{"title":"ScreenStealer:解决Android设备上的屏幕截图攻击","authors":"S. M. Muzammal, M. A. Shah","doi":"10.1109/IConAC.2016.7604942","DOIUrl":null,"url":null,"abstract":"Smartphones are ubiquitous in today's world. With the enhanced and advanced functionalities, smartphones carry a large amount of user's private and confidential data. There are numerous risks, threats, and the rise in powerfulness and effectiveness of malware attacks make smartphones more prone and vulnerable. Due to the rapid increase in Android smartphones users, demands based on new and advanced features as well as the usage ease have been lavished on developers. The Android application developers are working hard to develop innovative applications for millions of Android users around the world. In this struggle of advancement, they are seeking permissions to critical system resources, not directly offered by Android. One of the most projecting way is through ADB (Android Debug Bridge) that has been granted permissions to use critical system resources. There are many applications on Google Play Store that utilize ADB proxy to provide users with unconventional and smart features on smartphones. This paper reviews the ADB capabilities and how Internet access and ADB together allow applications to expose sensitive data of an Android smartphone device. Furthermore, a malicious Android application, `ScreenStealer', has been developed and its effects on Android-based smartphones are studied.","PeriodicalId":375052,"journal":{"name":"2016 22nd International Conference on Automation and Computing (ICAC)","volume":"248 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"ScreenStealer: Addressing Screenshot attacks on Android devices\",\"authors\":\"S. M. Muzammal, M. A. Shah\",\"doi\":\"10.1109/IConAC.2016.7604942\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Smartphones are ubiquitous in today's world. With the enhanced and advanced functionalities, smartphones carry a large amount of user's private and confidential data. There are numerous risks, threats, and the rise in powerfulness and effectiveness of malware attacks make smartphones more prone and vulnerable. Due to the rapid increase in Android smartphones users, demands based on new and advanced features as well as the usage ease have been lavished on developers. The Android application developers are working hard to develop innovative applications for millions of Android users around the world. In this struggle of advancement, they are seeking permissions to critical system resources, not directly offered by Android. One of the most projecting way is through ADB (Android Debug Bridge) that has been granted permissions to use critical system resources. There are many applications on Google Play Store that utilize ADB proxy to provide users with unconventional and smart features on smartphones. This paper reviews the ADB capabilities and how Internet access and ADB together allow applications to expose sensitive data of an Android smartphone device. Furthermore, a malicious Android application, `ScreenStealer', has been developed and its effects on Android-based smartphones are studied.\",\"PeriodicalId\":375052,\"journal\":{\"name\":\"2016 22nd International Conference on Automation and Computing (ICAC)\",\"volume\":\"248 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 22nd International Conference on Automation and Computing (ICAC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IConAC.2016.7604942\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 22nd International Conference on Automation and Computing (ICAC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IConAC.2016.7604942","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
摘要
智能手机在当今世界无处不在。随着智能手机的增强和先进的功能,携带大量的用户的私人和机密数据。有无数的风险和威胁,恶意软件攻击的强大和有效性的增加使智能手机更容易受到攻击。由于Android智能手机用户的快速增长,开发者对新功能和高级功能的需求以及易用性的要求也越来越高。Android应用程序开发人员正在努力为全球数百万Android用户开发创新的应用程序。在这场进步的斗争中,他们正在寻求关键系统资源的权限,而Android并没有直接提供这些权限。最突出的方法之一是通过ADB (Android Debug Bridge),它被授予使用关键系统资源的权限。Google Play Store上有许多应用程序利用ADB代理为用户提供智能手机上的非常规和智能功能。本文回顾了ADB功能,以及Internet访问和ADB如何一起允许应用程序暴露Android智能手机设备的敏感数据。此外,一种恶意的Android应用程序“ScreenStealer”已经被开发出来,并研究了它对基于Android的智能手机的影响。
ScreenStealer: Addressing Screenshot attacks on Android devices
Smartphones are ubiquitous in today's world. With the enhanced and advanced functionalities, smartphones carry a large amount of user's private and confidential data. There are numerous risks, threats, and the rise in powerfulness and effectiveness of malware attacks make smartphones more prone and vulnerable. Due to the rapid increase in Android smartphones users, demands based on new and advanced features as well as the usage ease have been lavished on developers. The Android application developers are working hard to develop innovative applications for millions of Android users around the world. In this struggle of advancement, they are seeking permissions to critical system resources, not directly offered by Android. One of the most projecting way is through ADB (Android Debug Bridge) that has been granted permissions to use critical system resources. There are many applications on Google Play Store that utilize ADB proxy to provide users with unconventional and smart features on smartphones. This paper reviews the ADB capabilities and how Internet access and ADB together allow applications to expose sensitive data of an Android smartphone device. Furthermore, a malicious Android application, `ScreenStealer', has been developed and its effects on Android-based smartphones are studied.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
