21 research outputs found
STM 2020 : security and trust management
Android accessibility features include a robust set of tools
allowing developers to create apps for assisting people with disabilities.
Unfortunately, this useful set of tools can also be abused and turned into
an attack vector, providing malware with the ability to interact and read
content from third-party apps.
In this work, we are the first to study the impact that the stealthy
exploitation of Android accessibility services can have on significantly
reducing the forensic footprint of malware attacks, thus hindering both
live and post-incident forensic investigations. We show that through Living
off the Land (LotL) tactics, or by offering a malware-only substitute
for attacks typically requiring more elaborate schemes, accessibilitybased
malware can be rendered virtually undetectable.
In the LotL approach, we demonstrate accessibility-enabled SMS and
command and control (C2) capabilities. As for the latter, we show a
complete cryptocurrency wallet theft, whereby the accessibility trojan
can hijack the entire withdrawal process of a widely used app, including
two-factor authentication (2FA). In both cases, we demonstrate how the
attacks result in significantly diminished forensic evidence when compared
to similar attacks not employing accessibility tools, even to the
extent of maintaining device take-over without requiring malware persistence.peer-reviewe
The security of the speech interface: a modelling framework and proposals for new defence mechanisms
This paper presents an attack and defence modelling framework for conceptualising the security of the speech interface. The modelling framework is based on the Observe-Orient-Decide-Act (OODA) loop model, which has been used to analyse adversarial interactions in a number of other areas. We map the different types of attacks that may be executed via the speech interface to the modelling framework, and present a critical analysis of the currently available defences for countering such attacks, with reference to the modelling framework. The paper then presents proposals for the development of new defence mechanisms that are grounded in the critical analysis of current defences. These proposals envisage a defence capability that would enable voice-controlled systems to detect potential attacks as part of their dialogue management functionality. In accordance with this high-level defence concept, the paper presents two specific proposals for defence mechanisms to be implemented as part of dialogue management functionality to counter attacks that exploit unintended functionality in speech recognition functionality and natural language understanding functionality. These defence mechanisms are based on the novel application of two existing technologies for security purposes. The specific proposals include the results of two feasibility tests that investigate the effectiveness of the proposed mechanisms in defending against the relevant type of attack