Article
A completely covert audio channel in Andriod
Journal of Computer Virology and Hacking Techniques
(2016)
Abstract
Exfiltration of private data from mobile devices is a potential security threat. Previous research concerning such threats has generally focused on techniques that are only valid over short distances (e.g., NFC, Bluetooth, electromagnetic emanations) or fail to be entirely covert. In this research, we develop and analyze an exfiltration attack that has no distance limitation and is completely covert. Specifically, we take advantage of vulnerabilities in Android that enable us to covertly record and exfiltrate a voice call. This paper presents a successful implementation of our attack, which records a call (both uplink and downlink voice streams), and subsequently transmits the recorded voice over an inaudible call. No visual or audio indication is given to the victim during the record or replay phases of the attack. We provide a detailed exposition of our attack, and we briefly consider the challenge of providing strong counter measures to such attacks.
Disciplines
Publication Date
April 13, 2016
Citation Information
Sukanya Thakur and Mark Stamp. "A completely covert audio channel in Andriod" Journal of Computer Virology and Hacking Techniques (2016) p. 1 - 12 ISSN: 2274-2042 Available at: http://works.bepress.com/mark_stamp/42/