Source: http://s3.eurecom.fr/docs/ndss21_pox.pdf
Author: Andrea Possemato, Dario Nisi, Yanick Fratantonio
Affiliation: EURECOM
Network and Distributed Systems Security (NDSS) Symposium 2021
Download https://jbox.sjtu.edu.cn/l/Q1LDjO
Contributor: yzy
Overview
Phishing attacks : problematic for mobile platforms. because they do not provide enough information for a user to reliably distinguish a legitimate app from a malicious app spoofing the UI of the legitimate one
proper timing is the key factor for attacker:
-
what is proper timing: The user is more prone to provide sensitive data (such as her passwords) when the victim expects to interact with the target app.
-
how malware determines the right timing: mounting state inference attacks
-
What is state inference attacks: A malicious app “polls” these vulnerable APIs, and infers when a target app is about to be used by the user, and makes the spoofed UI appear on top of the screen at the right time.
-
contributions of the paper:
- design and implementation of a new vulnerability detection system which specifically aims at identifying new vulnerabilities that can be used to mount state inference attacks
- a new on-device analysis system able to detect exploitation attempts of vulnerable resources and APIs