Exfiltrating Data from Android Devices
Computers & Security, 2014, DOI: 10.1016/j.cose.2014.10.016
28 Pages Posted: 31 Oct 2014 Last revised: 15 Nov 2014
Date Written: October 29, 2014
Modern mobile devices have security capabilities built into the native operating system, which are generally designed to ensure the security of personal or corporate data stored on the device, both at rest and in transit. In recent times, there has been interest from researchers and governments in securing as well as exfiltrating data stored on such devices (e.g. the high profile PRISM program involving the US Government). In this paper, we propose an adversary model for Android covert data exfiltration, and demonstrate how it can be used to construct a mobile data exfiltration technique (MDET) to covertly exfiltrate data from Android devices. Two proof-of-concepts were implemented to demonstrate the feasibility of exfiltrating data via SMS and inaudible audio transmission using standard mobile devices.
Keywords: Android, code injection, covert exfiltration, data exfiltration, inaudible transmission, mobile adversary model, reverse engineering, SMALI, SMS transmission
JEL Classification: C88, C89, K42, K49
Suggested Citation: Suggested Citation