Using Labeling to Prevent Cross-Service Attacks Against Smart Phones

Mulliner, Collin; Vigna, Giovanni; Dagon, David; Lee, Wenke

doi:10.1007/11790754_6

Cited by 41 publications

(30 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We not only propose a solution, but fully implemented a prototype and evaluated it. Mulliner et al [20] build a label based tracking system that tracks a process' access to network interfaces to limit future access to other network resources such as the cellular modem. The SEIP [35] architecture uses D-Bus in combination with SELinux to enforce access policies for applications accessing various system resources on a smartphone.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Taming Mr Hayes: Mitigating signaling based attacks on smartphones

Mulliner

Liebergeld

Lange

et al. 2012

IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012)

Self Cite

View full text Add to dashboard Cite

Abstract-Malicious injection of cellular signaling traffic from mobile phones is an emerging security issue. The respective attacks can be performed by hijacked smartphones and by malware resident on mobile phones. Until today there are no protection mechanisms in place to prevent signaling based attacks other than implementing expensive additions to the cellular core network. In this work we present a protection system that resides on the mobile phone. Our solution works by partitioning the phone software stack into the application operating system and the communication partition. The application system is a standard fully featured Android system. On the other side, communication to the cellular network is mediated by a flexible monitoring and enforcement system running on the communication partition. We implemented and evaluated our protection system on a real smartphone. Our evaluation shows that it can mitigate all currently known signaling based attacks and in addition can protect users from cellular Trojans.

show abstract

Section: Related Workmentioning

confidence: 99%

“…There are academic contributions [20], [8], [35] and work performed by smartphone operating system (OS) vendors such as Apple, Google, Symbian, RIM or Microsoft. However, the efforts concentrated on the OS, to protect users from attacks and to mitigate malware such as Trojans.…”

Section: Introductionmentioning

confidence: 99%

Taming Mr Hayes: Mitigating signaling based attacks on smartphones

Mulliner

Liebergeld

Lange

et al. 2012

IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012)

Self Cite

View full text Add to dashboard Cite

show abstract

“…In [30], several schemes have been studied to mitigate DoS attacks via queuing in the network. To prevent cross service boundary attacks, a labeling technique is used to separate the phone interface from the PDA interface of a mobile device [24]. Sarat et al [27] proposed to integrate commonwalk lengths and node frequencies to detect worms and determine their propagation origins.…”

Section: Related Workmentioning

confidence: 99%

VirusMeter: Preventing Your Cellphone from Spies

Liu¹,

Yan

Zhang

et al. 2009

Lecture Notes in Computer Science

108

View full text Add to dashboard Cite

Abstract. Due to the rapid advancement of mobile communication technology, mobile devices nowadays can support a variety of data services that are not traditionally available. With the growing popularity of mobile devices in the last few years, attacks targeting them are also surging. Existing mobile malware detection techniques, which are often borrowed from solutions to Internet malware detection, do not perform as effectively due to the limited computing resources on mobile devices. In this paper, we propose VirusMeter, a novel and general malware detection method, to detect anomalous behaviors on mobile devices. The rationale underlying VirusMeter is the fact that mobile devices are usually battery powered and any malicious activity would inevitably consume some battery power. By monitoring power consumption on a mobile device, VirusMeter catches misbehaviors that lead to abnormal power consumption. For this purpose, VirusMeter relies on a concise user-centric power model that characterizes power consumption of common user behaviors. In a real-time mode, VirusMeter can perform fast malware detection with trivial runtime overhead. When the battery is charging (referred to as a battery-charging mode), VirusMeter applies more sophisticated machine learning techniques to further improve the detection accuracy. To demonstrate its feasibility and effectiveness, we have implemented a VirusMeter prototype on Nokia 5500 Sport and used it to evaluate some real cellphone malware, including FlexiSPY and Cabir. Our experimental results show that VirusMeter can effectively detect these malware activities with less than 1.5% additional power consumption in real time.

show abstract

“…The attack discussed above includes a number of attacks such as man-in-the-middle, sniffing and privacy related attacks. Another attack that is described by some of the researches is based on the cross service attack on the mobile devices [1]. Cross service attacks can occur while you are browsing from your mobile handset sitting in a shop with wireless connectivity.…”

Section: Introductionmentioning

confidence: 99%

“…The key factor contributing to the success of SVC is due to the fact that there is no efficient management policy for system APIs security for Windows Mobile. In the mobile environment, it is quite common to have a man-in-the-middle trying to sniff at the information being passed between the mobile device and the service providers [1]. Therefore it is crucial to have data access control mechanisms in place.…”

Section: Introductionmentioning

confidence: 99%