Open AccessPosted Content
Steganography in Modern Smartphones and Mitigation Techniques
TLDR
In this article, the state of the art of steganographic techniques for smartphones, with emphasis on methods developed over the period 2005 to the second quarter of 2014, are surveyed.Abstract:
By offering sophisticated services and centralizing a huge volume of personal data, modern smartphones changed the way we socialize, entertain and work. To this aim, they rely upon complex hardware/software frameworks leading to a number of vulnerabilities, attacks and hazards to profile individuals or gather sensitive information. However, the majority of works evaluating the security degree of smartphones neglects steganography, which can be mainly used to: i) exfiltrate confidential data via camouflage methods, and ii) conceal valuable or personal information into innocent looking carriers.
Therefore, this paper surveys the state of the art of steganographic techniques for smartphones, with emphasis on methods developed over the period 2005 to the second quarter of 2014. The different approaches are grouped according to the portion of the device used to hide information, leading to three different covert channels, i.e., local, object and network. Also, it reviews the relevant approaches used to detect and mitigate steganographic attacks or threats. Lastly, it showcases the most popular software applications to embed secret data into carriers, as well as possible future directions.read more
Citations
More filters
Journal ArticleDOI
Image steganography in spatial domain: A survey
Mehdi Hussain,Mehdi Hussain,Ainuddin Wahid Abdul Wahab,Yamani Idna Bin Idris,Anthony T. S. Ho,Anthony T. S. Ho,Anthony T. S. Ho,Ki-Hyun Jung +7 more
TL;DR: The general structure of the steganographic system and classifications of image steganography techniques with its properties in spatial domain are exploited and different performance matrices and steganalysis detection attacks are discussed.
Journal ArticleDOI
Seeing the Unseen: Revealing Mobile Malware Hidden Communications via Energy Consumption and Artificial Intelligence
TL;DR: Experimental results show the feasibility and effectiveness of the proposed approach to detect the hidden data exchange between colluding applications, based on artificial intelligence tools, such as neural networks and decision trees.
Journal ArticleDOI
Image steganography using uncorrelated color space and its application for security of visual contents in online social networks
TL;DR: The quantitative and qualitative experimental results of the proposed framework and its application for addressing the security and privacy of visual contents in online social networks (OSNs), confirm its effectiveness in contrast to state-of-the-art methods.
Journal ArticleDOI
A Data Exfiltration and Remote Exploitation Attack on Consumer 3D Printers
TL;DR: Examination of the security features of two different models of MakerBot Industries' consumer-oriented 3D printers found that the printers stored the previously printed and currently printing objects on an unauthenticated web server, which severely affected the security of these devices and allowed for remote exploitation.
Journal ArticleDOI
Information Hiding as a Challenge for Malware Detection
TL;DR: This research highlights the need to have a better understanding of how malware uses information-hiding techniques to hide its existence and communication attempts.
References
More filters
Journal ArticleDOI
Techniques for data hiding
TL;DR: This work explores both traditional and novel techniques for addressing the data-hiding process and evaluates these techniques in light of three applications: copyright protection, tamper-proofing, and augmentation data embedding.
Journal ArticleDOI
TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones
William Enck,Peter Gilbert,Seungyeop Han,Vasant Tendulkar,Byung-Gon Chun,Landon P. Cox,Jaeyeon Jung,Patrick McDaniel,Anmol Sheth +8 more
TL;DR: TaintDroid as mentioned in this paper is an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data by leveraging Android's virtualized execution environment.
Journal ArticleDOI
Information hiding-a survey
TL;DR: An overview of the information-hiding techniques field is given, of what the authors know, what works, what does not, and what are the interesting topics for research.
Proceedings ArticleDOI
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
William Enck,Peter Gilbert,Byung-Gon Chun,Landon P. Cox,Jaeyeon Jung,Patrick McDaniel,Anmol Sheth +6 more
TL;DR: Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, this work found 68 instances of misappropriation of users' location and device identification information across 20 applications.
Proceedings ArticleDOI
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
TL;DR: It is shown that it is possible to map the internal cloud infrastructure, identify where a particular target VM is likely to reside, and then instantiate new VMs until one is placed co-resident with the target, and how such placement can then be used to mount cross-VM side-channel attacks to extract information from a target VM on the same machine.