Title :
Using Short Message Service (SMS) to deploy Android exploits
Author :
Song Yubo ; Zhang Zhiwei ; Xia Yunfeng
Author_Institution :
Inf. Sci. & Eng. Sch., Southeast Univ. Nanjing, Nanjing, China
Abstract :
Short Message Service (SMS) provided by the mobile communication system is a widely used service, almost all the mobile terminals support the short message protocol. In this paper, we illustrate how to exploit the SMS as an attack vector to deploy malware on Android system. Through protocol manipulation, we select the message of type Replace Short Message Type (RS MT) as the attack vector and then we use the Software Defined Radio (SDR) to send this kind of message to the target device with a low cost. Meanwhile, due to some features of the Android security model, we have shown that injection on Android system is undetected by antivirus software. Furthermore, we implemented attacks on different smartphones using SMS to confirm the effectiveness of the approach.
Keywords :
Android (operating system); electronic messaging; mobile radio; protocols; security of data; smart phones; software radio; Android exploit deployment; Android security model; Android system; RS MT message; SDR; SMS; antivirus software; malware deployment; message sending; mobile communication system; mobile terminals; replace short message type message; short message protocol manipulation; short message service; smartphones; software defined radio; Android security; Attack vector; RSMT; SDR; SMS;
Conference_Titel :
Cyberspace Technology (CCT 2014), International Conference on
Print_ISBN :
978-1-84919-928-5
DOI :
10.1049/cp.2014.1337