2015 10th International Conference on Malicious and Unwanted Software (MALWARE) (2015)
Fajardo, PR, USA
Oct. 20, 2015 to Oct. 22, 2015
Ryan Johnson , Kryptowire, Fairfax, VA 22030, USA George Mason University, Fairfax, VA 22030, USA
Mohamed Elsabagh , Kryptowire, Fairfax, VA 22030, USA
Angelos Stavrou , Kryptowire, Fairfax, VA 22030, USA; George Mason University, Fairfax, VA 22030, USA
Vincent Sritapan , Department of Homeland Security, S&T, Washington, D.C., USA
we present the implementation and impact of a wide-range of novel targeted Denial of Service (DoS) attacks on Android devices that are persistent across all recent Android platform versions. The DoS attacks can be selectively focused on denying access to device resources including microphone and camera, preventing the installation of applications, making the device unresponsive, targeting and terminating other running applications and processes, and causing a reboot cycle. To make matters worse, the attacks can be launched through regular apps that do not require a rooted device or any permissions with the exception of the attacks on the microphone and camera resources that require simple access rights. We propose and demonstrate defenses against each of these attacks showing that the security and reliability flaws identified require changes in the underlying Android source code to address them.
Androids, Humanoid robots, Cameras, Computer crime, Microphones, Software, Malware
R. Johnson, M. Elsabagh, A. Stavrou and V. Sritapan, "Targeted DoS on android: how to disable android in 10 seconds or less," 2015 10th International Conference on Malicious and Unwanted Software (MALWARE), Fajardo, PR, USA, 2015, pp. 136-143.