Vulnerability Assessment and Attack Simulation on a Rooted Android Device

2022 5th International Conference on Information and Computer Technologies (ICICT) Pub Date : 2022-03-01 DOI:10.1109/ICICT55905.2022.00024

Bryan Juville C. Ecarma, Justine Paul S. Luyon, Ma. Michelle A. Pantoja, Kent Dominic A. Quiros, Joacquin Carlo R. Sobrepeña, E. Blancaflor

{"title":"Vulnerability Assessment and Attack Simulation on a Rooted Android Device","authors":"Bryan Juville C. Ecarma, Justine Paul S. Luyon, Ma. Michelle A. Pantoja, Kent Dominic A. Quiros, Joacquin Carlo R. Sobrepeña, E. Blancaflor","doi":"10.1109/ICICT55905.2022.00024","DOIUrl":null,"url":null,"abstract":"A rooted android device is a means of unlocking the operating system, which allows any user to install unapproved programs, remove unwanted bloatware, upgrade the operating system, replace the firmware, overclock the processor, modify anything, and more. In this study, the researchers used Android 7 Nougat as an operating system seeking the security of a rooted android device. To test out the overall security of rootkits and advantages they claim to the phone itself, the group conducted penetration of a rooted android phone using the infected application, msfvenom, meterpreter, and metasploit, which resulted in successfully compromising or attacking the android phone. Despite the device being rooted, the Android 7.0 Nougat could not recognize the malicious files and did not protect the device. Though the rooting process was expected to boost the device's security due to superusers and administrative permissions, it could not prevent malicious files into the device.","PeriodicalId":273927,"journal":{"name":"2022 5th International Conference on Information and Computer Technologies (ICICT)","volume":"72 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 5th International Conference on Information and Computer Technologies (ICICT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICICT55905.2022.00024","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

A rooted android device is a means of unlocking the operating system, which allows any user to install unapproved programs, remove unwanted bloatware, upgrade the operating system, replace the firmware, overclock the processor, modify anything, and more. In this study, the researchers used Android 7 Nougat as an operating system seeking the security of a rooted android device. To test out the overall security of rootkits and advantages they claim to the phone itself, the group conducted penetration of a rooted android phone using the infected application, msfvenom, meterpreter, and metasploit, which resulted in successfully compromising or attacking the android phone. Despite the device being rooted, the Android 7.0 Nougat could not recognize the malicious files and did not protect the device. Though the rooting process was expected to boost the device's security due to superusers and administrative permissions, it could not prevent malicious files into the device.

查看原文本刊更多论文

基于Android设备的漏洞评估与攻击模拟

android设备是解锁操作系统的一种手段，它允许任何用户安装未经批准的程序，删除不需要的臃肿软件，升级操作系统，更换固件，超频处理器，修改任何东西，等等。在这项研究中，研究人员使用Android 7牛轧糖作为操作系统，以寻求Android设备的安全性。为了测试rootkit的整体安全性和他们声称的手机本身的优势，该组织使用受感染的应用程序msfvenom, meterpreter和metasploit渗透了一个根深蒂固的android手机，最终成功地破坏或攻击了android手机。尽管设备已经扎根，安卓7.0牛轧糖无法识别恶意文件，也无法保护设备。虽然由于超级用户和管理权限，root过程有望提高设备的安全性，但它无法阻止恶意文件进入设备。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2022 5th International Conference on Information and Computer Technologies (ICICT)

自引率

0.00%

发文量