Colluding Covert Channel for Malicious Information Exfiltration in Android Environment

Rosangela Casolare; Fabio Martinelli; Francesco Mercaldo; Francesco Mercaldo; Antonella Santone

doi:10.5220/0010396708110818

Colluding Covert Channel for Malicious Information Exfiltration in Android Environment

Rosangela Casolare, Fabio Martinelli, Francesco Mercaldo, Francesco Mercaldo, Antonella Santone

2021

Abstract

Mobile devices store a lot of sensitive and private information. It is easy from the developer point of view to release the access to sensitive and critical assets in mobile application development, such as Android. For this reason it can happen that the developer inadvertently causes sensitive data leak, putting users’ privacy at risk. Recently, a type of attack that creates a capability to transfer sensitive data between two (or more) applications is emerging i.e., the so-called colluding covert channel. To demonstrate this possibility, in this work we design and develop a set of applications exploiting covert channels for malicious purposes, which uses the smartphone accelerometer to perform a collusion between two Android applications. The vibration engine sends information from the source application to the sink application, translating it into a vibration pattern. The applications have been checked by more than sixty antimalware which did not classify them as malware, except for two antimalware which returned a false positive.

Download

Paper Citation

in Harvard Style

Casolare R., Martinelli F., Mercaldo F. and Santone A. (2021). Colluding Covert Channel for Malicious Information Exfiltration in Android Environment.In Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ForSE, ISBN 978-989-758-491-6, pages 811-818. DOI: 10.5220/0010396708110818

in Bibtex Style

@conference{forse21,
author={Rosangela Casolare and Fabio Martinelli and Francesco Mercaldo and Antonella Santone},
title={Colluding Covert Channel for Malicious Information Exfiltration in Android Environment},
booktitle={Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ForSE,},
year={2021},
pages={811-818},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010396708110818},
isbn={978-989-758-491-6},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ForSE,
TI - Colluding Covert Channel for Malicious Information Exfiltration in Android Environment
SN - 978-989-758-491-6
AU - Casolare R.
AU - Martinelli F.
AU - Mercaldo F.
AU - Santone A.
PY - 2021
SP - 811
EP - 818
DO - 10.5220/0010396708110818