Research finds new channels to trigger mobile malware

May 16, 2013
Research finds new channels to trigger mobile malware

(Phys.org) —Researchers at the University of Alabama at Birmingham (UAB) have uncovered new hard-to-detect methods that criminals may use to trigger mobile device malware that could eventually lead to targeted attacks launched by a large number of infected mobile devices in the same geographical area. Such attacks could be triggered by music, lighting or vibration.

The research, highlighted in a paper entitled "Sensing-Enabled Channels for Hard-to-Detect Command and Control of Mobile Devices," was presented May 10, 2013, at the 8th Association for Computing Machinery (ACM) Symposium on Information, Computer and (ASIACCS) in Hangzhou, China. The work was a joint collaboration between the UAB SECuRE and Trustworthy (SECRET) computing lab and the UAB Security and Privacy in Emerging computing and networking Systems (SPIES) research group.

"When you go to an arena or Starbucks, you don't expect the music to have a hidden message, so this is a big because the public sees only emails and the Internet as vulnerable to malware attacks," said Ragib Hasan, Ph.D., assistant professor of computer and and director of the SECRET computing lab. "We devote a lot of our efforts towards securing traditional communication channels. But when bad guys use such hidden and unexpected methods to communicate, it is difficult if not impossible to detect that."

A team of UAB researchers was able to trigger malware hidden in from 55 feet away in a crowded hallway using music. They were also successful, at various distances, using music videos; lighting from a television, computer monitor and overhead bulbs; vibrations from a subwoofer; and magnetic fields.

Research finds new channels to trigger mobile malware

"We showed that these can be used to send that may eventually be used to trigger a mass-signal attack," said Nitesh Saxena, Ph.D., director of the SPIES research group and assistant professor in the Center for Information Assurance and Joint Forensics Research (CIA|JFR). "While traditional networking communication used to send such triggers can be detected relatively easily, there does not seem to be a good way to detect such covert channels currently."

Researchers were able to trigger malware with a bandwidth of only five bits per second – a fraction of the bandwidth used by laptops or home computers.

Shams Zawoad, a doctoral student and graduate assistant in the SECRET computing lab presented the paper at the conference in China.

Research finds new channels to trigger mobile malware

"This kind of attack is sophisticated and difficult to build, but it will become increasingly easier to accomplish in the future as technology improves," said Zawoad. "We need to create defenses before these attacks become widespread, so it is better that we find out these techniques first and stay one step ahead."

The paper was co-authored by Zawoad's fellow UAB graduate student Dustin Rinehart, as well as Tzipora Halevi, a recent doctoral graduate from the SPIES research group. All worked closely with the directors of the two groups to thoroughly test each novel channel.

Explore further: Britain urges Russia to shut down webcam spying site

More information: PDF: students.cis.uab.edu/zawoad/paper/asia03-hasan.pdf

Related Stories

NIST updates guidance on network attacks and malware

Jul 26, 2012

Detecting and stopping malicious attacks on computer networks is a central focus of computer security these days. The National Institute of Standards and Technology (NIST) is asking for comments on two updated guides on malicious ...

Australian statistics bureau systems hacked

Apr 26, 2013

The Australian Bureau of Statistics revealed Friday it has been targeted by hackers many times, as they reportedly look to access market-sensitive information before public release.

Recommended for you

How to keep the world's eyes out of your webcam

7 hours ago

There are concerns that thousands of private webcams around the world could be streaming live images to anybody who wishes to view them – without their owner knowing – thanks to a Russian website provi ...

Britain urges Russia to shut down webcam spying site

Nov 20, 2014

A Russian website offering thousands of live feeds peering into bedrooms and offices around the world by accessing poorly secured webcams should be taken down immediately, British officials said on Thursday.

NSA Director: China can damage US power grid

Nov 20, 2014

China and "one or two" other countries are capable of mounting cyberattacks to shut down the electric grid in parts of the United States. That's according to Admiral Michael Rogers, the director of the National Security Agency ...

Some in NSA warned of a backlash

Nov 20, 2014

Current and former intelligence officials say dissenters within the National Security Agency warned in 2009 that secretly collecting American phone records wasn't providing enough intelligence to justify ...

Russia hacking site spying webcams worldwide: Britain

Nov 20, 2014

Britain's privacy watchdog on Thursday called on Russia to take down a site showing hacked live feeds from thousands of homes and businesses around the world and warned it was planning "regulatory action".

Let's Encrypt certificate authority to launch 2015

Nov 19, 2014

Web encryption for free—tough deal to turn down? After all the instances of cyberattacks, snoopers and sophisticated surveillance, encryption technology has become especially appreciated and familiar to ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.