Open Access   Article Go Back

Android Accessibility Service: Bane or Boon

Idris Shah Hyder1 , Nikhil S. Tengeli2

Section:Research Paper, Product Type: Journal Paper
Volume-07 , Issue-14 , Page no. 393-395, May-2019

CrossRef-DOI:   https://doi.org/10.26438/ijcse/v7si14.393395

Online published on May 15, 2019

Copyright © Idris Shah Hyder, Nikhil S. Tengeli . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

View this paper at   Google Scholar | DPI Digital Library

XML View
PDF Download

How to Cite this Paper

  • IEEE Citation
  • MLA Citation
  • APA Citation
  • BibTex Citation
  • RIS Citation

IEEE Style Citation: Idris Shah Hyder, Nikhil S. Tengeli, “Android Accessibility Service: Bane or Boon,” International Journal of Computer Sciences and Engineering, Vol.07, Issue.14, pp.393-395, 2019.

MLA Style Citation: Idris Shah Hyder, Nikhil S. Tengeli "Android Accessibility Service: Bane or Boon." International Journal of Computer Sciences and Engineering 07.14 (2019): 393-395.

APA Style Citation: Idris Shah Hyder, Nikhil S. Tengeli, (2019). Android Accessibility Service: Bane or Boon. International Journal of Computer Sciences and Engineering, 07(14), 393-395.

BibTex Style Citation:
@article{Hyder_2019,
author = {Idris Shah Hyder, Nikhil S. Tengeli},
title = {Android Accessibility Service: Bane or Boon},
journal = {International Journal of Computer Sciences and Engineering},
issue_date = {5 2019},
volume = {07},
Issue = {14},
month = {5},
year = {2019},
issn = {2347-2693},
pages = {393-395},
url = {https://www.ijcseonline.org/full_spl_paper_view.php?paper_id=1161},
doi = {https://doi.org/10.26438/ijcse/v7i14.393395}
publisher = {IJCSE, Indore, INDIA},
}

RIS Style Citation:
TY - JOUR
DO = {https://doi.org/10.26438/ijcse/v7i14.393395}
UR - https://www.ijcseonline.org/full_spl_paper_view.php?paper_id=1161
TI - Android Accessibility Service: Bane or Boon
T2 - International Journal of Computer Sciences and Engineering
AU - Idris Shah Hyder, Nikhil S. Tengeli
PY - 2019
DA - 2019/05/15
PB - IJCSE, Indore, INDIA
SP - 393-395
IS - 14
VL - 07
SN - 2347-2693
ER -

           

Abstract

Android is a huge platform available to a big audience. However, android is vulnerable to many attacks and attackers. Which violates the privacy and security of the data. This paper mainly focuses on demonstration of how accessibility service can be used to key log the events and send it to the hacker’s device using firebase (Real time database). This is a major vulnerability which needs to be addressed. The payload is installed as .apk file and some social engineering to convince the user to enable accessibility service. Our study estimates that this attack will work on most of the android versions.

Key-Words / Index Term

Android accessibility service , firebase , .apk ,payloads , android vulnerabilities

References

[1] Chenxiong Qian, Simon P. Chung, Wenke Lee, “Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop”, Georgia Tech. (2017).
[2] C. Ren, Y. Zhang, H. Xue, T. Wei, and P. Liu, “Towards Discovering and Understanding Task Hijacking in Android,” in Proc. of USENIX Security Symposium, 2015
[3] Joshua Kraunelis1 , Yinjie Chen1 , Zhen Ling2 , Xinwen Fu1 , Wei Zhao3 “On Malware Leveraging the Android Accessibility Framework” 1Computer Science Department, University of Massachusetts Lowell, One University Avenue, Lowell, MA 01854, Email: {jkraunel,ychen1,xinwenfu}@cs.uml.edu . 2 School of Computer Science and Engineering, Southeast University, Nanjing, China, Email: zhenling@seu.edu.cn 3 University of Macau, Macau, China, Email: weizhao@umac.mo (2014).
[4] S. Peng, S. Yu, and A. Yang. Smartphone malware and its propagation modeling: A survey. Communications Surveys Tutorials, IEEE, PP(99):1 – 17, July 2013.
[5] Android permissions: User attention, comprehension, and behavior. http://www.eecs.berkeley.edu/Pubs/TechRpts/2012/EECS-2012-26.pdf, 2012.
[6] Y. Zhou and X. Jiang. Dissecting android malware: Characterization and evolution. In Proceedings of IEEE Symposium on Security and Privacy (SP), 2012.
[7] R. Hunt and S. Hansman. A taxonomy of network and computer attack methodologies. Computers & Networks, Elsevier, 24(1), February 2005.