Research Article
Transplantation Attack: Analysis and Prediction
@INPROCEEDINGS{10.1007/978-3-319-23802-9_28, author={Zhongwen Zhang and Ji Xiang and Lei Wang and Lingguang Lei}, title={Transplantation Attack: Analysis and Prediction}, proceedings={International Conference on Security and Privacy in Communication Networks. 10th International ICST Conference, SecureComm 2014, Beijing, China, September 24-26, 2014, Revised Selected Papers, Part II}, proceedings_a={SECURECOMM}, year={2015}, month={12}, keywords={Android Transplantation Attack Prediction}, doi={10.1007/978-3-319-23802-9_28} }- Zhongwen Zhang
Ji Xiang
Lei Wang
Lingguang Lei
Year: 2015
Transplantation Attack: Analysis and Prediction
SECURECOMM
Springer
DOI: 10.1007/978-3-319-23802-9_28
Abstract
Correspondingly, Android also becomes a common attack target. Till now, many attacks have been detected out, such as confused deputy attack, collusion attack, and root exploits attack. In this paper, we present a novel attack, denoted as transplantation attack. Transplantation attack, when being applied to spy on user, can make the malicious behavior more stealthy. The attack can evade permission check, evade device administration, and even evade API auditing. The premise of carrying out Transplantation attack is that malware is able to access resources or gain access capability. By fulfilling the premise, we do a case study about Camera device. The result indicates that Transplantation attack indeed exists. Based on these observations, we predict the kind of system resources that may suffer transplantation attack. Defence discussion are also presented.