Using Labeling to Prevent Cross-Service Attacks Against Smart Phones

  • Collin Mulliner
  • Giovanni Vigna
  • David Dagon
  • Wenke Lee
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4064)


Wireless devices that integrate the functionality of PDAs and cell phones are becoming commonplace, making different types of network services available to mobile applications. However, the integration of different services allows an attacker to cross service boundaries. For example, an attack carried out through the wireless network interface may eventually provide access to the phone functionality. This type of attacks can cause considerable damage because some of the services (e.g., the GSM-based services) charge the user based on the traffic or time of use. In this paper, we demonstrate the feasibility of these attacks by developing a proof-of-concept exploit that crosses service boundaries. To address these security issues, we developed a solution based on resource labeling. We modified the kernel of an integrated wireless device so that processes and files are marked in a way that allows one to regulate the access to different system resources. Labels are set when certain network services are accessed. The labeling is then transferred between processes and system resources as a result of either access or execution. We also defined a language for creating labeling rules, and demonstrated how the system can be used to prevent attacks that attempt to cross service boundaries. Experimental evaluation shows that the implementation introduces little overhead. Our security solution is orthogonal to other protection schemes and provides a critical defense for the growing problem of cell phone viruses and worms.


Access Control Cell Phone Policy Language Smart Phone Session Initiation Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Airscanner Corp. Advisory 05081102 vxFtpSrv 0.9.7 Remote Code Execution Vulnerability (2005),
  2. 2.
    Airscanner Corp. Advisory 05081203 vxTftpSrv 1.7.0 Remote Code Execution Vulnerability (2005),
  3. 3.
    Biba, K.: Integrity Considerations for Secure Computer Systems. Technical Report TR-3153, MITRE Corp, Bedford, MA (1977)Google Scholar
  4. 4.
    Bluetooth SIG: Bluetooth (2006),
  5. 5.
    Cowan, C., Pu, C., Maier, D.: StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In: Proceedings of the 7th USENIX Security Symposium, pp. 63–78 (1998)Google Scholar
  6. 6.
    Elser, D.: PicoWebServer Remote Unicode Stack Overflow Vulnerability (May 2005),
  7. 7.
    Dagon, D., Martin, T., Starner, T.: Mobile Phones as Computing Devices: The Viruses are Coming! IEEE Pervasive Computing (October/December 2004)Google Scholar
  8. 8.
    Ito, E.: FtpSvr - Ftp Server (1999),
  9. 9.
    Edjlali, G., Acharya, A., Chaudhary, V.: History-based Access Control for Mobile Code. In: ACM Conference on Computer and Communication Security (1998)Google Scholar
  10. 10.
    F-Secure Corporation. F-Secure Virus Descriptions: Skulls (2004),
  11. 11.
    Familiar Linux - A Linux Distribution For Handheld Devices (2006),
  12. 12.
    Fraser, T.: LOMAC: MAC you can live with. In: Proc. of the 2001 Usenix Annual Technical Conference (June 2001)Google Scholar
  13. 13.
    GSMA. GPRS - General Packet Radio Service (2006),
  14. 14.
    GSMA. GSM - Global System for Mobile Communications (2006),
  15. 15.
    Hewlett-Packard. HP iPAQ h5500 (2006),
  16. 16.
    HTC. HTC Blue Angel (2006),
  17. 17.
    i-mate. i-mate PDA2k (2006),
  18. 18.
    Koziol, J., Litchfield, D., Aitel, D., Anley, C., Eren, S., Mehta, N., Hassell, R.: The Shellcoder’s Handbook: Discovering and Exploiting Security Holes. Wiley, Chichester (2003)Google Scholar
  19. 19.
    Loscocco, P., Smalley, S.: Integrating Exible Support For Security Policies Into The Linux Operating System. In: Proceedings of the FREENIX Track of the 2001 USENIX Annual Technical Conference (2001)Google Scholar
  20. 20.
    Microsoft. Platform Builder for WindowsCE 5.0, Compiler Option Reference (2005),
  21. 21.
  22. 22.
    Microsoft. Windows Mobile (2006),
  23. 23.
    Newmad Technologies AB. PicoWebServer (2005),
  24. 24.
    Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., Schooler, E.: SIP: Session Initiation Protocol. RFC3261 (2002)Google Scholar
  25. 25.
    Christensen, M.T.S.N., Sorensen, K.: Umbrella - We can’t prevent the rain. -But we don’t get wet! Master’s thesis, Aalborg University (January 2005)Google Scholar
  26. 26.
    Sabelfeld, A., Myers, A.C.: Language-Based Information-Flow Security. IEEE Journal on Selected Areas in Communications 21(1), 5–19 (2003)CrossRefGoogle Scholar
  27. 27.
    San. Hacking Windows CE. Phrack, 0x0b(0x3f) (August 2005)Google Scholar
  28. 28.
    Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST Model for Role-Based Access Control: Towards A Unified Standard. In: Proceedings of the fifth ACM workshop on Role-based access control, pp. 47–63 (2000)Google Scholar
  29. 29.
    SecurityFocus. BugTraq (2006),
  30. 30.
    SJ Labs, Inc. Voice Over IP Software (2005),
  31. 31.
    Symantec Security Response. SymbOS.Cabir (2004),
  32. 32.
    Symbian, Inc. Information about Mosquitos Trojan (2004),
  33. 33.
    Vieka Technology Inc. PE FTP Server (2005),
  34. 34.
    Watson, R.N.M.: TrustedBSD: Adding Trusted Operating System Features to FreeBSD. In: USENIX Annual Technical Conference, FREENIX Track, pp. 15–28 (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Collin Mulliner
    • 1
  • Giovanni Vigna
    • 1
  • David Dagon
    • 2
  • Wenke Lee
    • 2
  1. 1.University of CaliforniaSanta BarbaraUSA
  2. 2.Georgia Institute of TechnologyAtlantaUSA

Personalised recommendations