Anis Bkakria, M. Graa, N. Cuppens-Boulahia, F. Cuppens, Jean-Louis Lanet
{"title":"Android智能手机活动劫持攻击的实时检测和反应(短论文)","authors":"Anis Bkakria, M. Graa, N. Cuppens-Boulahia, F. Cuppens, Jean-Louis Lanet","doi":"10.1109/PST.2017.00037","DOIUrl":null,"url":null,"abstract":"Most Android users are required to communicate sensitive data (passwords, usernames, security codes, and credit card numbers) with applications. Hacker can launch phishing attacks to compromise user data confidentiality. He/She stealthily injects into the foreground a hijacking Activity at the right timing to acquire private information. In this paper, we propose an effective approach that uses the similarity between launched Activities in order to detect and reacts to hijacking attacks during runtime time. We demonstrate the effectiveness of our solution by quantifying the number of false positives that can be generated by our system. We observe that, in the worst case, our solution generates 4.2% of false positives and incurs only 0.39% performance overhead on a CPU-bound micro-benchmark.","PeriodicalId":405887,"journal":{"name":"2017 15th Annual Conference on Privacy, Security and Trust (PST)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Real-Time Detection and Reaction to Activity Hijacking Attacks in Android Smartphones (Short Paper)\",\"authors\":\"Anis Bkakria, M. Graa, N. Cuppens-Boulahia, F. Cuppens, Jean-Louis Lanet\",\"doi\":\"10.1109/PST.2017.00037\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Most Android users are required to communicate sensitive data (passwords, usernames, security codes, and credit card numbers) with applications. Hacker can launch phishing attacks to compromise user data confidentiality. He/She stealthily injects into the foreground a hijacking Activity at the right timing to acquire private information. In this paper, we propose an effective approach that uses the similarity between launched Activities in order to detect and reacts to hijacking attacks during runtime time. We demonstrate the effectiveness of our solution by quantifying the number of false positives that can be generated by our system. We observe that, in the worst case, our solution generates 4.2% of false positives and incurs only 0.39% performance overhead on a CPU-bound micro-benchmark.\",\"PeriodicalId\":405887,\"journal\":{\"name\":\"2017 15th Annual Conference on Privacy, Security and Trust (PST)\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 15th Annual Conference on Privacy, Security and Trust (PST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PST.2017.00037\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 15th Annual Conference on Privacy, Security and Trust (PST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PST.2017.00037","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Real-Time Detection and Reaction to Activity Hijacking Attacks in Android Smartphones (Short Paper)
Most Android users are required to communicate sensitive data (passwords, usernames, security codes, and credit card numbers) with applications. Hacker can launch phishing attacks to compromise user data confidentiality. He/She stealthily injects into the foreground a hijacking Activity at the right timing to acquire private information. In this paper, we propose an effective approach that uses the similarity between launched Activities in order to detect and reacts to hijacking attacks during runtime time. We demonstrate the effectiveness of our solution by quantifying the number of false positives that can be generated by our system. We observe that, in the worst case, our solution generates 4.2% of false positives and incurs only 0.39% performance overhead on a CPU-bound micro-benchmark.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
