Exploring Covert Channel in Android Platform

@article{Gasior2012ExploringCC,
  title={Exploring Covert Channel in Android Platform},
  author={Wade Gasior and Li Yang},
  journal={2012 International Conference on Cyber Security},
  year={2012},
  pages={173-177}
}
  • W. Gasior, Li Yang
  • Published 14 December 2012
  • Computer Science
  • 2012 International Conference on Cyber Security
Network covert channels are used to exfiltrate information from a secured environment in a way that is extremely difficult to detect or prevent. These secret channels have been identified as an important security threat to governments and the private sector, and several research efforts have focused on the design, detection, and prevention of such channels in enterprise-type environments. Mobile devices have become a ubiquitous computing platform, and are storing or have access to an… 
Demonstration of A Novel Storage Covert Channel on Android Smartwatch Using Status Bar Notifications
TLDR
This demo aims to show how a new storage covert channel can be implemented on wearable devices to leak data from them to outsiders by utilizing the notifications that are normally displayed on the status bar of an Android device.
Colluded Applications Vulnerabilities in Android Devices
  • I. Khokhlov, L. Reznik
  • Computer Science
    2017 IEEE 15th Intl Conf on Dependable, Autonomic and Secure Computing, 15th Intl Conf on Pervasive Intelligence and Computing, 3rd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech)
  • 2017
TLDR
Possible vulnerabilities whose exploitation can lead to a privacy leakage depend on communication between colluded applications, which can employ either an overt or covert mode communication to bypass permission security mechanisms of the Android OS.
Session Fingerprinting in Android via Web-to-App Intercommunication
TLDR
This work introduces some novel user deanonymization approaches for device and user fingerprinting in Android and proves that web pages can cooperate with installed mobile apps to identify which sessions operate in specific devices and consequently further expose users’ privacy.
Toward Engineering a Secure Android Ecosystem
TLDR
This work organizes the most recent security research on the Android platform into two categories: the software stack and the ecosystem, and envision a blueprint for engineering a secure, next-generation Android ecosystem.
A New Sensors-Based Covert Channel on Android
TLDR
This paper is an attempt to reveal a new covert channel, not only being specific to smartphones, but also exploiting an unusual resource as a vehicle to carry covert information: sensors data.
The All Seeing Eye: Web to App Intercommunication for Session Fingerprinting in Android
TLDR
This work introduces some novel user deanonymisation approaches for device fingerprinting in Android and proves that web pages, by using several inherent mechanisms, can cooperate with installed mobile apps to identify which sessions operate in specific devices and consequently to further expose users’ privacy.
An Android-Based Covert Channel Framework on Wearables Using Status Bar Notifications
TLDR
This chapter introduces covert channels and focuses on a novel covert channel on Android-based Internet of Things (IoT) devices, able to make a covert channel using notifications a user gets from everyday applications.
An autonomic and permissionless Android covert channel
TLDR
This paper sever the acquisition / exfiltration bundling by assigning independent responsibilities to two apps communicating via a stealthy, permissionless, self-configuring and self-optimizing ultrasonic bridge, and presents a framework for analyzing channel feasibility and performance.
Constructing timing-based covert channels in mobile networks by adjusting CPU frequency
TLDR
A novel wireless covert timing channel (WCTC) that could be used by malware to exfiltrate data from mobile devices is identified and its channel capacity, accuracy of its data transmission, and the effects of network hops on its accuracy are characterized.
Detecting Malicious Collusion Between Mobile Software Applications: The Android TM Case
TLDR
This chapter reports on recent and ongoing research results from the ACID project which suggest a number of reliable means to detect collusion, tackling the aforementioned problems.
...
1
2
3
...

References

SHOWING 1-10 OF 11 REFERENCES
A survey of covert channels and countermeasures in computer network protocols
TLDR
A survey of the existing techniques for creating covert channels in widely deployed network and application protocols and an overview of common methods for their detection, elimination, and capacity limitation, required to improve security in future computer networks are given.
IP Covert Channel Detection
TLDR
This article presents the first public implementation of an IP covert channel, discusses the subtle issues that arose in its design, and presents new detection measures that provide detection rates over 95%.
Network covert channels: design, analysis, detection, and elimination
TLDR
It is shown that traffic analysis can counter traditional event-based covert channels, which do not employ any additional scheme to obfuscate the channel further, and a new family of covert channels that do not produce such anomaly are introduced.
Detection of Covert Channel Encoding in Network Packet Delays
TLDR
This paper investigates the channel capacity of Internet-based timing channels and proposes a methodology for detecting covert timing channels based on how close a source comes to achieving that channel capacity.
Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones
TLDR
This work presents Soundcomber, a Trojan with few and innocuous permissions, that can extract a small amount of targeted private information from the audio sensor of the phone, and performs efficient, stealthy local extraction, thereby greatly reducing the communication cost for delivering stolen data.
TCP covert timing channels: Design and detection
TLDR
The theoretical capacity analysis and extensive experiments have shown that TCPScript offers much higher channel capacity and decoding accuracy than an IP timing channel and JitterBug, and on the countermeasure, three new metrics to detect aggressive TCPScript channels are proposed.
An Entropy-Based Approach to Detecting Covert Timing Channels
TLDR
This paper introduces a new entropy-based approach to detecting various covert timing channels based on the observation that the creation of a covert timing channel has certain effects on the entropy of the original process, and hence, a change in the entropy in a process provides a critical clue for covert timingChannel detection.
Model-Based Covert Timing Channels: Automated Modeling and Evasion
TLDR
An automated framework for building model-based covert timing channels, which exploit the statistical properties of legitimate network traffic to evade detection in an effective manner are designed and implemented.
TCP/IP Timing Channels: Theory to Implementation
TLDR
This work designs and implements a covert TCP/IP timing channel and is able to quantify the achievable data rate (or leak rate) of such a covert channel, and shows that by sacrificing data rate, the traffic patterns of the covert timing channel can be made computationally indistinguishable from that of normal traffic, which makes detecting such communication virtually impossible.
The Prisoners' Problem and the Subliminal Channel
Two accomplices in a crime have been arrested and are about to be locked in widely separated cells. Their only means of communication after they are locked up will he by way of messages conveyed for
...
1
2
...