Loading [a11y]/accessibility-menu.js
Construction and Mitigation of User-Behavior-Based Covert Channels on Smartphones | IEEE Journals & Magazine | IEEE Xplore

Construction and Mitigation of User-Behavior-Based Covert Channels on Smartphones


Abstract:

To protect user privacy, many smartphone systems adopt the permission-based mechanism in which a user can evaluate the risk of requests for private information from a mob...Show More

Abstract:

To protect user privacy, many smartphone systems adopt the permission-based mechanism in which a user can evaluate the risk of requests for private information from a mobile app before installing it. However, recent studies show that the permission based mechanism is vulnerable to application collusion attacks because two apps, which appear to be harmless individually, can establish a covert channel and use it to leak confidential information. Consequently, people have designed some covert channel detection schemes, by checking abnormal status of the phone. In this paper, we point out that existing covert channel detection schemes may fail to detect a new type of collusion attacks referred as user-behavior-based covert channels. We implement three covert channels on Android smartphones. Our work sets a new alarm for the security issue of using smartphones. We then study the countermeasures to this new type of covert channels. Instead of trying to directly detect the proposed new type of covert channels, we propose two mitigation solutions to reduce the effectiveness of such covert channels. The mitigation solutions are also valid to other existing sensor-based side channels and/or covert channels on the phone.
Published in: IEEE Transactions on Mobile Computing ( Volume: 17, Issue: 1, 01 January 2018)
Page(s): 44 - 57
Date of Publication: 24 April 2017

ISSN Information:

Funding Agency:

References is not available for this document.

1 Introduction

In the past few years, smartphone users are increasing explosively. It is predicted that such growth will keep speedy in the near future. According to a recent study by Ericsson [1], the number of smartphone subscribers worldwide is 2.7 billion in 2014 and is expected to reach 6.1 billion by 2020. With such a rapid growth of users, smartphone is becoming a new domain for various hackers to steal sensitive data of users, such as leaking contacts [2], sending messages to contacts furtively [3], and stealing credit card information  [4].

Select All
1.
Ericsson, “Ericsson mobility report,” (2014). [Online]. Available: https://www.ericsson.com/res/docs/2014/ericsson-mobility-report-november-2014.pdf
2.
N. M. S. R. Center, “Security Alert: New Malware–FireLeaker–Takes Your Contacts Without Permission,” 2012. [Online]. Available: http://research.nq.com/?p=518
3.
D. Maslennikov, “Selfmite: Attack using SMS worm to increase pay-per-install income,” 2014. [Online]. Available: http://www.adaptivemobile.com/blog/selfmite-worm
4.
A. Bauer, “Android Malware Steals Credit Card Information,” 2014. [Online]. Available: http://blog.avira.com/android-malware/
5.
R. Schlegel, K. Zhang, X. Zhou, M. Intwala, A. Kapadia, and X. Wang, “Soundcomber: A stealthy and context-aware sound trojan for smartphones,” in Proc. 18th Annu. Netw. & Distrib. Syst. Security Sympos., 2011, pp. 17–33.
6.
C. Marforio, H. Ritzdorf, A. Francillon, and S. Capkun, “Analysis of the communication between colluding applications on modern smartphones,” in Proc. 28th Annu. Comput. Security Appl. Conf., 2012, pp. 51–60.
7.
J.-F. Lalande and S. Wendzel, “Hiding privacy leaks in android applications using low-attention raising covert channels,” in Proc. Int. Conf. Availability Rel. Security, 2013, pp. 701–710.
8.
A. Al-Haiqi, M. Ismail, and R. Nordin, “A new sensors-based covert channel on android,” Sci. World J., vol. 2014, 2014, Art. no. 969628.
9.
L. Deshotels, “Inaudible sound as a covert channel in mobile devices,” in Proc. 8th USENIX Conf. Offensive Technol., 2014, pp. 16–16.
10.
E. Novak, Y. Tang, Z. Hao, Q. Li, and Y. Zhang, “Physical media covert channels on smart mobile devices,” in Proc. Int. Joint Conf. Pervasive Ubiquitous Comput., 2015, pp. 367–378.
11.
R. Hasan, N. Saxena, T. Haleviz, S. Zawoad, and D. Rinehart, “Sensing-enabled channels for hard-to-detect command and control of mobile devices,” in Proc. 8th Sympos. Inf. Comput. Commun. Security, 2013, pp. 469–480.
12.
S. Chandra, Z. Lin, A. Kundu, and L. Khan, “Towards a systematic study of the covert channel attacks in smartphones,” in SECURECOMM’14. Berlin, Germany: Springer, 2014, pp. 427–435.
13.
W. Enck, et al., “Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones,” in Proc. 9th USENIX Conf. Operating Syst. Des. Implementation, 2010, pp. 393–407.
14.
S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, and A.-R. Sadeghi, “Xmandroid: A new android evolution to mitigate privilege escalation attacks,” Technische Universität Darmstadt, 64289 Darmstadt, Germany. Tech. Rep. TR-2011–04, 2011.
15.
W. Qi, Y. Xu, W. Ding, Y. Jiang, J. Wang, and K. Lu, “Privacy leaks when you play games: A novel user-behavior-based covert channel on smartphones,” in Proc. IEEE 23rd Int. Conf. Netw. Protocols, 2015, pp. 201–211.
16.
Z. Xu, K. Bai, and S. Zhu, “Taplogger: Inferring user inputs on smartphone touchscreens using on-board motion sensors,” in Proc. 5th ACM Conf. Security Privacy Wireless Mobile Netw., 2012, pp. 113–124.
17.
L. Zhang, et al., “Accurate online power estimation and automatic battery behavior based power model generation for smartphones,” in Proc. 8th IEEE/ACM/IFIP Int. Conf. Hardware/Software Codes. Syst. Synthesis, 2010, pp. 105–114.
18.
B. W. Lampson, “A note on the confinement problem,” Commun. ACM, vol. 16, no. 10, pp. 613–615, 1973.
19.
S. Zander, G. Armitage, and P. Branch, “A survey of covert channels and countermeasures in computer network protocols,” IEEE Commun. Surveys Tuts., vol. 9, no. 3, pp. 44–57, Jul. 2007.
20.
S. Wendzel, S. Zander, B. Fechner, and C. Herdin, “Pattern-based survey and categorization of network covert channel techniques,” ACM Comput. Surveys, vol. 47, no. 3, pp. 50:1–50:26, 2015.
21.
R. A. Kemmerer and P. A. Porras, “Covert flow trees: A visual approach to analyzing covert storage channels,” IEEE Trans. Softw. Eng., vol. 17, no. 11, pp. 1166–1185, Nov. 1991.
22.
C. Wang and S. Ju, “Searching covert channels by identifying malicious subjects in the time domain,” in Proc. 5th Annu. IEEE SMC Inf. Assurance Workshop, 2004, pp. 68–73.
23.
G. Shah, A. Molina, and M. Blaze, “Keyboards and covert channels,” in Proc. 15th Conf. USENIX Security Symp., 2006, pp. 59–75.
24.
Z. Wang and R. B. Lee, “Covert and side channels due to processor architecture,” in Proc. 22nd Annu. Comput. Security Appl. Conf., 2006, pp. 473–482.
25.
T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, “Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds,” in Proc. 16th ACM Conf. Comput. Commun. Security, 2009, pp. 199–212.
26.
Z. Wu, Z. Xu, and H. Wang, “Whispers in the hyper-space: High-speed covert channel attacks in the cloud,” in Proc. 21st USENIX Conf. Security Symp., 2012, pp. 159–173.
27.
Y. Xu, M. Bailey, F. Jahanian, K. Joshi, M. Hiltunen, and R. Schlichting, “An exploration of l2 cache covert channels in virtualized environments,” in Proc. 3rd ACM Workshop Cloud Comput. Security Workshop, 2011, pp. 29–40.
28.
L. Simon and R. Anderson, “PIN skimmer: Inferring PINs through the camera and microphone,” in Proc. 3rd ACM Workshop Security Privacy Smartphones Mobile Devices, 2013, pp. 67–78.
29.
J. Wang, K. Zhao, X. Zhang, and C. Peng, “Ubiquitous keyboard for small mobile devices: Harnessing multipath fading for fine-grained keystroke localization,” in Proc. 12th Annu. Int. Conf. Mobile Syst. Appl. Services, 2014, pp. 14–27.
30.
T. Zhu, Q. Ma, S. Zhang, and Y. Liu, “Context-free attacks using keyboard acoustic emanations,” in Proc. Conf. Comput. Commun. Security, 2014, pp. 453–464.

Contact IEEE to Subscribe

References

References is not available for this document.