Hidden and Uncontrolled - On the Emergence of Network Steganographic Threats

Network steganography is the art of hiding secret information within innocent network transmissions. Recent findings indicate that novel malware is increasingly using network steganography. Similarly, other malicious activities can profit from network steganography, such as data leakage or the exchange of pedophile data. This paper provides an introduction to network steganography and highlights its potential application for harmful purposes. We discuss the issues related to countering network steganography in practice and provide an outlook on further research directions and problems.Comment: 11 page

Automated Dynamic Detection of Self-Hiding Behaviors

Certain Android applications, such as but not limited to malware, conceal their presence from the user, exhibiting a self-hiding behavior. Consequently, these apps put the user’s security and privacy at risk by performing tasks without the user’s awareness. Static analysis has been used to analyze apps for self-hiding behavior, but this approach is prone to false positives and suffers from code obfuscation. This research proposes a set of three tools utilizing a dynamic analysis method of detecting self-hiding behavior of an app in the home, installed, and running application lists on an Android emulator. Our approach proves both highly accurate and efficient, providing tools usable by the Android marketplace for enhanced security screening

Malevolent app pairs: An android permission overpassing scheme

© 2016 Copyright held by the owner/author(s).Portable smart devices potentially store a wealth of information of personal data, making them attractive targets for data exfiltration attacks. Permission based schemes are core security controls for reducing privacy and security risks. In this paper we demonstrate that current permission schemes cannot effectively mitigate risks posed by covert channels. We show that a pair of apps with different permission settings may collude in order to effectively create a state where a union of their permissions is obtained, giving opportunities for leaking sensitive data, whilst keeping the leak potentially unnoticed. We then propose a solution for such attacks

Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices

Contains fulltext : 187230.pdf (preprint version ) (Open Access

An Extended Discussion on a High-Capacity Covert Channel for the Android Operating System

In “Exploring a High-Capacity Covert Channel for the Android Operating System” [1], a covert channel for communicating between different applications on the Android operating system was introduced and evaluated. This covert channel proved to be capable of a much higher throughput than any other comparable channels which had been explored previously. This article will expand on the work which was started in [1]. Specifically, further improvements on the initial covert channel concept will be detailed and their impact with regards to channel throughput will be evaluated. In addition, a new protocol for managing connections and communications between collaborating applications purely using this channel will be defined and explored. A number of different potential mechanisms and techniques for detecting the presence and use of this covert channel will also be described and discussed, including possible counter-measures, which could be implemented

Privacy implications of smartphone-based connected vehicle communications

Considerable work has been carried out into making the vision of connected vehicles a reality, with inter-operable communications to take place between vehicles for the purpose of improving road safety and alerting road users to accidents or sudden braking. The cost of deploying such a solution to large numbers of vehicles is significant, and vehicles have a much longer lifespan than other consumer equipment, leading to other work considering the use of smartphones as possible devices for such connected vehicle networks. In this paper, we consider the security and privacy implications of using smartphone based platforms for connected vehicle applications, both in vehicles, and those carried by pedestrians. We also consider the general risks of relying on consumer smartphones, particularly with regard to the lack of long-term security updates being available. We finally explore the need for privacy to be considered in the design of solutions, in addition to the well-recognised need for security, and explore the trade-off between anonymity and prevention of abuse, in the context of designing future connected vehicle technologies

Frequency Scaling as a Security Threat on Multicore Systems

Most modern processors use Dynamic Voltage and Frequency Scaling (DVFS) for power management. DVFS allows to optimize power consumption by scaling voltage and frequency depending on performance demand. Previous research has indicated that this frequency scaling might pose a security threat in the form of a covert channel, which could leak sensitive information. However, an analysis able to determine whether DVFS is a serious security issue is still missing. In this paper, we conduct a detailed analysis of the threat potential of a DVFS-based covert channel. We investigate two multicore platforms representative of modern laptops and hand-held devices. Furthermore, we develop a channel model to determine an upper bound to the channel capacity, which is in the order of 1 bit per channel use. Last, we perform an experimental analysis using a novel transceiver implementation. The neural network based receiver yields packet error rates between 1% and 8% at average throughputs of up to 1.83 and 1.20 bits per second for platforms representative of laptops and hand-held devices, respectively. Considering the well-known small message criterion, our results show that a relevant covert channel can be established by exploiting the behaviour of computing systems with DVFS.ISSN:0278-0070ISSN:1937-415

Network covert channels on the Android platform

Network covert channels are used to exfiltrate information from a secured environment in a way that is extremely difficult to detect or prevent. These secret channels have been identified as an important security threat to governments and the private sector, and several research efforts have focused on the design, detection, and prevention of such channels in enterprise-type environments. Mobile devices have become a ubiquitous computing platform, and are storing or have access to an increasingly large amount of sensitive information. As such, these devices have become prime targets of attackers who desire access to this information. In this work, we explore the implementation of network covert channels on the Google Android mobile platform. Our work shows that covert communication channels can be successfully implemented on the Android platform to allow data to be leaked from these devices in a manner that hides the fact that subversive communication is taking place