Enhancing Stealthiness #x0026; Efficiency of Android Trojans and Defense Possibilities (EnSEAD) - Android's Malware Attack, Stealthiness and Defense: An Improvement

摘要

In this work, we have studied Android Architecture from a security point of view. We have studied various defense mechanisms that are present in current Android Platform or are recently proposed. We took inspiration from Sound comber -- a recent Android Trojan that steals sensitive information using various techniques. We enhanced the capabilities of Sound comber in terms of its stealthiness and efficiency in malicious communication by identifying new covert channel and incorporating basic compression. We then developed a new Android Trojan -- Contact Archiver (steals user contacts) which inherits properties from Sound comber, i.e. uses few and innocuous permissions, circumvents already-known security defenses, conveys information remotely without direct network access plus incorporates enhancements proposed by us. We also propose some defense possibilities to detect Contact Archiver covert communication. Our future work will be to block security attacks performed using our enhancements, when they are used in any Android malware.