Exfiltrating data from Android devices
Files
(Published version)
Date
2015
Authors
Do, Q.
Martini, B.
Choo, K.K.R.
Editors
Advisors
Journal Title
Journal ISSN
Volume Title
Type:
Journal article
Citation
Computers and Security, 2015; 48:74-91
Statement of Responsibility
Conference Name
Abstract
Modern mobile devices have security capabilities built into the native operating system, which are generally designed to ensure the security of personal or corporate data stored on the device, both at rest and in transit. In recent times, there has been interest from researchers and governments in securing as well as exfiltrating data stored on such devices (e.g. the high profile PRISM program involving the US Government). In this paper, we propose an adversary model for Android covert data exfiltration, and demonstrate how it can be used to construct a mobile data exfiltration technique (MDET) to covertly exfiltrate data from Android devices. Two proof-of-concepts were implemented to demonstrate the feasibility of exfiltrating data via SMS and inaudible audio transmission using standard mobile devices.
School/Discipline
Dissertation Note
Provenance
Description
Access Status
Rights
Copyright 2014 Elsevier
Access Condition Notes: Postprint available after 1 February 2017