Function escalation attack

Chen Cao, Yuqing Zhang, Qixu Liu, Kai Wang

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

The prevalence of smartphone makes it more important in people’s business and personal life which also helps it to be a target of the malware. In this paper, we introduce a new kind of attack called Function Escalation Attack which obtains functions locally or remotely. We present three threat models: Steganography, Collusion Attack and Code Abusing. A vulnerability in Android filesystem which is used in code abusing threat model is exposed as well. Three proof-of-concept malicious apps are implemented for each threat model. They could bypass static analysis and dynamic analysis. The result shows that function escalation attack could successfully perform malicious tasks such as taking pictures, recording audio and so on.

Original languageEnglish (US)
Title of host publicationLecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
PublisherSpringer Verlag
Pages481-497
Number of pages17
DOIs
StatePublished - Jan 1 2015

Publication series

NameLecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
Volume152
ISSN (Print)1867-8211

Fingerprint

Audio recordings
Steganography
Smartphones
Static analysis
Application programs
Dynamic analysis
Industry
Malware

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications

Cite this

Cao, C., Zhang, Y., Liu, Q., & Wang, K. (2015). Function escalation attack. In Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST (pp. 481-497). (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST; Vol. 152). Springer Verlag. https://doi.org/10.1007/978-3-319-23829-6_33
Cao, Chen ; Zhang, Yuqing ; Liu, Qixu ; Wang, Kai. / Function escalation attack. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST. Springer Verlag, 2015. pp. 481-497 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST).
@inbook{150f15f8c36e4706a3f1d505d96f0b6a,
title = "Function escalation attack",
abstract = "The prevalence of smartphone makes it more important in people’s business and personal life which also helps it to be a target of the malware. In this paper, we introduce a new kind of attack called Function Escalation Attack which obtains functions locally or remotely. We present three threat models: Steganography, Collusion Attack and Code Abusing. A vulnerability in Android filesystem which is used in code abusing threat model is exposed as well. Three proof-of-concept malicious apps are implemented for each threat model. They could bypass static analysis and dynamic analysis. The result shows that function escalation attack could successfully perform malicious tasks such as taking pictures, recording audio and so on.",
author = "Chen Cao and Yuqing Zhang and Qixu Liu and Kai Wang",
year = "2015",
month = "1",
day = "1",
doi = "10.1007/978-3-319-23829-6_33",
language = "English (US)",
series = "Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST",
publisher = "Springer Verlag",
pages = "481--497",
booktitle = "Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST",
address = "Germany",

}

Cao, C, Zhang, Y, Liu, Q & Wang, K 2015, Function escalation attack. in Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, vol. 152, Springer Verlag, pp. 481-497. https://doi.org/10.1007/978-3-319-23829-6_33

Function escalation attack. / Cao, Chen; Zhang, Yuqing; Liu, Qixu; Wang, Kai.

Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST. Springer Verlag, 2015. p. 481-497 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST; Vol. 152).

Research output: Chapter in Book/Report/Conference proceedingChapter

TY - CHAP

T1 - Function escalation attack

AU - Cao, Chen

AU - Zhang, Yuqing

AU - Liu, Qixu

AU - Wang, Kai

PY - 2015/1/1

Y1 - 2015/1/1

N2 - The prevalence of smartphone makes it more important in people’s business and personal life which also helps it to be a target of the malware. In this paper, we introduce a new kind of attack called Function Escalation Attack which obtains functions locally or remotely. We present three threat models: Steganography, Collusion Attack and Code Abusing. A vulnerability in Android filesystem which is used in code abusing threat model is exposed as well. Three proof-of-concept malicious apps are implemented for each threat model. They could bypass static analysis and dynamic analysis. The result shows that function escalation attack could successfully perform malicious tasks such as taking pictures, recording audio and so on.

AB - The prevalence of smartphone makes it more important in people’s business and personal life which also helps it to be a target of the malware. In this paper, we introduce a new kind of attack called Function Escalation Attack which obtains functions locally or remotely. We present three threat models: Steganography, Collusion Attack and Code Abusing. A vulnerability in Android filesystem which is used in code abusing threat model is exposed as well. Three proof-of-concept malicious apps are implemented for each threat model. They could bypass static analysis and dynamic analysis. The result shows that function escalation attack could successfully perform malicious tasks such as taking pictures, recording audio and so on.

UR - http://www.scopus.com/inward/record.url?scp=84948130162&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84948130162&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-23829-6_33

DO - 10.1007/978-3-319-23829-6_33

M3 - Chapter

AN - SCOPUS:84948130162

T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST

SP - 481

EP - 497

BT - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST

PB - Springer Verlag

ER -

Cao C, Zhang Y, Liu Q, Wang K. Function escalation attack. In Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST. Springer Verlag. 2015. p. 481-497. (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST). https://doi.org/10.1007/978-3-319-23829-6_33