Android Commercial Spyware Disease and Medication

Presented at Black Hat Asia 2016, Unknown date/time (Unknown duration).

Android-based smartphones are gaining significant advantages on its counterparts in terms of market share among users. The increasing usage of Android OS make it ideal target for attackers. There is an urgent need to develop solutions that guard the user's privacy and can monitor, detect and block these eavesdropping applications. In this paper, two proposed paradigm are presented. The first proposed paradigm is a spyware application to highlight the security weaknesses' "disease." The spyware application has been used to deeply understand the vulnerabilities in the Android operating system, and to study how the spyware can be developed to abuse these vulnerabilities for intercepting victim's privacy such as received SMS, incoming calls and outgoing calls. The spyware abuses the Internet service to transfer the intercepted information from victim's cell phone illegally to a cloud database. The Android OS permission subsystem and the broadcast receiver subsystem contribute to form a haven for the spyware by granting it absolute control to listen, intercept and track the victim's privacy. The second proposed paradigm is a new detection paradigm "medication" based on fuzz testing technique to mitigate known vulnerabilities. In this proposal, anti-spyware solution "DroidSmartFuzzer" has been designed. The implementation of the anti-spyware application has been used to mitigate the risks of the mentioned attacks. It should be noted that the proposed paradigm "DroidSmart-Fuzzer" and its fuzzing test cases are designed not only to catch the proposed spyware application but also to catch any similar malicious application designed to intercept one or more of the listed privacies. According to high rate installation of commercial spyware which increased in 2014 as mentioned in Google Android Security report [1] , Lacoon research team report [2], ALCATEL-LUCENT mobile malware reports [3], [4], [5], [6], and Joshua Dalman and Valerie Hantke research on Black Hat USA 2015 [7]. DroidSmartFuzzer has been tested against the top 15 commercial spyware [8], [9], [10], [11], [12], [13], [14], [15], [16], [17], [18], [19], [20], [21], [22], two free spy applications on Google Play[23], [24], two free spy applications on Amazon store [25], [26] and the proposed spyware application.


Presenters:

  • Mustafa Saad - MTC
    Mustafa Saad has a degree in Computer Engineering from Ain-Shams University and a Master's Degree in Mobile Security.

Links:

Similar Presentations: