Open Sesame! Design and Implementation of Backdoor to Secretly Unlock Android Devices
نویسندگان
چکیده
This paper presents a practical design of backdoor to permanently bypass the screen lock mechanisms on Android devices. Our design has many advantages such as difficulty in detecting backdoor, fast execution time and low power consumption. The key feature of our backdoor is remote triggering that allows the backdoor to be temporarily triggered and executed through push notification services also used by many normal applications. Furthermore, in our proof-of-concept backdoor, about 98% of 4-digit PINs and screen lock patterns were cracked within 5 seconds, and only a small amount of power was consumed. We show the stealthiness of our backdoor to effectively evade the existing malware detection tools (55 anti-virus scanners provided by VirusTotal and SandDroid).
منابع مشابه
Poster: Design of Backdoor on Android Devices
This paper presents a practical design of backdoor to permanently bypass the screen lock mechanisms (e.g., 4-digit PIN) on Android devices. 1. Our goal and assumptions We aim to give insights in designing backdoor that can be used to provide persistent access to a victim’s Android device by compromising the secret for user authentication while effectively hiding its presence from the victim. We...
متن کاملChapter 10 : An Elliptic Curve Asymmetric Backdoor in OpenSSL RSA Key Generation ∗
In this chapter we present an experimental implementation of an asymmetric backdoor in RSA key generation. The implementation is written in ANSI C. We codified what it means for an asymmetric backdoor to be secure (for the designer) in our definition of a secretly embedded trapdoor with universal protection (SETUP). The main properties of a SETUP are: (1) the complete code for the backdoor does...
متن کاملWeb Service Provisioning on Android Mobile Host
This paper discusses Web Service provisioning from Android Smart Phone. Web Service provisioning is the art of hosting and offering Web Services for Android based mobile device. This is due to advancements in mobile device manufacturing and wireless communication ability. This has changed the role of the mobile devices of Web service consumers to Web service providers. Today there is not a sing...
متن کاملChronoChat on Android
In this report I discuss my Master’s capstone project, ChronoChat-android, an implementation of the ChronoChat instant message application for Android mobile devices [7]. ChronoChat-android allows communication in a chatroom cooperatively hosted by ChronoChat clients. As in other ChronoChat implementations, chatroom participants may be connected via an NDN hub; ChronoChat-android also supports ...
متن کاملDesign and Implementation for Web Page Visualization Techniques using Android Smartphone
— SMARTPHONE has become a big issue in South Korea and worldwide. In this work we will propose techniques that display web contents according to user preference and service provider’s interest for small screen devices such as smartphones. A number of works and research have been conducted to generate suitable web contents for small screen devices. But such previous attempts have not failed to r...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- J. Internet Serv. Inf. Secur.
دوره 7 شماره
صفحات -
تاریخ انتشار 2017