A New Sensors-Based Covert Channel on Android
Covert channels are not new in computing systems, and have been studied since their first definition four decades ago. New platforms invoke thorough investigations to assess their security. Now is the time for Android platform to analyze its security model, in particular the two key principles: proc...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2014-01-01
|
| Series: | The Scientific World Journal |
| Online Access: | http://dx.doi.org/10.1155/2014/969628 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832549045890973696 |
|---|---|
| author | Ahmed Al-Haiqi Mahamod Ismail Rosdiadee Nordin |
| author_facet | Ahmed Al-Haiqi Mahamod Ismail Rosdiadee Nordin |
| author_sort | Ahmed Al-Haiqi |
| collection | DOAJ |
| description | Covert channels are not new in computing systems, and have been studied since their first definition four decades ago. New platforms invoke thorough investigations to assess their security. Now is the time for Android platform to analyze its security model, in particular the two key principles: process-isolation and the permissions system. Aside from all sorts of malware, one threat proved intractable by current protection solutions, that is, collusion attacks involving two applications communicating over covert channels. Still no universal solution can countermeasure this sort of attack unless the covert channels are known. This paper is an attempt to reveal a new covert channel, not only being specific to smartphones, but also exploiting an unusual resource as a vehicle to carry covert information: sensors data. Accelerometers generate signals that reflect user motions, and malware applications can apparently only read their data. However, if the vibration motor on the device is used properly, programmatically produced vibration patterns can encode stolen data and hence an application can cause discernible effects on acceleration data to be received and decoded by another application. Our evaluations confirmed a real threat where strings of tens of characters could be transmitted errorless if the throughput is reduced to around 2.5–5 bps. The proposed covert channel is very stealthy as no unusual permissions are required and there is no explicit communication between the colluding applications. |
| format | Article |
| id | doaj-art-8bf6d78f50e5479488425029089db44c |
| institution | Kabale University |
| issn | 2356-6140 1537-744X |
| language | English |
| publishDate | 2014-01-01 |
| publisher | Wiley |
| record_format | Article |
| series | The Scientific World Journal |
| spelling | doaj-art-8bf6d78f50e5479488425029089db44c2025-02-03T06:12:28ZengWileyThe Scientific World Journal2356-61401537-744X2014-01-01201410.1155/2014/969628969628A New Sensors-Based Covert Channel on AndroidAhmed Al-Haiqi0Mahamod Ismail1Rosdiadee Nordin2Department of Electrical, Electronic and Systems Engineering, National University of Malaysia (UKM), 43600 Bangi, MalaysiaDepartment of Electrical, Electronic and Systems Engineering, National University of Malaysia (UKM), 43600 Bangi, MalaysiaDepartment of Electrical, Electronic and Systems Engineering, National University of Malaysia (UKM), 43600 Bangi, MalaysiaCovert channels are not new in computing systems, and have been studied since their first definition four decades ago. New platforms invoke thorough investigations to assess their security. Now is the time for Android platform to analyze its security model, in particular the two key principles: process-isolation and the permissions system. Aside from all sorts of malware, one threat proved intractable by current protection solutions, that is, collusion attacks involving two applications communicating over covert channels. Still no universal solution can countermeasure this sort of attack unless the covert channels are known. This paper is an attempt to reveal a new covert channel, not only being specific to smartphones, but also exploiting an unusual resource as a vehicle to carry covert information: sensors data. Accelerometers generate signals that reflect user motions, and malware applications can apparently only read their data. However, if the vibration motor on the device is used properly, programmatically produced vibration patterns can encode stolen data and hence an application can cause discernible effects on acceleration data to be received and decoded by another application. Our evaluations confirmed a real threat where strings of tens of characters could be transmitted errorless if the throughput is reduced to around 2.5–5 bps. The proposed covert channel is very stealthy as no unusual permissions are required and there is no explicit communication between the colluding applications.http://dx.doi.org/10.1155/2014/969628 |
| spellingShingle | Ahmed Al-Haiqi Mahamod Ismail Rosdiadee Nordin A New Sensors-Based Covert Channel on Android The Scientific World Journal |
| title | A New Sensors-Based Covert Channel on Android |
| title_full | A New Sensors-Based Covert Channel on Android |
| title_fullStr | A New Sensors-Based Covert Channel on Android |
| title_full_unstemmed | A New Sensors-Based Covert Channel on Android |
| title_short | A New Sensors-Based Covert Channel on Android |
| title_sort | new sensors based covert channel on android |
| url | http://dx.doi.org/10.1155/2014/969628 |
| work_keys_str_mv | AT ahmedalhaiqi anewsensorsbasedcovertchannelonandroid AT mahamodismail anewsensorsbasedcovertchannelonandroid AT rosdiadeenordin anewsensorsbasedcovertchannelonandroid AT ahmedalhaiqi newsensorsbasedcovertchannelonandroid AT mahamodismail newsensorsbasedcovertchannelonandroid AT rosdiadeenordin newsensorsbasedcovertchannelonandroid |