Search engine for discovering works of Art, research articles, and books related to Art and Culture
Javascript must be enabled to continue!
A New Sensors-Based Covert Channel on Android
View through CrossRef
Covert channels are not new in computing systems, and have been studied since their first definition four decades ago. New platforms invoke thorough investigations to assess their security. Now is the time for Android platform to analyze its security model, in particular the two key principles: process-isolation and the permissions system. Aside from all sorts of malware, one threat proved intractable by current protection solutions, that is, collusion attacks involving two applications communicating over covert channels. Still no universal solution can countermeasure this sort of attack unless the covert channels are known. This paper is an attempt to reveal a new covert channel, not only being specific to smartphones, but also exploiting an unusual resource as a vehicle to carry covert information: sensors data. Accelerometers generate signals that reflect user motions, and malware applications can apparently only read their data. However, if the vibration motor on the device is used properly, programmatically produced vibration patterns can encode stolen data and hence an application can cause discernible effects on acceleration data to be received and decoded by another application. Our evaluations confirmed a real threat where strings of tens of characters could be transmitted errorless if the throughput is reduced to around 2.5–5 bps. The proposed covert channel is very stealthy as no unusual permissions are required and there is no explicit communication between the colluding applications.
Title: A New Sensors-Based Covert Channel on Android
Description:
Covert channels are not new in computing systems, and have been studied since their first definition four decades ago.
New platforms invoke thorough investigations to assess their security.
Now is the time for Android platform to analyze its security model, in particular the two key principles: process-isolation and the permissions system.
Aside from all sorts of malware, one threat proved intractable by current protection solutions, that is, collusion attacks involving two applications communicating over covert channels.
Still no universal solution can countermeasure this sort of attack unless the covert channels are known.
This paper is an attempt to reveal a new covert channel, not only being specific to smartphones, but also exploiting an unusual resource as a vehicle to carry covert information: sensors data.
Accelerometers generate signals that reflect user motions, and malware applications can apparently only read their data.
However, if the vibration motor on the device is used properly, programmatically produced vibration patterns can encode stolen data and hence an application can cause discernible effects on acceleration data to be received and decoded by another application.
Our evaluations confirmed a real threat where strings of tens of characters could be transmitted errorless if the throughput is reduced to around 2.
5–5 bps.
The proposed covert channel is very stealthy as no unusual permissions are required and there is no explicit communication between the colluding applications.
Related Results
Evaluation of the timing covert channel capacity considering packet transfer time distribution
Evaluation of the timing covert channel capacity considering packet transfer time distribution
Lampson was the first to introduce a covert channel as a channel that was not designed for information transmission. The problem of information leakage via network covert channels ...
CREATING LEARNING MEDIA IN TEACHING ENGLISH AT SMP MUHAMMADIYAH 2 PAGELARAN ACADEMIC YEAR 2020/2021
CREATING LEARNING MEDIA IN TEACHING ENGLISH AT SMP MUHAMMADIYAH 2 PAGELARAN ACADEMIC YEAR 2020/2021
The pandemic Covid-19 currently demands teachers to be able to use technology in teaching and learning process. But in reality there are still many teachers who have not been able ...
En skvatmølle i Ljørring
En skvatmølle i Ljørring
A Horizontal Mill at Ljørring, Jutland.Horizontal water-mills have been in use in Jutland since the beginning of the Christian era 2). But the one here described shows so close a c...
CONCEPT TO COMPLETION - ANDROID APPS AND KOTLIN MULTI PLATFORM
CONCEPT TO COMPLETION - ANDROID APPS AND KOTLIN MULTI PLATFORM
“Concept to Completion: Android Apps and Kotlin Multiplatform” is a comprehensive guide designed to take you from the fundamentals of Android development to advanced multiplatform ...
Network Covert Channels
Network Covert Channels
With the rapid advancement of communication and computer network technologies, covert channels are now more secure, quicker to set up, harder to detect, and easier to design than e...
A Covert Timing Channels Data Encryption Sceme In Cloud Simulation
A Covert Timing Channels Data Encryption Sceme In Cloud Simulation
Covert Timing Channels (CTC) have become an impending network security problem as the sophistication and use of data exfiltration carried out by cyber-attacks has increased. Inter-...
Cortisol and Oxytocin Could Predict Covert Aggression in Some Psychotic Patients
Cortisol and Oxytocin Could Predict Covert Aggression in Some Psychotic Patients
Background: The covert or indirect type of aggression has a risk of converting in violent acts and, considering that, it is very important to identify it in order to apply effectiv...
Covert Channel Communication as an Emerging Security Threat in 2.5D/3D Integrated Systems
Covert Channel Communication as an Emerging Security Threat in 2.5D/3D Integrated Systems
In this paper, first, a broad overview of existing covert channel communication-based security attacks is provided. Such covert channels establish a communication link between two ...