Top

Published in:

2015 | OriginalPaper | Chapter

Towards a Systematic Study of the Covert Channel Attacks in Smartphones

Authors : Swarup Chandra, Zhiqiang Lin, Ashish Kundu, Latifur Khan

Published in: International Conference on Security and Privacy in Communication Networks

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Recently, there is a great attention on the smartphones security and privacy due to their increasing number of users and wide range of apps. Mobile operating systems such as Android, provide mechanisms for data protection by restricting the communication between apps within the device. However, malicious apps can still overcome such restrictions via various means such as exploiting the software vulnerability in systems or using covert channels for data transferring. In this paper, we aim to systematically analyze various resources available on Android for the possible use of covert channels between two malicious apps. From our systematized analysis, we identify two new hardware resources, namely battery and phone call, that can also be used as covert channels. We also find new features to enrich the existing approaches for better covert channel such as using the audio volume and screen brightness. Our experimental results show that high throughput data transmission can be achieved using these resources for the covert channel attacks.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter An Information-Theoretic Approach for Secure Protocol Composition

next chapter DroidKin: Lightweight Detection of Android Apps Similarity

Ali, M., Humayun A., Zahid, A.: Enhancing stealthiness & efficiency of android trojans and defense possibilities (EnSEAD)-android’s malware attack, stealthiness and defense: an improvement. In: Frontiers of Information Technology (FIT). IEEE (2011)

Bishop, M.: Introduction to computer security. Addison-Wesley Professional, Amsterdam (2004)

Chandra, S., Lin, Z., Kundu, A., Khan, L.: Towards a Systematic Study of the Covert Channel Attacks in Smartphones. Technical report, University of Texas at Dallas (2014)

Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A study of android application security. In: USENIX Security Symposium, vol. 2, p. 2, August 2011

Gasior, W., Li Y.: Network covert channels on the Android platform. In: Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research. ACM (2011)

Hansen, M., Raquel, H., Seth, W.: Detecting covert communication on Android. In: 37th Conference on Local Computer Networks (LCN). IEEE (2012)

http://developer.android.com/reference/android/media/AudioManager.html

http://developer.android.com/reference/android/os/BatteryManager.html

http://developer.android.com/reference/android/provider/CallLog.Calls.html

10.

http://developer.android.com/reference/android/provider/Settings.System.html

11.

http://developer.android.com/reference/android/telephony/TelephonyManager.html

12.

Kemmerer, R.A.: Shared resource matrix methodology: an approach to identifying storage and timing channels. ACM Trans. Comput. Syst. (TOCS) 1(3), 256–277 (1983)CrossRef

13.

Lampson, B.W.: A note on the confinement problem. Commun. ACM 16(10), 613–615 (1973)CrossRef

14.

Marforio, C., Ritzdorf, H., Francillon, A., Capkun, S.: Analysis of the communication between colluding applications on modern smartphones. In: Proceedings of the 28th ACSAC, pp. 51–60. ACM, December 2012

15.

NCSC, NSA.: Covert Channel Analysis of Trusted Systems (Light Pink Book). NSA/NCSC-Rainbow Series publications (1993)

16.

Ritzdorf, H.: Analyzing Covert Channels on Mobile Devices. Diss. Master thesis ETH Zrich (2012)

17.

Schlegel, R., Zhang, K., Zhou, X. Y., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. In: NDSS, vol. 11, pp. 17–33, February 2011

18.

Simon, L., Ross A.: PIN skimmer: inferring PINs through the camera and microphone. In: Proceedings of the Third ACM Workshop on Security and Privacy in Smartphones & Mobile Devices. ACM (2013)

19.

van Cuijk, W.P.M.: Enforcing a fine-grained network policy in Android (2011)

Title: Towards a Systematic Study of the Covert Channel Attacks in Smartphones
Authors: Swarup Chandra
Zhiqiang Lin
Ashish Kundu
Latifur Khan
Publisher: Springer International Publishing
Book: International Conference on Security and Privacy in Communication Networks
Print ISBN: 978-3-319-23828-9

Electronic ISBN: 978-3-319-23829-6

Copyright Year: 2015
DOI: https://doi.org/10.1007/978-3-319-23829-6_29

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner