a serious threat that has been used to target mobile devices since its inception. Two types of mobile malware attacks are standalone: fraudulent mobile apps and injected malicious apps. Defending against the cyber threats of ...
Highlights- Effective classification model that combines permission request and API calls.
- ...
Mobile botnet detection: a comprehensive survey
AbstractThe number of people using mobile devices is increasing as mobile devices offer different features and services. Many mobile users install various applications on their mobile devices to use features like payment, business services, social ...
Comments