Issue |
ITM Web Conf.
Volume 12, 2017
The 4th Annual International Conference on Information Technology and Applications (ITA 2017)
|
|
---|---|---|
Article Number | 04011 | |
Number of page(s) | 6 | |
Section | Session 4: Information Theory and Information Systems | |
DOI | https://doi.org/10.1051/itmconf/20171204011 | |
Published online | 05 September 2017 |
Privacy Leaks through Data Hijacking Attack on Mobile Systems
1 State Key Laboratory of Information Security, Institute of Information Engineering, CAS, Beijing, 100093, China
2 University of Chinese Academy of Sciences, Beijing, 100049, China
3 Chinese Research Institute of General Technology, Beijing, 100055, China
Email: zhangdaojuan@iie.ac.cn
Email: guoyuanfang@iie.ac.cn
Email: guodianjie@iie.ac.cn
Email: yuguangming2010@163.com
To persistently eavesdrop on the mobile devices, attackers may obtain the elevated privilege and inject malicious modules into the user devices. Unfortunately, the attackers may not be able to obtain the privilege for a long period of time since the exploitable vulnerabilities may be fixed or the malware may be removed. In this paper, we propose a new data hijacking attack for the mobile apps. By employing the proposed method, the attackers are only required to obtain the root privilege of the user devices once, and they can persistently eavesdrop without any change to the original device. Specifically, we design a new approach to construct a shadow system by hijacking user data files. In the shadow system, attackers possess the identical abilities to the victims. For instance, if a victim has logged into the email app, the attacker can also access the email server in the shadow system without authentication in a long period of time. Without reauthentication of the app, it is difficult for victims to notice the intrusion since the whole eavesdropping is performed on other devices (rather than the user devices). In our experiments, we evaluate the effectiveness of the proposed attack and the result demonstrates that even the Android apps released by the top developers cannot resist this attack. Finally, we discuss some approaches to defend the proposed attack.
© The Authors, published by EDP Sciences, 2017
This is an Open Access article distributed under the terms of the Creative Commons Attribution License 4.0, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.
Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.
Initial download of the metrics may take a while.