Nazar, Assem ; Seeger, Mark ; Baier, Harald (2011)
Rooting Android - Extending the ADB by an Auto-Connecting WiFi-Accessible Service.
Tallinn, Estonia
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
The majority of malware seen on Android has a top-down approach often targeting application programming interfaces (API) of the financially rewarding telephony and short message service (SMS). In this paper we present a proof of concept of compromising an Android based smartphone by targeting the underlying Linux kernel. We adopt an unorthodox bottom-up approach on modifying the operat- ing system to allow an application to re-route the Android debug bridge (ADB) daemon onto a wireless link. We support our research using case scenarios to show how information can be extracted and inserted into the smartphone without the knowledge of the user. We discuss how the Android build environment can be changed to harness functionality from secured operations. We also discuss how an application can be designed to function with minimum resources, be hidden and perform operations without user consent or interaction. We also provide an overview of how a rooted Android operating system can be misused.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2011 |
| Autor(en): | Nazar, Assem ; Seeger, Mark ; Baier, Harald |
| Art des Eintrags: | Bibliographie |
| Titel: | Rooting Android - Extending the ADB by an Auto-Connecting WiFi-Accessible Service |
| Sprache: | Deutsch |
| Publikationsjahr: | Oktober 2011 |
| Verlag: | Springer-Verlag |
| Buchtitel: | 16th Nordic Conference in Secure IT Systems (NordSec 2011) |
| Reihe: | Lecture Notes in Computer Science |
| Veranstaltungsort: | Tallinn, Estonia |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | The majority of malware seen on Android has a top-down approach often targeting application programming interfaces (API) of the financially rewarding telephony and short message service (SMS). In this paper we present a proof of concept of compromising an Android based smartphone by targeting the underlying Linux kernel. We adopt an unorthodox bottom-up approach on modifying the operat- ing system to allow an application to re-route the Android debug bridge (ADB) daemon onto a wireless link. We support our research using case scenarios to show how information can be extracted and inserted into the smartphone without the knowledge of the user. We discuss how the Android build environment can be changed to harness functionality from secured operations. We also discuss how an application can be designed to function with minimum resources, be hidden and perform operations without user consent or interaction. We also provide an overview of how a rooted Android operating system can be misused. |
| Freie Schlagworte: | Secure Services |
| ID-Nummer: | TUD-CS-2011-0278 |
| Fachbereich(e)/-gebiet(e): | LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt LOEWE > LOEWE-Zentren LOEWE |
| Hinterlegungsdatum: | 30 Dez 2016 20:23 |
| Letzte Änderung: | 30 Mai 2018 12:53 |
| PPN: | |
| Zugehörige Links: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum