Affiliation:
1. Department of Electrical, Electronic and Systems Engineering, National University of Malaysia (UKM), 43600 Bangi, Malaysia
Abstract
Covert channels are not new in computing systems, and have been studied since their first definition four decades ago. New platforms invoke thorough investigations to assess their security. Now is the time for Android platform to analyze its security model, in particular the two key principles: process-isolation and the permissions system. Aside from all sorts of malware, one threat proved intractable by current protection solutions, that is, collusion attacks involving two applications communicating over covert channels. Still no universal solution can countermeasure this sort of attack unless the covert channels are known. This paper is an attempt to reveal a new covert channel, not only being specific to smartphones, but also exploiting an unusual resource as a vehicle to carry covert information: sensors data. Accelerometers generate signals that reflect user motions, and malware applications can apparently only read their data. However, if the vibration motor on the device is used properly, programmatically produced vibration patterns can encode stolen data and hence an application can cause discernible effects on acceleration data to be received and decoded by another application. Our evaluations confirmed a real threat where strings of tens of characters could be transmitted errorless if the throughput is reduced to around 2.5–5 bps. The proposed covert channel is very stealthy as no unusual permissions are required and there is no explicit communication between the colluding applications.
Funder
Ministry of Higher Education, Malaysia
Subject
General Environmental Science,General Biochemistry, Genetics and Molecular Biology,General Medicine
Cited by
28 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Explainability of Model Checking for Mobile Malicious Behavior Between Collaborative Apps Detection and Localisation;Collaborative Approaches for Cyber Security in Cyber-Physical Systems;2023
2. Light Auditor;Proceedings of the 20th ACM Conference on Embedded Networked Sensor Systems;2022-11-06
3. COTIIP: a new covert channel based on incomplete IP packets;2022 7th International Conference on Smart and Sustainable Technologies (SpliTech);2022-07-05
4. Towards a Low-Cost Teacher Orchestration Using Ubiquitous Computing Devices for Detecting Student’s Engagement;Wireless Communications and Mobile Computing;2022-06-18
5. Privacy Leakage Analysis for Colluding Smart Apps;2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W);2022-06