loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Rosangela Casolare 1 ; Fabio Martinelli 2 ; Francesco Mercaldo 3 ; 2 and Antonella Santone 3

Affiliations: 1 Department of Biosciences and Territory, University of Molise, Pesche (IS), Italy ; 2 Institute for Informatics and Telematics, National Research Council of Italy, Pisa, Italy ; 3 Department of Medicine and Health Sciences “Vincenzo Tiberio”, University of Molise, Campobasso, Italy

Keyword(s): Android, Security, Model Checking, Formal Methods, Privacy.

Abstract: Mobile devices store a lot of sensitive and private information. It is easy from the developer point of view to release the access to sensitive and critical assets in mobile application development, such as Android. For this reason it can happen that the developer inadvertently causes sensitive data leak, putting users’ privacy at risk. Recently, a type of attack that creates a capability to transfer sensitive data between two (or more) applications is emerging i.e., the so-called colluding covert channel. To demonstrate this possibility, in this work we design and develop a set of applications exploiting covert channels for malicious purposes, which uses the smartphone accelerometer to perform a collusion between two Android applications. The vibration engine sends information from the source application to the sink application, translating it into a vibration pattern. The applications have been checked by more than sixty antimalware which did not classify them as malware, except fo r two antimalware which returned a false positive. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.207.255.67

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Casolare, R.; Martinelli, F.; Mercaldo, F. and Santone, A. (2021). Colluding Covert Channel for Malicious Information Exfiltration in Android Environment. In Proceedings of the 7th International Conference on Information Systems Security and Privacy - ForSE; ISBN 978-989-758-491-6; ISSN 2184-4356, SciTePress, pages 811-818. DOI: 10.5220/0010396708110818

@conference{forse21,
author={Rosangela Casolare. and Fabio Martinelli. and Francesco Mercaldo. and Antonella Santone.},
title={Colluding Covert Channel for Malicious Information Exfiltration in Android Environment},
booktitle={Proceedings of the 7th International Conference on Information Systems Security and Privacy - ForSE},
year={2021},
pages={811-818},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010396708110818},
isbn={978-989-758-491-6},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 7th International Conference on Information Systems Security and Privacy - ForSE
TI - Colluding Covert Channel for Malicious Information Exfiltration in Android Environment
SN - 978-989-758-491-6
IS - 2184-4356
AU - Casolare, R.
AU - Martinelli, F.
AU - Mercaldo, F.
AU - Santone, A.
PY - 2021
SP - 811
EP - 818
DO - 10.5220/0010396708110818
PB - SciTePress