Construction and Mitigation of User-Behavior-Based Covert Channels on Smartphones

摘要

To protect user privacy, many smartphone systems adopt the permission-based mechanism in which a user can evaluate the risk of requests for private information from a mobile app before installing it. However, recent studies show that the permission based mechanism is vulnerable to application collusion attacks because two apps, which appear to be harmless individually, can establish a covert channel and use it to leak confidential information. Consequently, people have designed some covert channel detection schemes, by checking abnormal status of the phone. In this paper, we point out that existing covert channel detection schemes may fail to detect a new type of collusion attacks referred as user-behavior-based covert channels. We implement three covert channels on Android smartphones. Our work sets a new alarm for the security issue of using smartphones. We then study the countermeasures to this new type of covert channels. Instead of trying to directly detect the proposed new type of covert channels, we propose two mitigation solutions to reduce the effectiveness of such covert channels. The mitigation solutions are also valid to other existing sensor-based side channels and/or covert channels on the phone.