Upload File

malicious for android smartphones dialer for android... · malicious dialer for android smartphones...

  • Home
  • Documents
  • Malicious For Android Smartphones Dialer For Android... · Malicious Dialer For Android Smartphones Team members: Dina Atia, 100020242 Fatma Mohamed, 100020254 Mervat Hafez, 100020292
11
Malicious Dialer F or Android Smartphones Team members: Dina Atia, 100020242 Fatma Mohamed, 100020254 Mervat Hafez, 100020292 Supervised by: Dr. Hadi Otrok SECURE ABU DHABI CONFERENCE 2013

Upload: others

Post on 10-Oct-2020

7 views

Category:

Documents


1 download

Report

TRANSCRIPT

Page 1: Malicious For Android Smartphones Dialer For Android... · Malicious Dialer For Android Smartphones Team members: Dina Atia, 100020242 Fatma Mohamed, 100020254 Mervat Hafez, 100020292

Malicious Dialer For Android Smartphones

Team members: Dina Atia, 100020242

Fatma Mohamed, 100020254Mervat Hafez, 100020292

Supervised by: Dr. Hadi Otrok

SECURE ABU DHABI CONFERENCE 2013

Page 2: Malicious For Android Smartphones Dialer For Android... · Malicious Dialer For Android Smartphones Team members: Dina Atia, 100020242 Fatma Mohamed, 100020254 Mervat Hafez, 100020292

Problem Statement• Android is based on kernel Linux • Open Android Market• Unhardened Vulnerabilities (Ex. USSD) 

Motivation• Build a new malware that can be hidden inside a well known application.

• Propose unexpected scenarios that can’t be predicted by the user.

SECURE ABU DHABI CONFERENCE 2013

Page 3: Malicious For Android Smartphones Dialer For Android... · Malicious Dialer For Android Smartphones Team members: Dina Atia, 100020242 Fatma Mohamed, 100020254 Mervat Hafez, 100020292

What is the Malicious Android Dialer?

• Dialer Application in Android market.• Detect special sequences and make different actions.

SECURE ABU DHABI CONFERENCE 2013

Page 4: Malicious For Android Smartphones Dialer For Android... · Malicious Dialer For Android Smartphones Team members: Dina Atia, 100020242 Fatma Mohamed, 100020254 Mervat Hafez, 100020292

Malicious Android Dialer Features

• Stealing voucher cards : Du Telecommunication company Detect “*13” Send an Email with the card number when call                   

button is pressed Add a digit to the card number                                             to make it invalid

SECURE ABU DHABI CONFERENCE 2013

Page 5: Malicious For Android Smartphones Dialer For Android... · Malicious Dialer For Android Smartphones Team members: Dina Atia, 100020242 Fatma Mohamed, 100020254 Mervat Hafez, 100020292

Figure 1: The malicious application is invoked whenever the user is trying to make a call

Figure 2: The malicious application in standby mode

SECURE ABU DHABI CONFERENCE 2013

Page 6: Malicious For Android Smartphones Dialer For Android... · Malicious Dialer For Android Smartphones Team members: Dina Atia, 100020242 Fatma Mohamed, 100020254 Mervat Hafez, 100020292

Figure 2: The user enters the sequence number of the voucher card using our malicious application

Figure 4a: When the sequence is detected:

a) Add a number to card before dialing to have an invalid voucher card

SECURE ABU DHABI CONFERENCE 2013

Page 7: Malicious For Android Smartphones Dialer For Android... · Malicious Dialer For Android Smartphones Team members: Dina Atia, 100020242 Fatma Mohamed, 100020254 Mervat Hafez, 100020292

Figure 4b: When the sequence is detected:

b) Send an email to the attacker with the sequence number

SECURE ABU DHABI CONFERENCE 2013

Page 8: Malicious For Android Smartphones Dialer For Android... · Malicious Dialer For Android Smartphones Team members: Dina Atia, 100020242 Fatma Mohamed, 100020254 Mervat Hafez, 100020292

Malicious Android Dialer Features

• USSD (Unstructured Supplementary Service Data) : Used to exchange information Enclosed between (*) and (#) 

SECURE ABU DHABI CONFERENCE 2013

Page 9: Malicious For Android Smartphones Dialer For Android... · Malicious Dialer For Android Smartphones Team members: Dina Atia, 100020242 Fatma Mohamed, 100020254 Mervat Hafez, 100020292

Figure 5: The user enters a phone number starting with “056”

Figure 6: The USSD code is executed when the sequence is detected 

SECURE ABU DHABI CONFERENCE 2013

Page 10: Malicious For Android Smartphones Dialer For Android... · Malicious Dialer For Android Smartphones Team members: Dina Atia, 100020242 Fatma Mohamed, 100020254 Mervat Hafez, 100020292

Security Enhancements 

• Users should pay attention to the permissions requested by any application 

• Consider the comments and reviews by other users

• The market should scan the application before uploading them to the market 

• Android manufacturer shouldn’t accept any codes between * and #.

SECURE ABU DHABI CONFERENCE 2013

Page 11: Malicious For Android Smartphones Dialer For Android... · Malicious Dialer For Android Smartphones Team members: Dina Atia, 100020242 Fatma Mohamed, 100020254 Mervat Hafez, 100020292

Concluding Remarks

• Android lacks the security regulations that prevent attackers from designing malwares targeting Android platform.

• There must be a quick solution for the crucial problem of USSD codes 

SECURE ABU DHABI CONFERENCE 2013


Detection of malicious behavior in android apps through ... · In this paper, we propose a dynamic behavior inspection and anal-ysis framework for malicious behavior detection of

Quick Heal Total Security Android · Quick Heal Total Security for Android | . Web Security Excellent browsing and phishing protection by blocking malicious websites. It protects

DROIDSWAN: Detecting Malicious Android Applications Based on Static Feature Analysis

Need a Dialer? GO TalkPro Dialer Leasing

Android Softphone User - TeleVoIPS · Android SoftPhone User Guide -2- Dialer Screen From the main screen you can dial local extensions or external phone numbers, and access any of

A Smart TelePhony Platform for Visionary Telcos and ... · SIP dialer softphone for Android and iOS devices. This mobile SIP Dialer is provisioned with an array of communication features

Dialer Application Downloadable Dialer Application for iOS Devices

Lexical Mining of Malicious URLs for Classifying Android ...cse.unl.edu/~qyan/paper/Securecomm18_Lexical.pdf · Lexical Mining of Malicious URLs for Classifying Android malware Shanshan

DROIDETEC: Android Malware Detection and Malicious Code

BadBluetooth: Breaking Android Security Mechanisms via ... · BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals Fenghao Xu , Wenrui Diaoyz, Zhou

Android Malware Clustering through Malicious Payload Mining

ANDROID VOIP MOBILE DIALER

Why eve and mallory love android: an analysis of android ...ds.mathematik.uni-marburg.de/system/publications/11896/20121019_104937... · Android apps for malicious activity and detected

ADORE SOFTPHONE ANDROID TWIN MOBILE DIALER USER GUIDE · Dialer for Android phone functions a standalone platform to use the calling card facility in addition to the mobile VoIP calling

IDENTIFICATION OF MALICIOUS ANDROID …...Identification of Malicious Android Applications Using Kernel Level System Calls Dhruv Jariwala With the advancement of technology, smartphones

Bria Android Smartphone & Tablet 3.9 Release Notes...Bria 3.0 and 3.1 do not have native dialer integration; the dialer picker does NOT show up so the native dialer is always used

03 Workshop Aegis Phone Dialer & Contact Manager, Android version by Jon Azpiroz (VFE)

S-NET Connect 5.0 - Release Notes - CurvesAndroid Dialer Integration S-NET Connect Mobile 5.0 now seamlessly integrates with the Android dialer. When a user is about to make an outgoing

Android malware detection based on system call sequences ... · target of malicious attackers for its popularity and openness. The survey [13]reportsthat millions of malicious applications

CRM Based Dialer - Dialer for Call Center, Predictive

Cisco Web Dialer API Programming€¦ · Chapter 5 Cisco Web Dialer API Programming Cisco Web Dialer Components Cisco Web Dialer Servlet The Web Dialer servlet, a Java servlet, allows

Sip Termination Provider- Auto Dialer- Dialer Termination- Dialer Termination

Digital Transformation Success with Android · To that end, Android has inherent security strengths built into the platform, coupled with powerful vulnerability and malicious app

map-class dialer through modem inout...dialer voice-call dialer outgoing mega! map-class dialer accuplan dialer outgoing accu The following partial example configures BRI interface

Database Support - Divine IT · Database Support OS Support ... Layer 5 Reseller System ... Mobile and PC Dialer Mobile dialer for Symbian, Android, and iOS,

How to download iTel Mobile Dialer in Android Devices

Voip dialer for android mobile

Android FakeID - cs.bu.edugoldbe/teaching/HW55815... · Android Fake ID Android Fake ID is a vulnerability that allows malicious applications to impersonate specially trusted applications

Malicious Android Applications Risks Exploitation 33578

Going Nave: Using a Large-Scale Analysis of Android Apps ... · Android Security Mechanisms: ... • Malicious apps can use nave code to hide malicious ac)ons from stac analysis of

A3: Automatic Analysis of Android Malwarelilicoding.github.io/SA3Repo/papers/2013_zhang2013a3.pdf · (1) Analyze the typical malicious behaviors of Android malware and propose the

Execute This! Analyzing Unsafe and Malicious Dynamic … · Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications Sebastian Poeplau∗†, Yanick

Newfies dialer Auto dialer Software

Two Vulnerabilities in Android OS Kernel - Temple …xjdu/ICC_2013_Hei.pdf · Two Vulnerabilities in Android OS Kernel ... pitfall, malicious memory ... the source code of the fuzzy

Agile Cloud PBX Unique ID Smartphone Web Phonebook (iPhone, Android …€¦ · SIP, Acrobits, Agephone and Android. Once you finished downloading the dialer, register your Unique