.

An android-based trojan spyware to study the notificationlistener service vulnerability

LAUR Repository

Show simple item record

dc.contributor.author Abualola, Huda
dc.contributor.author Alhawai, Hessa
dc.contributor.author Kadadha, Maha
dc.contributor.author Otrok, Hadi
dc.contributor.author Mourad, Azzam
dc.date.accessioned 2017-03-14T07:32:53Z
dc.date.available 2017-03-14T07:32:53Z
dc.date.copyright 2016 en_US
dc.date.issued 2017-03-14
dc.identifier.issn 1877-0509 en_US
dc.identifier.uri http://hdl.handle.net/10725/5362
dc.description.abstract Security attacks continue to emerge on daily basis due to the fast growth in the number of smart devices and mobile applications. Attacks take different malware forms such as Spyware and Trojan exploiting different operating system vulnerabilities, specially the well known vulnerable operating system; Android OS. In this paper, we study the malicious use of the “NotificationListener” service in Android 4.3 and 5.0. A Trojan application, known as SMS backup, is developed to spy the notifications of other applications. Such an application requires only two permissions that include “Notification Access” and “Internet”. These permissions are used to extract and send user's messages of other applications to the attacker's email through Internet. Our malware is able to alter and/or delete the notification before being displayed. For experimental results, the malware was tested against notifications of WhatsApp, BBM, SMS, and Facebook messenger using different Android versions including Lollipop 5.0. Experiments show that our malware succeeded against all the tested applications running Android version 4.3. Moreover, BBM and SMS messages are still extractable in the newer version of Android (Lollipop 5.0). en_US
dc.language.iso en en_US
dc.title An android-based trojan spyware to study the notificationlistener service vulnerability en_US
dc.type Article en_US
dc.description.version Published en_US
dc.author.school SAS en_US
dc.author.idnumber 200904853 en_US
dc.author.department Computer Science and Mathematics en_US
dc.description.embargo N/A en_US
dc.relation.journal Procedia Computer Science en_US
dc.journal.volume 83 en_US
dc.article.pages 465-471 en_US
dc.keywords Mobile spy en_US
dc.keywords Spyware en_US
dc.keywords Trojan en_US
dc.keywords Android en_US
dc.keywords Notification en_US
dc.identifier.doi http://dx.doi.org/10.1016/j.procs.2016.04.210 en_US
dc.identifier.ctation Abualola, H., Alhawai, H., Kadadha, M., Otrok, H., & Mourad, A. (2016). An Android-based Trojan Spyware to Study the NotificationListener Service Vulnerability. Procedia Computer Science, 83, 465-471. en_US
dc.author.email azzam.mourad@lau.edu.lb en_US
dc.identifier.tou http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php en_US
dc.identifier.url http://www.sciencedirect.com/science/article/pii/S1877050916302435 en_US
dc.orcid.id https://orcid.org/0000-0001-9434-5322
dc.author.affiliation Lebanese American University en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search LAUR


Advanced Search

Browse

My Account