Please use this identifier to cite or link to this item:
Title: Volatile memory-centric investigation of SMS-hijacked phones : a Pushbullet case study
Authors: Vella, Mark Joseph
Rudramurthy, Vishwas
Keywords: Operating systems (Computers)
Android (Electronic resource)
Computer crimes
Component software
Software engineering
Mobile computing
Issue Date: 2018
Publisher: IEEE
Citation: Vella, M., & Rudramurthy, V. (2018, September). Volatile memory-centric investigation of SMS-hijacked phones: a Pushbullet case study. In 2018 Federated Conference on Computer Science and Information Systems (FedCSIS) (pp. 607-616). IEEE.
Abstract: Cloak-and-Dagger attacks targeting Android devices can completely hijack the UI feedback loop, with one possible consequence being that of hijacking SMS functionality for cybercrime purposes. What is of particular concern is that attackers can decouple stealth activities from SMS hijacking. Consequently the latter could be pulled off using completely legitimate apps that normally would allow users to manage text messages from their personal computers (SMSonPC), but this time all hidden away under attacker control. This work proposes a digital investigation process aiming to uncover SMS-hijacked devices. It uses bytecode instrumentation in order to force the dumping of volatile memory areas where evidence for the hijack can be located. Eventually both the malware that conceals the SMS-hijacking and the compromised or smuggled SMSonPC app can be identified. Preliminary results are presented using a case study based on the popular SMSonPC app: Pushbullet.
Appears in Collections:Scholarly Works - FacICTCS

Files in This Item:
File Description SizeFormat 
  Restricted Access
570.25 kBAdobe PDFView/Open Request a copy

Items in OAR@UM are protected by copyright, with all rights reserved, unless otherwise indicated.