The Cybersecurity Lecture Series begins at Noon on Apr. 7 in the Microelectronics Research Building (MIRC), Room #102, 791 Atlantic Drive, Atlanta, GA 30332.
About this presentation
"Cloak & Dagger: From Two Android Permissions to Complete Control of the UI Feedback Loop"
Although the two Android permissions -- SYSTEM_ALERT_WINDOW and BIND_ACCESSIBILITY_SERVICE -- have been separately abused to create redressing attacks and accessibility attacks, these previous cyberattacks never could completely control the user interface (UI) feedback loop. (They either relied on vanishing side-channels to time the appearance of overlay UI, could not respond properly to user input, or made the attacks literally visible.) In this work, researchers from Georgia Tech and University of California, Santa Barbara (UCSB), demonstrate how combining the capabilities of these permissions can create a devastating and stealthy new cyberattack on Android devices that grants the adversary complete control of the UI feedback loop. Researchers also found that it is simple and straightforward to get a proof-of-concept app that allows both permissions into the official Android store. They evaluated the practicality of these attacks by performing a user study: none of the 20 human subjects that took part of the experiment even suspected they had been attacked. The researchers conclude with a number of observations and best-practices that can help Google app developers to better secure the Android graphical user interface. Work will be presented by Yanick Fratantonio, Ph.D. candidate from UCSB, who began this work as a summer project when he interned with the Institute for Information Security & Privacy at Georgia Tech in Summer 2016. The subsequent paper detailing the findings has been accepted by, and will be presented at, the IEEE Symposium on Security & Privacy in May 2017.
Complimentary lunch provided for registered guests. Please bring your own beverage.