TU Darmstadt / ULB / TUbiblio

Rooting Android - Extending the ADB by an Auto-Connecting WiFi-Accessible Service

Nazar, Assem and Seeger, Mark and Baier, Harald (2011):
Rooting Android - Extending the ADB by an Auto-Connecting WiFi-Accessible Service.
In: Lecture Notes in Computer Science, In: 16th Nordic Conference in Secure IT Systems (NordSec 2011), Springer-Verlag, Tallinn, Estonia, [Conference or Workshop Item]

Abstract

The majority of malware seen on Android has a top-down approach often targeting application programming interfaces (API) of the financially rewarding telephony and short message service (SMS). In this paper we present a proof of concept of compromising an Android based smartphone by targeting the underlying Linux kernel. We adopt an unorthodox bottom-up approach on modifying the operat- ing system to allow an application to re-route the Android debug bridge (ADB) daemon onto a wireless link. We support our research using case scenarios to show how information can be extracted and inserted into the smartphone without the knowledge of the user. We discuss how the Android build environment can be changed to harness functionality from secured operations. We also discuss how an application can be designed to function with minimum resources, be hidden and perform operations without user consent or interaction. We also provide an overview of how a rooted Android operating system can be misused.

Item Type: Conference or Workshop Item
Erschienen: 2011
Creators: Nazar, Assem and Seeger, Mark and Baier, Harald
Title: Rooting Android - Extending the ADB by an Auto-Connecting WiFi-Accessible Service
Language: German
Abstract:

The majority of malware seen on Android has a top-down approach often targeting application programming interfaces (API) of the financially rewarding telephony and short message service (SMS). In this paper we present a proof of concept of compromising an Android based smartphone by targeting the underlying Linux kernel. We adopt an unorthodox bottom-up approach on modifying the operat- ing system to allow an application to re-route the Android debug bridge (ADB) daemon onto a wireless link. We support our research using case scenarios to show how information can be extracted and inserted into the smartphone without the knowledge of the user. We discuss how the Android build environment can be changed to harness functionality from secured operations. We also discuss how an application can be designed to function with minimum resources, be hidden and perform operations without user consent or interaction. We also provide an overview of how a rooted Android operating system can be misused.

Title of Book: 16th Nordic Conference in Secure IT Systems (NordSec 2011)
Series Name: Lecture Notes in Computer Science
Publisher: Springer-Verlag
Uncontrolled Keywords: Secure Services
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
LOEWE > LOEWE-Zentren
LOEWE
Event Location: Tallinn, Estonia
Date Deposited: 30 Dec 2016 20:23
Identification Number: TUD-CS-2011-0278
Related URLs:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)

View Item View Item