Data Exfiltration from Internet of Things Devices: IOS Devices as Case Studies

IEEE Internet of Things Journal

Volumn 4, Issue 2, 2017, Pages 524-535

  D'Orazio, Christian J ^a   Choo, Kim Kwang Raymond ^b   Yang, Laurence T ^b,c  

^a UNIVERSITY OF SOUTH AUSTRALIA   (Australia)

^b HUAZHONG UNIVERSITY OF SCIENCE AND TECHNOLOGY   (China)

^c ST FRANCIS XAVIER UNIVERSITY   (Canada)

Author keywords

Big data security; Internet of Things (IoT) security; iOS data exfiltration; iOS pairing

Indexed keywords

BIG DATA; IOS (OPERATING SYSTEM); MOBILE SECURITY; PERSONAL COMPUTERS;

CASE-STUDIES; COMMAND LINE; CYBERCRIMINALS; DATA EXFILTRATION; INTERNET OF THINGS (IOT); IOS DEVICES; IOS PAIRING; TRUSTED RELATIONSHIPS;

INTERNET OF THINGS;

EID: 85018406878     PISSN: None     EISSN: 23274662     Source Type: Journal    
DOI: 10.1109/JIOT.2016.2569094     Document Type: Article

References (40)

1. C. Xiao, Wirelurker: A New Era in iOS and OS X Malware, Palo Alto Netw., Santa Clara, CA, USA, 2014.
2. FireEye, A Comprehensive Mobile Threat Assessment of 7 Million iOS and Android Apps, FireEye Inc., Milpitas, CA, USA, 2014.
3. C. Xiao, KeyRaider: iOS Malware Steals Over 225, 000 Apple Accounts to Create Free App Utopia. Palo Alto Netw., Santa Clara, CA, USA, 2015. [Online]. Available: http://researchcenter.paloaltonetworks.com/2015/08/keyraider-ios-malware-steals-over-225000-Apple-Accounts-Tocreate-free-App-utopia/
4. N. Provos, D. McNamee, P. Mavrommatis, K. Wang, and N. Modadugu, "The ghost in the browser analysis of Web-based malware, " in Proc. Conf. 1st Workshop Hot Topics Understand. Botnets, Berkeley, CA, USA, 2007, p. 4.
5. PandaLabs, PandaLabs Neutralized 75 Million New Malware Samples in 2014, Twice as Many as in 2013, Panda Security, Bilbao, Spain, 2015. [Online]. Available: http://www.pandasecurity.com/mediacenter/src/uploads/2015/02/Pandalabs2014-DEF2-en.pdf
6. Apple. (2015). iOS Security. Accessed on Feb. 1, 2016. [Online]. Available: https://www.apple.com/business/docs/iOS-Security-Guide.pdf
7. Statista. (2015). Global Market Share Held by Operating Systems Desktop PCs From January 2012 to June 2015. Accessed on Feb. 1, 2016. [Online]. Available: http://www.statista.com/statistics/218089/global-market-share-of-windows-7/
8. Netmarketshare. (2015). Desktop Operating System Market Share. Accessed on Feb. 1, 2016. [Online]. Available: https://www.netmarketshare.com/operating-system-market-share.aspx
9. L. Xing, et al., Unauthorized Cross-App Resource Access on MAC OS X and iOS, Cornel Univ. Libr., Ithaca, NY, USA, 2015. [Online]. Available: http://arxiv.org/pdf/1505.06836v1.pdf
10. L. Caviglione and W. Mazurczyk, "Understanding information hiding in iOS, " IEEE Comput., vol. 48, no. 1, pp. 62-65, Jan. 2015.
11. Y. Agarwal and M. Hall, "ProtectMyPrivacy: Detecting and mitigating privacy leaks on iOS devices using crowdsourcing, " in Proc. Int. Conf. Mobile Syst. Appl. Services, Taipei, Taiwan, 2013, pp. 97-110.
12. P. Porras, H. Saïdi, and V. Yegneswaran, "An analysis of the iKee.B iPhone botnet, " in Security and Privacy in Mobile Information and Communication Systems. Heidelberg, Germany: Springer-Verlag, 2010, pp. 141-152.
13. R. Farley and X. Wang, "Roving bugnet: Distributed surveillance threat and mitigation, " Comput. Security, vol. 29, no. 5, pp. 592-602, 2010.
14. A. Giani, V. H. Berk, and G. V. Cybenko, "Data exfiltration and covert channels, " in Proc. Sensors Command Control Commun. Intell. (C3I) Technol. Homeland Security Homeland Defense V, vol. 6201. Orlando, FL, USA, 2006, pp. 1-11. [Online]. Available: http://proceedings.spiedigitallibrary.org/proceeding.aspx?articleid=1284782#
15. W. D. Yu, S. Nargundkar, and N. Tiruthani, "PhishCatch-A phishing detection tool, " in Proc. IEEE Int. Conf. Comput. Softw. Appl., vol. 2. Seattle, WA, USA, 2009, pp. 451-456.
16. G. Wang, J. W. Stokes, C. Herley, and D. Felstead, "Detecting malicious landing pages in malware distribution networks, " in Proc. IEEE/IFIP Int. Conf. Depend. Syst. Netw. (DSN), Budapest, Hungary, 2013, pp. 1-11.
17. M. Grace, Y. Zhou, Q. Zhang, S. Zou, and X. Jiang, "RiskRanker: Scalable and accurate zero-day android malware detection, " in Proc. Int. Conf. Mobile Syst. Appl. Services, 2012, pp. 281-294.
18. A. Sami, et al., "Malware detection based on mining API calls, " in Proc. ACM Symp. Appl. Comput., Lausanne, Switzerland, 2010, pp. 1020-1025.
19. M. Antonakakis, R. Perdisci, W. Lee, N. Vasiloglou, and D. Dagon, "Detecting malware domains at the upper DNS hierarchy, " in Proc. USENIX Conf. Security, San Francisco, CA, USA, 2011, p. 27.
20. M. A. Rajab, et al., "Trends in circumventing Web-malware detection, " Google Security Team, Google, Tech. Rep. rajab-2011a, 2011.
21. Q. Do, B. Martini, and K.-K. R. Choo, "Exfiltrating data from Android devices, " Comput. Security, vol. 48, pp. 74-91, Feb. 2015.
22. A. Davis, et al., "The visual microphone: Passive recovery of sound from video, " ACM Trans. Graph., vol. 33, no. 4, pp. 1-10, Jul. 2014.
23. M. Hanspach and M. Goetz, "On covert acoustical mesh networks in air, " J. Commun., vol. 8, no. 11, pp. 758-767, 2014.
24. P. Marks, Hackers Reverse-Engineer NSA's Leaked Bugging Devices, New Scientist, Haywards Heath, U.K., 2014. [Online]. Available: https://www.newscientist.com/article/mg22229744-000-hackers-reverseengineer-nsas-leaked-bugging-devices
25. S. J. O'Malley and K.-K. R. Choo, "Bridging the air gap: Inaudible data exfiltration by insiders, " in Proc. Americas Conf. Inf. Syst., Savannah, GA, USA, 2014, pp. 1-12.
26. J. Zdziarski, "Identifying back doors, attack points, and surveillance mechanisms in iOS devices, " Digit. Invest., vol. 11, no. 1, pp. 3-19, 2014.
27. McAfee, Grand Theft Data. Data Exfiltration Study: Actors, Tactics, and Detection, McAfee Inc., Santa Clara, CA, USA, 2015. [Online]. Available: http://www.mcafee.com/us/resources/reports/rp-data-exfiltration.pdf
28. A. Rashid, et al., "Detecting and preventing data exfiltration, " Lancaster Univ., Security Lancaster Centre, Lancaster, U.K., Tech. Rep., 2014.
29. D. Chismon, M. Ruks, M. Michelini, and A. Waters. (2014). Detecting and Deterring Data Exfiltration. Accessed on Feb. 1, 2016. [Online]. Available: https://www.mwrinfosecurity.com/system/assets/642/original/Detecting-Deterring-Data-Exfiltration-Executive-Briefing-Paper.pdf
30. McAfee, Stop Data Exfiltration, Intel Security, Santa Clara, CA, USA, 2015.
31. Y. Liu, C. Corbett, R. Archibald, B. Mukherjee, and D. Ghosal, "SIDD: A framework for detecting sensitive data exfiltration by an insider attack, " in Proc. IEEE Hawaii Int. Conf. Syst. Sci., 2009, pp. 1-10.
32. A. Jain and D. Shanbhag, "Addressing security and privacy risks in mobile applications, " IT Prof., vol. 14, no. 5, pp. 28-33, Sep./Oct. 2012.
33. J. Leyden, Apple Cleans Up iOS App Store After First Big Malware Attack, Register, London, U.K., 2015. [Online]. Available: http://www.theregister.co.uk/2015/09/21/xcodeghost-Apple-ios-store-malware-zapped
34. C. Xiao, Update: XcodeGhost Attacker Can Phish Passwords and Open URLs Through Infected Apps, Palo Alto Netw., Santa Clara, CA, USA, 2015. [Online]. Available: http://researchcenter.paloaltonetworks.com/2015/09/update-xcodeghost-Attacker-can-phish-passwords-And-open-urlsthough-infected-Apps
35. C. D'Orazio and K.-K. R. Choo, "An adversary model to evaluate DRM protection of video contents on iOS devices, " Comput. Security, vol. 56, pp. 94-110, Feb. 2016. [Online]. Available: http://dx.doi.org/10.1016/j.cose.2015.06.009
36. M. Honan, How Apple and Amazon Security Flaws Led to My Epic Hacking, Wired, San Francisco, CA, USA, 2012. [Online]. Available: http://www.wired.com/2012/08/apple-Amazon-mat-honan-hacking/
37. J. Imgraben, A. Engelbrecht, and K.-K. R. Choo, "Always connected, but are smart mobile users getting more security savvy? A survey of smart mobile device users, " Behav. Inf. Technol., vol. 33, no. 12, pp. 1347-1360, 2014.
38. Q. Do, B. Martini, and K.-K. R. Choo, "A forensically sound adversary model for mobile devices, " PLoS ONE, vol. 10, no. 9, pp. 1-15, 2015. [Online]. Available: http://dx.doi.org/10.1371/journal.pone.0138449
39. H. Li, M. Dong, and K. Ota, "Radio access network virtualization for the social Internet of Things, " IEEE Cloud Comput., vol. 2, no. 6, pp. 42-50, Nov./Dec. 2015.
40. J. Wu, M. Dong, K. Ota, L. Liang, and Z. Zhou, "Securing distributed storage for social Internet of Things using regenerating code and Blom key agreement, " Peer to Peer Netw. Appl., vol. 8, no. 6, pp. 1133-1142, 2015.