483 Hits in 5.9 sec

Analysis of the communication between colluding applications on modern smartphones

Claudio Marforio, Hubert Ritzdorf, Aurélien Francillon, Srdjan Capkun
2012 Proceedings of the 28th Annual Computer Security Applications Conference on - ACSAC '12  
The measured throughput of covert channels ranges from 3.7 bps to 3.27 kbps on a Nexus One phone and from 0.47 bps to 4.22 kbps on a Samsung Galaxy S phone; such throughputs are sufficient to efficiently  ...  Users are not made aware of possible implications of application collusion attacks-quite the contrary-on existing platforms, users are implicitly led to believe that by approving the installation of each  ...  It represents the views of the authors. We would like to thank Sven Bugiel and the team behind XManDroid for giving us the possibility to test XMan-Droid and for productive discussion.  ... 
doi:10.1145/2420950.2420958 dblp:conf/acsac/MarforioRFC12 fatcat:7mqt2gw4qfd3flsaxn52d2xdce

Enhancing Passwords Security Using Deceptive Covert Communication [chapter]

Mohammed H. Almeshekah, Mikhail J. Atallah, Eugene H. Spafford
2015 IFIP Advances in Information and Communication Technology  
Finally, the scheme's covert channel mechanisms give servers the ability to utilize a user's context information -detecting the use of untrusted networks or whether the login was based on a solicitation  ...  We also introduce a covert communication mechanism between the user's client and the service provider.  ...  This covert messaging mechanism enables different behaviors from the current practice of "all-or-nothing" authentication and access.  ... 
doi:10.1007/978-3-319-18467-8_11 fatcat:i4v6kqkqjzagbesdh3agpbuboq

Secure cloud computing with brokered trusted sensor networks

Apu Kapadia, Steven Myers, XiaoFeng Wang, Geoffrey Fox
2010 2010 International Symposium on Collaborative Technologies and Systems  
) New malware threats and defenses installed on the sensor network proper, and iii) An analysis of covert channels being used to circumvent encryption in the user/cloud interface.  ...  We propose a model for large-scale smartphone based sensor networks, with sensor information processed by clouds and grids, with a mediation layer for processing, filtering and other mashups done via a  ...  to detect such covert channels.  ... 
doi:10.1109/cts.2010.5478459 dblp:conf/cts/KapadiaMWF10 fatcat:uo7bhogzofgztpukgrqvn46nuq

Attacks and Preventive Measures on Video Surveillance Systems: A Review

Preethi Vennam, Pramod T. C., Thippeswamy B. M., Yong-Guk Kim, Pavan Kumar B. N.
2021 Applied Sciences  
This provides insight for the better identification of the security risks associated with the design and deployment of these systems and promotes further research in this emerging field.  ...  In this paper, we present a detailed review of existing and possible threats in video surveillance, CCTV, and IP-camera systems.  ...  Covert channel attack Privacy-related problems of the leakage channels are mitigated at different levels.  ... 
doi:10.3390/app11125571 fatcat:i5tdoyz5mncqjltfap4wyou3ne

An autonomic and permissionless Android covert channel

Kenneth Block, Sashank Narain, Guevara Noubir
2017 Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks - WiSec '17  
by applications designed to identify this form of behavior.  ...  In traditional Android based ex ltration channels, the application engaged in information acquisition is granted permission to execute o -board communications. is tactic increases the possibility of detection  ...  BACKGROUND AND MOTIVATION Smartphone covert channels follow either inter or intra-device patterns.  ... 
doi:10.1145/3098243.3098250 dblp:conf/wisec/BlockNN17 fatcat:ovl6rr62afbk7og4e6unegt7cq

Microarchitectural Attacks in Heterogeneous Systems: A Survey

Hoda Naghibijouybari, Esmaeil Mohammadian Koruyeh, Nael Abu-Ghazaleh
2022 ACM Computing Surveys  
In this survey article, we consider the security of heterogeneous systems against microarchitectural attacks, with a focus on covert- and side-channel attacks, as well as fault injection attacks.  ...  efforts to mitigate them.  ...  The work is supported by the National Science Foundation under CNS-2053383, CNS-2130978, and CNS-1955650 grants.  ... 
doi:10.1145/3544102 fatcat:dm3l4etg5vealdqyodhuopjhgy

SWAP: Security aware provisioning and migration of phone clones over mobile clouds

Seyed Yahya Vaezpour, Rui Zhang, Kui Wu, Jianping Wang, Gholamali C Shoja
2014 2014 IFIP Networking Conference  
Due to shared hardware components (e.g. memory bus and CPU cache) among co-resident VMs, a VM is subject to covert channel attacks and may potentially leak information to other VMs located in the same  ...  Our solution utilizes the spatial and temporal features of phone clones, and by considering the online social connection of mobile users, we greatly simplify the search space of the optimal solution.  ...  to mitigate the impact of potential covert channels.  ... 
doi:10.1109/ifipnetworking.2014.6857123 dblp:conf/networking/Vaezpour0WWS14 fatcat:4pdqk6rvlngzvartipwm7xdps4

Undermining Isolation Through Covert Channels in the Fiasco.OC Microkernel [chapter]

M. Peter, M. Petschick, J. Vetter, J. Nordholz, J. Danisevskis, J.-P. Seifert
2015 Lecture Notes in Electrical Engineering  
Unfortunately, in addition to the construction of system-wide denial of service attacks, our identified weaknesses of Fiasco.OC also allow covert channels across security perimeters with high bandwidth  ...  Indeed, for all potential use cases of Fiasco.OC we implemented a full-fledged system on its respective archetypical hardware: Desktop server/workstation on AMD64 x86 CPU, Tablet on Intel Atom CPU, Smartphone  ...  The constructed covert channel had bandwidth of ∼0.5 bits/s. Lin et al. [51] propose two covert communication channels based on the last PID and a temporary file in the Linux OS.  ... 
doi:10.1007/978-3-319-22635-4_13 fatcat:cpvqi4b5ivaq7ikgz46pn2ntcy

Toward Engineering a Secure Android Ecosystem

Meng Xu, Chenxiong Qian, Sangho Lee, Taesoo Kim, Chengyu Song, Yang Ji, Ming-Wei Shih, Kangjie Lu, Cong Zheng, Ruian Duan, Yeongjin Jang, Byoungyoung Lee
2016 ACM Computing Surveys  
Based on our collection of knowledge, we envision a blueprint for engineering a secure, next-generation Android ecosystem.  ...  CCS Concepts: r Security and privacy → Mobile platform security; Malware and its mitigation; Social aspects of security and privacy Additional  ...  SIDE CHANNELS AND COVERT CHANNELS All operating systems are subject to side-channel attacks as well as information leakage via covert channels, and Android is no exception.  ... 
doi:10.1145/2963145 fatcat:d5vhxpdywrevvbh4as6vvt576q

InkFiltration: Using Inkjet Printers for Acoustic Data Exfiltration from Air-Gapped Networks

Julian de Gortari Briseno, Akash Deep Singh, Mani Srivastava
2022 ACM Transactions on Privacy and Security  
To prove and analyze the capabilities of this new covert channel, we carried out tests considering different types of document layouts and distances between the printer and recording device.  ...  The proposed covert channel works by malware installed on a computer with access to a printer, injecting certain imperceptible patterns into all documents that applications on the computer send to the  ...  Distance and Receiver Orientation To test the robustness of our covert channel with respect to distance and the orientation of our smartphone receiver, a series of tests were carried out to measure the  ... 
doi:10.1145/3510583 fatcat:tvvh3dxnkbbxvbepu2eijnd66y

PIN skimmer

Laurent Simon, Ross Anderson
2013 Proceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices - SPSM '13  
Here, we describe a new side-channel attack that makes use of the video camera and microphone to infer PINs entered on a number-only soft keyboard on a smartphone.  ...  It turns out to be difficult to prevent such side-channel attacks, so we provide guidelines for developers to mitigate present and future side-channel attacks on PIN input.  ...  Acknowledgement We wish to thank Omar Choudary and Alastair Beresford for their valuable suggestions and comments; and Viktor Konstantinov for suggesting the camera as side-channel.  ... 
doi:10.1145/2516760.2516770 dblp:conf/ccs/SimonA13 fatcat:seylhvae3jejzhem5yaqqymfpa

Is My Phone Listening in? On the Feasibility and Detectability of Mobile Eavesdropping [chapter]

Jacob Leon Kröger, Philip Raschke
2019 Lecture Notes in Computer Science  
Based on previous research and our own analysis, we challenge the widespread assumption that the spying fears have already been disproved.  ...  Besides various other privacy concerns with mobile devices, many people suspect their smartphones to be secretly eavesdropping on them.  ...  as signal processing, data compression, covert channels, and automatic speech recognition.  ... 
doi:10.1007/978-3-030-22479-0_6 fatcat:v4bmsoiybnbspmwt4w2vhsimli

Charger-Surfing: Exploiting a Power Line Side-Channel for Smartphone Information Leakage

Patrick Cronin, Xing Gao, Chengmo Yang, Haining Wang
2021 USENIX Security Symposium  
Touchscreen-based mobile devices such as smartphones and tablets are used daily by billions of people for productivity and entertainment.  ...  This leakage channel is thoroughly evaluated on various smartphones running Android or iOS, equipped with the two most commonly used screen technologies (LCD and OLED).  ...  Acknowledgement We would like to thank the anonymous reviewers for their insightful and detailed comments, which helped us to improve the quality of this work.  ... 
dblp:conf/uss/Cronin0YW21 fatcat:6dbom7k4b5c6tcv54oums56ptu

A Survey on Security for Mobile Devices

Mariantonietta La Polla, Fabio Martinelli, Daniele Sgandurra
2013 IEEE Communications Surveys and Tutorials  
systems, especially focusing on IDS-based models and tools.  ...  This paper surveys the state of the art on threats, vulnerabilities and security solutions over the period 2004-2011, by focusing on high-level attacks, such those to user applications.  ...  ACKNOWLEDGEMENT The authors would like to thank the anonymous reviewers for their valuable comments and suggestions, which have greatly improved the quality of the paper.  ... 
doi:10.1109/surv.2012.013012.00028 fatcat:us2g2qlglrflporo6fp6vqbdn4

Software-based Microarchitectural Attacks [article]

Daniel Gruss
2017 arXiv   pre-print
In the first part, we provide background on modern processor architectures and discuss state-of-the-art attacks and defenses in the area of microarchitectural side-channel attacks and microarchitectural  ...  In this thesis, we focus on microarchitectural attacks and defenses on commodity systems. We investigate known and new side channels and show that microarchitectural attacks can be fully automated.  ...  We present a countermeasure against Prefetch Side-Channel Attacks on commodity systems, that involves reorganizing the user and kernel address space to protect KASLR.  ... 
arXiv:1706.05973v1 fatcat:4hwdpe4dancmblsxasg3a75h7a
« Previous Showing results 1 — 15 out of 483 results