Dangerous Wi-Fi access point: attacks to benign smartphone applications

详细信息    查看全文

• 作者：Min-Woo Park (1)
  Young-Hyun Choi (1)
  Jung-Ho Eom (2)
  Tai-Myoung Chung (3)
  
• 关键词：Security of smartphone application ; Wireless security ; Man ; in ; the ; middle attack ; Smartphone and ubiquitous computing
• 刊名：Personal and Ubiquitous Computing
• 出版年：2014
• 出版时间：August 2014
• 年：2014
• 卷：18
• 期：6
• 页码：1373-1386
• 全文大小：6,072 KB
• 参考文献：1. Weiser M (1991) The computer for the 21st century. Sci Am 265(3):94鈥?04 CrossRef
  2. Mattern F (2001) The vision and technical foundations of ubiquitous computing. Upgrade 2(5):3鈥?
  3. Rogers Y (2005) Moving on from Weiser鈥檚 vision of calm computing: engaging UbiComp experiences. In: proceedings of UbiComp 2005. Springer, NY, pp 404鈥?21
  4. Leem CS, Jeon NJ, Choi JH, Shin HG (2005) A business model (BM) development methodology in ubiquitous computing environments. In: proceeding of ICCSA 2005. LNCS 3483:86鈥?5
  5. Kang BH (2007) Ubiquitous computing environment threats and defensive measures. IJMUE 2(1):47鈥?0
  6. Poslad S (2009) Ubiquitous computing: smart devices, environments and interactions. Wiley, New York, pp 3鈥?3
  7. Baldauf M, Dustdar S, Rosenberg F (2007) A survey on context-aware system. Int J Ad Hoc Ubiquit Comput 2(4):263鈥?77 CrossRef
  8. Android Official Blog. Google play hits 25 billion downloads. http://officialandroid.blogspot.kr/2012/09/google-play-hits-25-billion-downloads.html
  9. Barkuus L, Polichar VE (2011) Empowerment through seamfulness: smart phones in everyday life. Pers Ubiquit Comput 15(6):629鈥?39 CrossRef
  10. Bell G, Dourish P (2007) Yesterday鈥檚 tomorrows: notes on ubiquitous computing鈥檚 dominant vision. Pers Ubiquit Comput 11(2):133鈥?43 CrossRef
  11. Campbell A, Choudhury T (2012) From smart to cognitive phones. IEEE Pervasive Comput 11(3):7鈥?1 CrossRef
  12. Gr酶nli T, Chinea G, Younas M (2013) Context-aware and automatic configuration of mobile devices in cloud-enabled ubiquitous computing. Pers Ubiquit Comput
  13. Ballagas R, Borchers J, Rohs M, Sheridan JG (2006) The smart phone: a ubiquitous input device. IEEE Pervasive Comput 5(1):70鈥?7 CrossRef
  14. Roussos G, Marsh AJ, Maglavera S (2005) Enabling pervasive computing with smart phones. IEEE Pervasive Comput 4(2):20鈥?7
  15. Orthacker C, Teufl P, Kraxberger S, Lackner G, Gissing M, Marsalek A, Leibetseder J, Prevenhueber O (2012) Android security permissions鈥攃an we trust them? In: proceeding of MOBISEC 2011. LNICST 94:40鈥?1
  16. Felt AP, Chin E, Hanna S, Song D, Wagner D (2011) Android permissions demystified. In: proceeding of CCS鈥?1, pp 627鈥?38
  17. Felt AP, Ha E, Egelman S, Haney A, Chin E, Wagner D (2012) Android permissions: user attention, comprehension, and behavior. In: proceeding of SOUPS 2012
  18. Nauman M, Khan S, Zhang X (2010) Apex: extending android permission model and enforcement with user-defined runtime constraints. In: proceeding of ASIACCS鈥?0, pp 328鈥?32
  19. Barrera D, Kayacik H (2010) A methodology for empirical analysis of permission-based security models and its application to android. In: proceeding of CCS鈥?0, pp 73鈥?4
  20. Zhongyang Y, Xin Z, Mao B, Xie L (2013) DroidAlarm: an all-sided static analysis tool for android privilege-escalation malware. In: proceeding of ASIACCS鈥?3, pp 353鈥?58
  21. Bugiel S, Davi L, Dmitrienko A, Fischer T, Sadeghi A, Shastry B (2012) Towards taming privilege-escalation attacks on android. In: proceeding of NDSS 2012
  22. Chin E, Felt AP, Greenwood K, Wanger D (2011) Analyzing inter-application communication in android. In: proceeding of MobiSys鈥?1, pp 239鈥?52
  23. Wireless Geographic Logging Engine. http://wigle.net/gpsopen/gps/GPSDB/, Sep 2013
  24. Gruteser M, Grunwald D (2004) A methodological assessment of location privacy risks in wireless hotspot network. In: proceeding of SPC 2003. LNCS 2802:10鈥?4
  25. Callegati F, Cerroni W, Ramilli M (2009) Man-in-the-middle attack to the HTTPS protocol. IEEE Secur Priv 7(1):78鈥?1
  26. Ariyapperuma S, Mitchell CJ (2007) Security vulnerabilities in DNS and DNSSEC. In: proceeding of ARES鈥?7
  27. Zafft A, Agu E (2012) Malicious WiFi networks: a first look. In: proceeding of SICK 2012 pp 1038鈥?043
  28. Aime MD, Calandriello G, Lioy A, Torino PD (2012) Dependability in wireless networks: can we rely on WiFi? IEEE Secur Priv 5(1):23鈥?9
  29. Godber A, Dasgupta P (2003) Countering rogues in wireless networks. In: proceeding of ICPPW鈥?3
  30. Nikbakhsh S, Manaf ABA, Zamani M, Jangeglou M (2012) A nobel approach for rogue access point detection on the client-side. In: proceeding of WAINA鈥?2, pp 684鈥?87
  31. Hwang H, Jung G, Sohn K, Park S (2008) A study on MITM (Man in the Middle) vulnerability in wireless network using 802.1X and EAP. In: proceeding of ICISS鈥?8, pp 164鈥?70
  32. Georgiev M, Lyengar S, Jana S (2012) The most dangerous code in the world: validating SSL certificates in non-browser software. In: proceeding of CCS鈥?2
  33. Lee DH, Kim JG (2013) IKEv2 authentication exchange model and performance analysis in mobile IPv6 networks. Pers Ubiquit Comput
  34. Wang J, Herath T, Chen R, Vishwanath A, Rao HR (2012) Phishing susceptibility: an investigation into the processing of a targeted spear phishing Email. IEEE Tran Prof Commun 55(4):345鈥?62
  35. Test application 1, tails?id=com.andromedagames.schoolrun" class="a-plus-plus">https://play.google.com/store/apps/details?id=com.andromedagames.schoolrun
  36. Test application 2. tails?id=air.com.cjenm.mpang.gp" class="a-plus-plus">https://play.google.com/store/apps/details?id=air.com.cjenm.mpang.gp
  37. Test application 3. tails?id=com.marvel.runjumpsmashforkakaotalk_goo" class="a-plus-plus">https://play.google.com/store/apps/details?id=com.marvel.runjumpsmashforkakaotalk_goo
  38. Test application 4. tails?id=com.pnixgames.sports" class="a-plus-plus">https://play.google.com/store/apps/details?id=com.pnixgames.sports
  39. Test application 5. tails?id=com.cjenm.monster" class="a-plus-plus">https://play.google.com/store/apps/details?id=com.cjenm.monster
  40. WebView. http://developer.android.com/reference/android/webkit/WebView.html
  
• 作者单位：Min-Woo Park (1)
  Young-Hyun Choi (1)
  Jung-Ho Eom (2)
  Tai-Myoung Chung (3)
  
  1. Department of Electrical and Computer Engineering, Sungkyunkwan University, 300 Cheoncheon-dong, Jangan-gu, Suwon-si, Gyeonggi-do, Korea
  2. Military Studies, Taejeon University, 62 Daehakro, Dong-Gu, Daejeon, Korea
  3. Department of Software, Sungkyunkwan University, 300 Cheoncheon-dong, Jangan-gu, Suwon-si, Gyeonggi-do, Korea
  
• ISSN：1617-4917

文摘

Personalization by means of third party application is one of the greatest advantages of smartphones. For example, when a user looks for a path to destination, he can download and install a navigation application with ease from official online market such as Google Play and Appstore. Such applications require an access to the Internet, and most users prefer Wi-Fi networks which are free to use, to mobile networks which cost a fee. For this reason, when they have no access to free Wi-Fi networks, most smartphone users choose to try to use unknown Wi-Fi access points (AP). However, this can be highly dangerous, because such unknown APs are sometimes installed by an adversary with malicious intentions such as stealing information or session hijacking. Today, smartphones contains all kinds of personal information of the users including e-mail address, passwords, schedules, business document, personal photographs, etc., making them an easy target for malicious users. If an adversary takes smartphone, he will get all of information of the users. For this reason, smartphone security has become very important today. In wireless environments, malicious users can easily eavesdrop on and intervene in communication between an end-user and the internet service providers, meaning more vulnerability to man-in-the-middle attacks. In this paper, we try to reveal the risk of using unknown APs by presenting demonstration results. The testbed is composed of two smartphones, two APs, and one server. The compromised AP forwards messages of victim smartphone to the fake server by using domain name system spoofing. Thus, the application that is running on the victim smartphone transfers HTTP request to the fake server. As a result, this application displays the abnormal pop-up advertisement, which contains malicious codes and links. Our demonstration shows that merely connecting to compromise APs can make a malicious behavior even the applications are benign.