A Completely Covert Audio Channel in Android

Author

Sukanya Thakur, San Jose State University

Publication Date

Fall 2015

Degree Type

Master's Project

Degree Name

Master of Science (MS)

Department

Computer Science

Abstract

Exfilteration of private data is a potential security threat against mobile devices. Previous research concerning such threats has generally focused on techniques that are only valid over short distances (NFC, Bluetooth, electromagnetic emanations, and so on). In this research, we develop and analyze an exfilteration attack that has no distance limitation. Specifically, we take advantage of vulnerabilities in Android that enable us to covertly record and exfilterate a voice call. This paper presents a successful implementation of our attack, which records a call (both uplink and downlink voice streams), and inaudibly transmits the recorded voice over a subsequent inaudible call, without any visual or audio indication given to the victim. We provide a detailed analysis of our attack, and we suggest possible counter measures to thwart similar attacks.

Recommended Citation

Thakur, Sukanya, "A Completely Covert Audio Channel in Android" (2015). Master's Projects. 582.
DOI: https://doi.org/10.31979/etd.ynyu-4dt4
https://scholarworks.sjsu.edu/etd_projects/582