Stealthy video capturer

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Stealthy video capturer: a new video-based spyware in 3G smartphones

Full text

Pdf (746 KB)

Source

Conference On Wireless Network Security archive
Proceedings of the second ACM conference on Wireless network security table of contents

Zurich, Switzerland

SESSION: Attacks table of contents

Pages 69-78

Year of Publication: 2009

ISBN:978-1-60558-460-7

Authors

Nan Xu	City University of Hong Kong, Hong Kong, Hong Kong
Fan Zhang	Huazhong University of Sci. & Tech. & City University of Hong Kong, Wuhan & Hong Kong, China
Yisha Luo	City University of Hong Kong, Hong Kong, Hong Kong
Weijia Jia	City University of Hong Kong, Hong Kong, Hong Kong
Dong Xuan	The Ohio State University, Columbus, OH, USA
Jin Teng	City University of Hong Kong, Hong Kong, Hong Kong

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control
ACM: Association for Computing Machinery

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 33, Downloads (12 Months): 164, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1514274.1514285 What is a DOI?

ABSTRACT

In this paper, we investigate video-based vulnerabilities in 3G Smartphones. Particularly, we design a new video-based spyware, called Stealthy Video Capturer (SVC). SVC can secretly record video information for the third party, greatly compromising Smartphone users' privacy. We implement the spyware and conduct extensive experiments on real world 3G Smartphones. Our experimental results show that the spyware can capture private video information with unremarkable power consumption, CPU and memory occupancy, hence being stealthy to Smartphone users. Moreover, SVC can naturally be resistant to almost all commercial anti-virus tools, like McAfee, Kaspersky and F-Secure mobile version. To the best of our knowledge, our work is the first one to address video-based vulnerabilities in 3G Smartphones. We expect our work will prompt serious attentions on this issue.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Canalys.com. http://www.canalys.com/pr/2008/ r2008021.htm
	2	M. Hypponen. Malware Goes Mobile. Scientific American, pp. 70--76, 2006
	3	SuperTasks. http://www.softwareandson.com/SuperTasks/
	4	Memmaid. http://www.dinarsoft.com/memmaid/
	5	Z. Cheng. Mobile Malware: Threats and Prevention. McAfee Avert @ Labs Technical White Papers, Sept., 2007.
	6	George Lawton, Is It Finally Time to Worry about Mobile Malware?, Computer, v.41 n.5, p.12-14, May 2008 [doi>10.1109/MC.2008.159]
	7	David Dagon , Tom Martin , Thad Starner, Mobile Phones as Computing Devices: The Viruses are Coming!, IEEE Pervasive Computing, v.3 n.4, p.11-15, October 2004 [doi>10.1109/MPRV.2004.21]
	8	M. Piercy. Embedded devices next on the virus target list. Electronics Systems and Software, 2(6), 42--43, 2005.
	9	Newest Electronic Threat: Mobile Spyware. http://www.nospysoftware.com/spyware--news/spyware--adware--mobile.php
	10	FlexiSPY Mobile Spyware: Monitoring solution or Security Nightmare. http://www.informit.com/articles/article.aspx?p=1185592
	11	Hidden Camera Threat Display. http://research.sunbelt-software.com/
	12	Jerry Cheng , Starsky H.Y. Wong , Hao Yang , Songwu Lu, SmartSiren: virus detection and alert for smartphones, Proceedings of the 5th international conference on Mobile systems, applications and services, June 11-13, 2007, San Juan, Puerto Rico [doi>10.1145/1247660.1247690]
	13	Abhijit Bose , Xin Hu , Kang G. Shin , Taejoon Park, Behavioral detection of malware on mobile handsets, Proceeding of the 6th international conference on Mobile systems, applications, and services, June 17-20, 2008, Breckenridge, CO, USA [doi>10.1145/1378600.1378626]
	14	Hahnsang Kim , Joshua Smith , Kang G. Shin, Detecting energy-greedy anomalies and mobile malware variants, Proceeding of the 6th international conference on Mobile systems, applications, and services, June 17-20, 2008, Breckenridge, CO, USA [doi>10.1145/1378600.1378627]
	15	Chris Fleizach , Michael Liljenstam , Per Johansson , Geoffrey M. Voelker , Andras Mehes, Can you infect me now?: malware propagation in mobile phone networks, Proceedings of the 2007 ACM workshop on Recurring malcode, November 02-02, 2007, Alexandria, Virginia, USA [doi>10.1145/1314389.1314402]
	16	Roberto Perdisci , Andrea Lanzi , Wenke Lee, McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables, Proceedings of the 2008 Annual Computer Security Applications Conference, p.301-310, December 08-12, 2008 [doi>10.1109/ACSAC.2008.22]
	17	Artem Dinaburg , Paul Royal , Monirul Sharif , Wenke Lee, Ether: malware analysis via hardware virtualization extensions, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA [doi>10.1145/1455770.1455779]
	18	Monirul Sharif , Vinod Yegneswaran , Hassen Saidi , Phillip Porras , Wenke Lee, Eureka: A Framework for Enabling Static Malware Analysis, Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security, October 06-08, 2008, Málaga, Spain [doi>10.1007/978-3-540-88313-5_31]
	19	Guofei Gu , Phillip Porras , Vinod Yegneswaran , Martin Fong , Wenke Lee, BotHunter: detecting malware infection through IDS-driven dialog correlation, Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, p.1-16, August 06-10, 2007, Boston, MA
	20	Collin Mulliner , Giovanni Vigna, Vulnerability Analysis of MMS User Agents, Proceedings of the 22nd Annual Computer Security Applications Conference, p.77-88, December 11-15, 2006 [doi>10.1109/ACSAC.2006.55]
	21	C. Mulliner, G. Vigna, D. Dagon and W. Lee. Using Labeling to Prevent Cross--Service Attacks Against Smart Phones. In Proc. of DIMVA'06, 91--108, 2006.
	22	Paul Royal , Mitch Halpin , David Dagon , Robert Edmonds , Wenke Lee, PolyUnpack: Automating the Hidden-Code Extraction of Unpack-Executing Malware, Proceedings of the 22nd Annual Computer Security Applications Conference, p.289-300, December 11-15, 2006 [doi>10.1109/ACSAC.2006.38]
	23	Guobin Shen , Yanlin Li , Yongguang Zhang, MobiUS: enable together-viewing video experience across two mobile devices, Proceedings of the 5th international conference on Mobile systems, applications and services, June 11-13, 2007, San Juan, Puerto Rico [doi>10.1145/1247660.1247667]
	24	R. Racic, D. Ma and H. Chen. Exploiting MMS Vulnerabilities to Stealthily Exhaust Mobile Phone's Battery. In Proc. of Securecomm and Workshops, 1--10, 2006.
	25	Patrick Traynor , William Enck , Patrick McDaniel , Thomas La Porta, Mitigating attacks on open functionality in SMS-capable cellular networks, Proceedings of the 12th annual international conference on Mobile computing and networking, September 23-29, 2006, Los Angeles, CA, USA [doi>10.1145/1161089.1161111]
	26	New Cabir Worms Target Mobile Phones: http://www.viruslist.com/en/analysis?pubid=200119916
	27	Security Model for Windows Mobile 5.0 and Windows Mobile 6. http://www.microsoft.com/technet/solutionaccelerators/mobile/maintain/SecModel/aff7cf7f-0e11-4ef4-8626--f33bd969b35a.mspx?mfr=true
	28	A. Ranjan. Using a Camera with Windows Mobile 5. http://www.developer.com/ws/pc/article.php/10947_ 3621211_1,July 21,2006