Journal
COMPUTERS & SECURITY
Volume 48, Issue -, Pages 74-91Publisher
ELSEVIER ADVANCED TECHNOLOGY
DOI: 10.1016/j.cose.2014.10.016
Keywords
Android; Code injection; Covert exfiltration; Data exfiltration; Inaudible transmission; Mobile adversary model; Reverse engineering; SMALI; SMS transmission
Categories
Ask authors/readers for more resources
Modern mobile devices have security capabilities built into the native operating system, which are generally designed to ensure the security of personal or corporate data stored on the device, both at rest and in transit. In recent times, there has been interest from researchers and governments in securing as well as exfiltrating data stored on such devices (e.g. the high profile PRISM program involving the US Government). In this paper, we propose an adversary model for Android covert data exfiltration, and demonstrate how it can be used to construct a mobile data exfiltration technique (MDET) to covertly exfiltrate data from Android devices. Two proof-of-concepts were implemented to demonstrate the feasibility of exfiltrating data via SMS and inaudible audio transmission using standard mobile devices. (C) 2014 Elsevier Ltd. All rights reserved.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available