Forensics Analysis of Android Mobile VoIP Apps

Dargahi, Tooska; Dehghantanha, Ali; Conti, Mauro

doi:10.1016/b978-0-12-805303-4.00002-2

Cited by 17 publications

(11 citation statements)

References 50 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…After uploading an app by developers to the app store, the security module of app store performs the first initial scan to confirm the normal behavior of the application [18]. Apps which pass the initial security check will be available for download in app stores [19]. Third party anti-malware applications perform their own scans after installation completion.…”

Section: Related Workmentioning

confidence: 99%

A Blockchain-based Framework for Detecting Malicious Mobile Applications in App Stores

Homayoun

Dehghantanha

Parizi

et al. 2019

2019 IEEE Canadian Conference of Electrical and Computer Engineering (CCECE)

View full text Add to dashboard Cite

The dramatic growth in smartphone malware shows that malicious program developers are shifting from traditional PC systems to smartphone devices. Therefore, security researchers are also moving towards proposing novel antimalware methods to provide adequate protection. This paper proposes a Blockchain-Based Malware Detection Framework (B2MDF) for detecting malicious mobile applications in mobile applications marketplaces (app stores). The framework consists of two internal and external private blockchains forming a dual private blockchain as well as a consortium blockchain for the final decision. The internal private blockchain stores feature blocks extracted by both static and dynamic feature extractors, while the external blockchain stores detection results as blocks for current versions of applications. B2MDF also shares feature blocks with third parties, and this helps antimalware vendors to provide more accurate solutions.

show abstract

Section: Related Workmentioning

confidence: 99%

A Blockchain-based Framework for Detecting Malicious Mobile Applications in App Stores

Homayoun

Dehghantanha

Parizi

et al. 2019

2019 IEEE Canadian Conference of Electrical and Computer Engineering (CCECE)

View full text Add to dashboard Cite

show abstract

“…It is acknowledged that users of MMOG's like Minecraft will utilise third-party applications to communicate with other gamers whilst in play. Sound research has been conducted into the evidential retrieval of data from popular VoIP applications on mobile platforms [33] so it is now necessary to also explore the in-built chat facilities between various operating system platforms.…”

Section: Literature Reviewmentioning

confidence: 99%

Forensic investigation of cross platform massively multiplayer online games: Minecraft as a case study

et al. 2019

View full text Add to dashboard Cite

Minecraft, a Massively Multiplayer Online Game (MMOG), has reportedly millions of players from different age groups worldwide. With Minecraft being so popular, particularly with younger audiences, it is no surprise that the interactive nature of Minecraft has facilitated the commission of criminal activities such as denial of service attacks against gamers, cyberbullying, swatting, sexual communication, and online child grooming. In this research, there is a simulated scenario of a typical Minecraft setting, using a Linux Ubuntu 16.04.3 machine (acting as the MMOG server) and Windows client devices running Minecraft. Server and client devices are then examined to reveal the type and extent of evidential artefacts that can be extracted.

show abstract

“…Notably, Li et al [4] and Kim et al [5] discovered multiple vulnerabilities in VoLTE's both control-and data-plane functions, and Xie et al [6] uncovered four vulnerabilities in operational Wi-Fi calling services. Regarding Android VoIP's client-side security, only the privacy risks of some VoIP apps were tested [7,8], e.g., whether their traffic are encrypted with SSL/TLS. It is thus unclear whether Android's VoIP integration at the operating system level are secure or not.…”

Section: Introductionmentioning

confidence: 99%

Understanding Android VoIP Security: A System-Level Vulnerability Assessment

En¹,

Deng

2020

Detection of Intrusions and Malware, and Vulnerability Assessment

View full text Add to dashboard Cite

VoIP is a class of new technologies that deliver voice calls over the packet-switched networks, which surpasses the legacy circuitswitched telecom telephony. Android provides the native support of VoIP, including the recent VoLTE and VoWiFi standards. While prior works have analyzed the weaknesses of VoIP network infrastructure and the privacy concerns of third-party VoIP apps, no efforts were attempted to investigate the (in)security of Android's VoIP integration at the system level. In this paper, we first demystify Android VoIP's protocol stack and all its four attack surfaces. We then propose a novel vulnerability assessment approach that assembles on-device Intent/API fuzzing, networkside packet fuzzing, and targeted code auditing. By testing Android from version 7.0 to the recent 9.0, we have discovered 8 zero-day Android VoIP vulnerabilities, all of which were confirmed by Google with bug bounty awards. The security consequences are serious, including denying voice calls, caller ID spoofing, unauthorized call operations, and remote code execution. To mitigate these vulnerabilities and further improve Android VoIP security, we uncover a new root cause that requires developers' attention during their design and implementation.

show abstract

Forensics Analysis of Android Mobile VoIP Apps

Cited by 17 publications

References 50 publications

A Blockchain-based Framework for Detecting Malicious Mobile Applications in App Stores

A Blockchain-based Framework for Detecting Malicious Mobile Applications in App Stores

Forensic investigation of cross platform massively multiplayer online games: Minecraft as a case study

Understanding Android VoIP Security: A System-Level Vulnerability Assessment

Contact Info

Product

Resources

About