A completely covert audio channel in Android

  • Sukanya Thakur
  • Mark Stamp
Original Paper


Exfiltration of private data from mobile devices is a potential security threat. Previous research concerning such threats has generally focused on techniques that are only valid over short distances (e.g., NFC, Bluetooth, electromagnetic emanations) or fail to be entirely covert. In this research, we develop and analyze an exfiltration attack that has no distance limitation and is completely covert. Specifically, we take advantage of vulnerabilities in Android that enable us to covertly record and exfiltrate a voice call. This paper presents a successful implementation of our attack, which records a call (both uplink and downlink voice streams), and subsequently transmits the recorded voice over an inaudible call. No visual or audio indication is given to the victim during the record or replay phases of the attack. We provide a detailed exposition of our attack, and we briefly consider the challenge of providing strong counter measures to such attacks.


Application Program Interface Android Voice Call Covert Channel Audio Stream 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Aloraini, B.S.: A New Covert Channel over Cellular Network Voice Channel. Thesis, Rochester Institute of Technology (2014)Google Scholar
  2. 2.
    Android Source Code, Android Source.
  3. 3.
    Android Studio, Signing you applications.
  4. 4.
    Audio Implementation, Android Source.
  5. 5.
    Brandt, N.B., Stamp, M.: Automating NFC message sending for good and evil. J. Comput. Virol. Hacking Tech. 10(4), 273–297 (2014)CrossRefGoogle Scholar
  6. 6.
    Do, Q., Martini, B., et. al.: Exfiltrating data from Android devices. Comput. Secur. 48, 74–91 (2015).
  7. 7.
    Drake, J.J., Fora, P.O., et al.: Android Hacker’s Handbook. Wiley, New York (2014)Google Scholar
  8. 8.
    Elenkov, N.: Android Security Internals: an In-Depth Guide to Android’s Security Architecture. No Starch Press (2015)Google Scholar
  9. 9.
    Guri, M., Kedma, G., et. al.: AirHopper: bridging the air-gap between isolated networks and mobile phones using radio frequencies. In: The 9th IEEE International Conference on Malicious and Unwanted Software, pp. 58–67 (2014)Google Scholar
  10. 10.
    Installing the Android SDK, Android Developer.
  11. 11.
    Kratsas, R.: Unleashing the Audio Potential of Smartphones, Cirrus Logic (2010).
  12. 12.
    Kuhn, M.G., Anderson, R.J.: Soft tempest: hidden data transmission using electromagnetic emanations. In: Information Hiding, pp. 124–142 (1998)Google Scholar
  13. 13.
    PawPrints, L.T.: Beginning Android Development: Create Your Own Android Apps Today. CreateSpace Independent Publishing Platform (2014)Google Scholar
  14. 14.
  15. 15.
    Thakur, S.: A Completely Covert Audio Channel in Android. Master’s Report, Department of Computer Science, San Jose State University (2015)Google Scholar
  16. 16.
    Weinmann, R.P.: Baseband attacks: remote exploitation of memory corruptions in cellular protocol stacks. In: Proceedings of the 6th USENIX Conference on Offensive Technologies. Berkeley, California, USA (2012).

Copyright information

© Springer-Verlag France 2016

Authors and Affiliations

  1. 1.Department of Computer ScienceSan Jose State UniversitySan JoseUSA

Personalised recommendations