Title :
Enhancing Stealthiness & Efficiency of Android Trojans and Defense Possibilities (EnSEAD) - Android´s Malware Attack, Stealthiness and Defense: An Improvement
Author :
Ali, Mohammad ; Ali, Humayun ; Anwar, Zahid
Author_Institution :
Sch. of Electr. Eng. & Comput. Sci. (SEECS), Nat. Univ. of Sci. & Technol. (NUST), Islamabad, Pakistan
Abstract :
In this work, we have studied Android Architecture from a security point of view. We have studied various defense mechanisms that are present in current Android Platform or are recently proposed. We took inspiration from Sound comber - a recent Android Trojan that steals sensitive information using various techniques. We enhanced the capabilities of Sound comber in terms of its stealthiness and efficiency in malicious communication by identifying new covert channel and incorporating basic compression. We then developed a new Android Trojan - Contact Archiver (steals user contacts) which inherits properties from Sound comber, i.e. uses few and innocuous permissions, circumvents already-known security defenses, conveys information remotely without direct network access plus incorporates enhancements proposed by us. We also propose some defense possibilities to detect Contact Archiver covert communication. Our future work will be to block security attacks performed using our enhancements, when they are used in any Android malware.
Keywords :
invasive software; operating system kernels; Android architecture; Android defense possibilities; Android malware attack; Android stealthiness enhancement; Android trojan efficiency; Soundcomber; contact archiver covert communication; direct network access; malicious communication; Credit cards; Internet; Servers; Smart phones; Trojan horses; android; covert channel; malware; mobile phone security; security; trojan;
Conference_Titel :
Frontiers of Information Technology (FIT), 2011
Conference_Location :
Islamabad
Print_ISBN :
978-1-4673-0209-8
DOI :
10.1109/FIT.2011.35
