Skip to main content
SpringerLink
Log in

Towards a Systematic Study of the Covert Channel Attacks in Smartphones

  • Conference paper
  • First Online:
Book cover International Conference on Security and Privacy in Communication Networks (SecureComm 2014)

Abstract

Recently, there is a great attention on the smartphones security and privacy due to their increasing number of users and wide range of apps. Mobile operating systems such as Android, provide mechanisms for data protection by restricting the communication between apps within the device. However, malicious apps can still overcome such restrictions via various means such as exploiting the software vulnerability in systems or using covert channels for data transferring. In this paper, we aim to systematically analyze various resources available on Android for the possible use of covert channels between two malicious apps. From our systematized analysis, we identify two new hardware resources, namely battery and phone call, that can also be used as covert channels. We also find new features to enrich the existing approaches for better covert channel such as using the audio volume and screen brightness. Our experimental results show that high throughput data transmission can be achieved using these resources for the covert channel attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Ali, M., Humayun A., Zahid, A.: Enhancing stealthiness & efficiency of android trojans and defense possibilities (EnSEAD)-android’s malware attack, stealthiness and defense: an improvement. In: Frontiers of Information Technology (FIT). IEEE (2011)

    Google Scholar 

  2. Bishop, M.: Introduction to computer security. Addison-Wesley Professional, Amsterdam (2004)

    Google Scholar 

  3. Chandra, S., Lin, Z., Kundu, A., Khan, L.: Towards a Systematic Study of the Covert Channel Attacks in Smartphones. Technical report, University of Texas at Dallas (2014)

    Google Scholar 

  4. Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A study of android application security. In: USENIX Security Symposium, vol. 2, p. 2, August 2011

    Google Scholar 

  5. Gasior, W., Li Y.: Network covert channels on the Android platform. In: Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research. ACM (2011)

    Google Scholar 

  6. Hansen, M., Raquel, H., Seth, W.: Detecting covert communication on Android. In: 37th Conference on Local Computer Networks (LCN). IEEE (2012)

    Google Scholar 

  7. http://developer.android.com/reference/android/media/AudioManager.html

  8. http://developer.android.com/reference/android/os/BatteryManager.html

  9. http://developer.android.com/reference/android/provider/CallLog.Calls.html

  10. http://developer.android.com/reference/android/provider/Settings.System.html

  11. http://developer.android.com/reference/android/telephony/TelephonyManager.html

  12. Kemmerer, R.A.: Shared resource matrix methodology: an approach to identifying storage and timing channels. ACM Trans. Comput. Syst. (TOCS) 1(3), 256–277 (1983)

    Article  Google Scholar 

  13. Lampson, B.W.: A note on the confinement problem. Commun. ACM 16(10), 613–615 (1973)

    Article  Google Scholar 

  14. Marforio, C., Ritzdorf, H., Francillon, A., Capkun, S.: Analysis of the communication between colluding applications on modern smartphones. In: Proceedings of the 28th ACSAC, pp. 51–60. ACM, December 2012

    Google Scholar 

  15. NCSC, NSA.: Covert Channel Analysis of Trusted Systems (Light Pink Book). NSA/NCSC-Rainbow Series publications (1993)

    Google Scholar 

  16. Ritzdorf, H.: Analyzing Covert Channels on Mobile Devices. Diss. Master thesis ETH Zrich (2012)

    Google Scholar 

  17. Schlegel, R., Zhang, K., Zhou, X. Y., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. In: NDSS, vol. 11, pp. 17–33, February 2011

    Google Scholar 

  18. Simon, L., Ross A.: PIN skimmer: inferring PINs through the camera and microphone. In: Proceedings of the Third ACM Workshop on Security and Privacy in Smartphones & Mobile Devices. ACM (2013)

    Google Scholar 

  19. van Cuijk, W.P.M.: Enforcing a fine-grained network policy in Android (2011)

    Google Scholar 

Download references

Acknowledgment

We thank anonymous reviewers for their invaluable feedback. This research was partially supported by The Air Force Office of Scientific Research under Award No. FA-9550-12-1-0077. Any opinions, findings and conclusions or recommendations expressed herein are those of the authors and do not necessarily reflect the views of the sponsors.

Author information

Authors and Affiliations

  1. The University of Texas at Dallas, Richardson, TX, USA

    Swarup Chandra, Zhiqiang Lin & Latifur Khan

  2. IBM T J Watson Research Center, Yorktown Heights, NY, USA

    Ashish Kundu

Authors
  1. Swarup Chandra
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhiqiang Lin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ashish Kundu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Latifur Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Swarup Chandra .

Editor information

Editors and Affiliations

  1. CAS, Institute of Information Engineering CAS, Beijing, China

    Jing Tian

  2. Institute of Information Engineering, CAS, Beijing, China

    Jiwu Jing

  3. IBM Thomas J. Watson Research Center, New York, New York, USA

    Mudhakar Srivatsa

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Chandra, S., Lin, Z., Kundu, A., Khan, L. (2015). Towards a Systematic Study of the Covert Channel Attacks in Smartphones. In: Tian, J., Jing, J., Srivatsa, M. (eds) International Conference on Security and Privacy in Communication Networks. SecureComm 2014. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 152. Springer, Cham. https://doi.org/10.1007/978-3-319-23829-6_29

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-23829-6_29

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-23828-9

  • Online ISBN: 978-3-319-23829-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation