Abstract
Wireless devices that integrate the functionality of PDAs and cell phones are becoming commonplace, making different types of network services available to mobile applications. However, the integration of different services allows an attacker to cross service boundaries. For example, an attack carried out through the wireless network interface may eventually provide access to the phone functionality. This type of attacks can cause considerable damage because some of the services (e.g., the GSM-based services) charge the user based on the traffic or time of use. In this paper, we demonstrate the feasibility of these attacks by developing a proof-of-concept exploit that crosses service boundaries. To address these security issues, we developed a solution based on resource labeling. We modified the kernel of an integrated wireless device so that processes and files are marked in a way that allows one to regulate the access to different system resources. Labels are set when certain network services are accessed. The labeling is then transferred between processes and system resources as a result of either access or execution. We also defined a language for creating labeling rules, and demonstrated how the system can be used to prevent attacks that attempt to cross service boundaries. Experimental evaluation shows that the implementation introduces little overhead. Our security solution is orthogonal to other protection schemes and provides a critical defense for the growing problem of cell phone viruses and worms.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Airscanner Corp. Advisory 05081102 vxFtpSrv 0.9.7 Remote Code Execution Vulnerability (2005), http://www.airscanner.com/security/05081102_vxftpsrv.htm
Airscanner Corp. Advisory 05081203 vxTftpSrv 1.7.0 Remote Code Execution Vulnerability (2005), http://www.airscanner.com/security/05081203_vxtftpsrv.htm
Biba, K.: Integrity Considerations for Secure Computer Systems. Technical Report TR-3153, MITRE Corp, Bedford, MA (1977)
Bluetooth SIG: Bluetooth (2006), http://www.bluetooth.org
Cowan, C., Pu, C., Maier, D.: StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In: Proceedings of the 7th USENIX Security Symposium, pp. 63–78 (1998)
Elser, D.: PicoWebServer Remote Unicode Stack Overflow Vulnerability (May 2005), http://seclists.org/lists/bugtraq/2005/May/0333.html
Dagon, D., Martin, T., Starner, T.: Mobile Phones as Computing Devices: The Viruses are Coming! IEEE Pervasive Computing (October/December 2004)
Ito, E.: FtpSvr - Ftp Server (1999), http://www.oohito.com/wince/arm_j.htm
Edjlali, G., Acharya, A., Chaudhary, V.: History-based Access Control for Mobile Code. In: ACM Conference on Computer and Communication Security (1998)
F-Secure Corporation. F-Secure Virus Descriptions: Skulls (2004), http://www.f-secure.com/v-descs/skulls.shtml
Familiar Linux - A Linux Distribution For Handheld Devices (2006), http://familiar.handhelds.org/
Fraser, T.: LOMAC: MAC you can live with. In: Proc. of the 2001 Usenix Annual Technical Conference (June 2001)
GSMA. GPRS - General Packet Radio Service (2006), http://www.gsmworld.com
GSMA. GSM - Global System for Mobile Communications (2006), http://gsmworld.com
Hewlett-Packard. HP iPAQ h5500 (2006), http://welcome.hp.com/country/us/en/prodserv/handheld.html
HTC. HTC Blue Angel (2006), http://www.htc.com.tw
i-mate. i-mate PDA2k (2006), http://imate.com/t-DETAILSP_DA2K.aspx
Koziol, J., Litchfield, D., Aitel, D., Anley, C., Eren, S., Mehta, N., Hassell, R.: The Shellcoder’s Handbook: Discovering and Exploiting Security Holes. Wiley, Chichester (2003)
Loscocco, P., Smalley, S.: Integrating Exible Support For Security Policies Into The Linux Operating System. In: Proceedings of the FREENIX Track of the 2001 USENIX Annual Technical Conference (2001)
Microsoft. Platform Builder for WindowsCE 5.0, Compiler Option Reference (2005), http://msdn.microsoft.com/library/default.asp?url=/library/enus/wcepbguide5/html/wce50congs-enablesecuritychecks.asp
Microsoft. Microsoft WindowsCE .NET 4.2 Platform, Memory Architecture (2006), http://msdn.microsoft.com/library/default.asp?url=/library/enus/wcemain4/html/_wcesdk_windows_ce_memory_architecture.asp
Microsoft. Windows Mobile (2006), http://www.microsoft.com/windowsmobile/pocketpc/
Newmad Technologies AB. PicoWebServer (2005), http://www.newmad.se/rnd-freesw-pico.htm
Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., Schooler, E.: SIP: Session Initiation Protocol. RFC3261 (2002)
Christensen, M.T.S.N., Sorensen, K.: Umbrella - We can’t prevent the rain. -But we don’t get wet! Master’s thesis, Aalborg University (January 2005)
Sabelfeld, A., Myers, A.C.: Language-Based Information-Flow Security. IEEE Journal on Selected Areas in Communications 21(1), 5–19 (2003)
San. Hacking Windows CE. Phrack, 0x0b(0x3f) (August 2005)
Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST Model for Role-Based Access Control: Towards A Unified Standard. In: Proceedings of the fifth ACM workshop on Role-based access control, pp. 47–63 (2000)
SecurityFocus. BugTraq (2006), http://www.securityfocus.com/archive
SJ Labs, Inc. Voice Over IP Software (2005), http://www.sjlabs.com
Symantec Security Response. SymbOS.Cabir (2004), http://securityresponse.symantec.com/avcenter/venc/data/epoc.cabir.html
Symbian, Inc. Information about Mosquitos Trojan (2004), http://www.symbian.com/press-office/2004/pr040810.html
Vieka Technology Inc. PE FTP Server (2005), http://www.vieka.com/peftpd.htm
Watson, R.N.M.: TrustedBSD: Adding Trusted Operating System Features to FreeBSD. In: USENIX Annual Technical Conference, FREENIX Track, pp. 15–28 (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mulliner, C., Vigna, G., Dagon, D., Lee, W. (2006). Using Labeling to Prevent Cross-Service Attacks Against Smart Phones. In: Büschkes, R., Laskov, P. (eds) Detection of Intrusions and Malware & Vulnerability Assessment. DIMVA 2006. Lecture Notes in Computer Science, vol 4064. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11790754_6
Download citation
DOI: https://doi.org/10.1007/11790754_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36014-8
Online ISBN: 978-3-540-36017-9
eBook Packages: Computer ScienceComputer Science (R0)