Add to collection(s) Add to saved
  1. Arts & Humanities
  2. Communications
  3. Advertising

Stealthy Video Capturer: Video-based Spyware in 3G Smartphones

advertisement 
Stealthy Video Capturer: Videobased Spyware in 3G Smartphones
Stefan Maurer
Liz Ellis
Why secure Smartphones?
• Increasing public usage
– More people buying and using Smartphones
– (insert statistic here)
• Smartphones are incredibly mobile
– Access to the most private moments
– Intimate details about habits/lifestyle revealed
Introduction to SVC
• Allows hackers to have control of camera
• Records and sends video to a third party over
an internet connection through the phone
• Three phases:
– Install SVC without device owner’s knowledge
– Collect video
– Send files to hacker
Infection
• Trojan horse attached to tic-tac-toe game
• Binary executable file of SVC attached as
resource file of game
• After compilation, creates executable codes of
SVC
• When game is executed, SVC attaches itself
independently and continues running even
after game is closed.
Application Layer
• 3 modules
• Video capture
– Takes chare of camera
• File sending
– Sends data to hacker
• Triggering algorithm
– Dynamic control module
– Determines the right time to run other modules
“Stealthiness” and acquiring info
• Which is more important for the SVC intender
• “Stealthiness” – term used by team
– Device owner should not know program is running
– Team focuses on this
– 3 aspects: power, CPU usage, and memory
• Information acquisition
– Sometimes, more important to get all info than
not get caught (crime scene/contracts signed)
• Scenario decides triggering algorithm!
Triggering Algorithm
•
•
•
•
2 parts: capture and sending
Should change based on practical application!
Main challenge: when to capture/send?
CeSetUserNotificationEx()
– Allows spyware to record even when phone is idle
• Uses Windows Mobile API to gather more info
– Power, CPU status, phone dialing, etc.
– Device owner should have little suspicion
SVC Architecture
When to Capture/Send?
• Both use specifications from API
• Examples:
– Power level between 20%-80%
– CPU usage should be no more than 50%
– Device owner talking on phone: capture
– Connection to internet (WiFi/Bluetooth): sending
• If there is knowledge about victim, can use
living habits to determine when to record
– Ex: businessman having important weekly
conference
Video Capture Module
• Called by triggering algorithm
• Phases:
– Open camera and take video
– Determine whether images are static or dynamic
– If dynamic images, compress and store
• If images are static, process terminates
– Pictures of inside of pocket are not useful
• Files are hidden on the disk in hidden and
unused folders
Video Capture Flow
How to Access Camera
• Native API has little customizability
– Can access camera, but no flexibility (frame rate,
file format, etc.)
• Access and build filter manually with software
• Several COM controllers developed
– Enable modifications of encoding and file formats
– Video Encoder and Custom Format File Render
Data Compression
• Data compression: large files are easy to
detect and hard to send
• H.263 is used to compress files
– Many Smartphones use hardware for
compression, which is inaccessible
– Software compression is used instead
– Lower compression rate but less CPU cycles than
H.264
File Sending
• Need a wireless connection
– WiFi / Internet
– Bluetooth
– 3G Network
• Some delay between capture and sending is
acceptable (real-time not mandatory)
• Use transmissions that are free of charge (unlike
MMS)
• Several methods considered: MMS, FTP,
streaming
File Sending cont.
• Prefer ability to use any wireless connections
• Video files are generally large
– Segment into portions, and send individually
• Email is ideal
– easily customizable, free, uniformly supported,
flexible in syntax/size
Results
• O2 XDA Flame chosen for testing
– Windows Mobile 5.0 OS
• Evaluation of stealthiness
– CPU, memory, and power consumption
• Four states
– J1: SVC running with backlight off
– J2: Camera operational, but recording
– J3: Recording Video and compression
– J4: Sending File to the intended viewer
Power/CPU Consumption
Results cont.
• Memory usage is almost constant
– SVC uses less than WMP (relevance?)
• J3 uses a large amount of power and CPU
• Due primarily to the complexities of the
compressions algorithm
• Performance of SVC can be greatly improved using a
better compression algorithm
Author's Opinions
• Making SVC smarter
– More intelligent triggering algorithm
• Monitor user's living patterns
– Exploit image recognition to capture video
• Resistant to Anti-Virus
– AV is useless against new viruses/spyware
• Security of Phones
– Low default security settings on smartphones
– Biggest Vulnerability: People are stupid
Our Opinions
• Windows Media Player?
• What if the user does not use WiFi/Bluetooth
frequently?
• CPU consumption of J3
• When does J4 send the files?
– Large CPU consumption
Work Cited
• Xu, N., Zhang, F., Luo, Y., Jia, W., Xuan, D., and Teng, J. 2009.
Stealthy video capturer: a new video-based spyware in 3G
smartphones. In Proceedings of the Second ACM Conference
on Wireless Network Security (Zurich, Switzerland, March 1619, 2009). WiSec '09. ACM, New York, NY, 69- ‐78.
Related documents
SVC Syndrome
SVC Syndrome
here - WordPress.com
here - WordPress.com
CENTRAL PROCESSING UNIT
CENTRAL PROCESSING UNIT
Smartphones and teenagers, threat or opportunity
Smartphones and teenagers, threat or opportunity
JBS presentation - CBS e
JBS presentation - CBS e
Lecture1.1 (文型)
Lecture1.1 (文型)
Unlimited Data Get when you have AT&T Wireless s
Unlimited Data Get when you have AT&T Wireless s
Anesthesia Management of Mediastinal Masses
Anesthesia Management of Mediastinal Masses
PowerPoint Presentation - Agenda
PowerPoint Presentation - Agenda
CH01-COA9e
CH01-COA9e
Analyzing the Energy Efficiency of a Database Server D
Analyzing the Energy Efficiency of a Database Server D
SVC Donor Scholarship Funds - Society of Vacuum Coaters
SVC Donor Scholarship Funds - Society of Vacuum Coaters
Download
advertisement