MSYM: A multichannel communication system for android devices

Abstract Conventional mobile communication systems often use one single channel for data transmission, i.e., mobile devices use cellular network to transfer multimedia information. However, if attackers successfully hijack the single transmission channel, they can recover the communicated data. Focused on this issue, we introduce a Multichannel Communication System (MSYM), which aims to improve the data communication security for Android devices. The key idea of our approach is to leverage the diversity of communication mechanisms (e.g., Wi-Fi/cellular network, Bluetooth, and SMS) for transferring sensitive data in a secure way. More specifically, we use the VpnService interface provided by the Android platform to intercept the network data delivered by a sender program. Then, we split the network data into different fragments and improve the security by disordering and encrypting them via multiple transmission channels. When the target Android device receives the data fragments from different channels, it can decrypt and reorder them to reassemble the original data. In the end, we reuse the VpnService interface to inject the network data into the receiver program. Our approach can be deployed in Android devices to secure communication without the need of modifying the communication programs. In the evaluation, as a proof of concept, we implemented our approach on Android system. The experimental results show that our prototype system can secure data transmission with moderate performance cost.

[1]  Leslie Lamport,et al.  Proving the Correctness of Multiprocess Programs , 1977, IEEE Transactions on Software Engineering.

[2]  Geng Wu,et al.  M2M: From mobile to embedded internet , 2011, IEEE Communications Magazine.

[3]  Jyh-Cheng Chen,et al.  Design and analysis of SIP-based mobile VPN for real-time applications , 2009, IEEE Transactions on Wireless Communications.

[4]  Xiapu Luo,et al.  TCP covert timing channels: Design and detection , 2008, 2008 IEEE International Conference on Dependable Systems and Networks With FTCS and DCC (DSN).

[5]  Carla E. Brodley,et al.  IP covert timing channels: design and detection , 2004, CCS '04.

[6]  Karen Heyman A New Virtual Private Network for Today's Mobile World , 2007, Computer.

[7]  Chen Liang,et al.  An end-to-end covert channel via packet dropout for mobile networks , 2018, Int. J. Distributed Sens. Networks.

[8]  Yunhao Liu,et al.  Exploring Cross-Application Cellular Traffic Optimization with Baidu TrafficGuard , 2016, NSDI.

[9]  Urs Hengartner,et al.  PrivacyGuard: A VPN-based Platform to Detect Information Leakage on Android Devices , 2015, SPSM@CCS.

[10]  Liehuang Zhu,et al.  A packet-reordering covert channel over VoLTE voice and video traffics , 2019, J. Netw. Comput. Appl..

[11]  Jon Postel,et al.  Internet Protocol , 1981, RFC.

[12]  Alexander V. Uskov Information Security of IPsec-based Mobile VPN: Authentication and Encryption Algorithms Performance , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[13]  M. A. Moridi,et al.  Performance analysis of ZigBee network topologies for underground space monitoring and communication systems , 2018 .

[14]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.3 , 2018, RFC.

[15]  Arnaud Legout,et al.  ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic , 2015, MobiSys.

[16]  Narseo Vallina-Rodriguez,et al.  Haystack: In Situ Mobile Traffic Analysis in User Space , 2015, ArXiv.

[17]  Alan Mislove,et al.  Identifying Traffic Differentiation in Mobile Networks , 2015, Internet Measurement Conference.

[18]  Debin Gao,et al.  MopEye: Opportunistic Monitoring of Per-app Mobile Network Performance , 2017, USENIX Annual Technical Conference.

[19]  Dijiang Huang,et al.  A Survey of Mobile VPN Technologies , 2016, IEEE Communications Surveys & Tutorials.

[20]  Chen Liang,et al.  Building covert timing channels by packet rearrangement over mobile networks , 2018, Inf. Sci..

[21]  Yan Lin,et al.  Towards Dynamically Monitoring Android Applications on Non-rooted Devices in the Wild , 2018, WISEC.

[22]  Bogdan M. Wilamowski,et al.  The Transmission Control Protocol , 2005, The Industrial Information Technology Handbook.

[23]  Kjell Jørgen Hole,et al.  Securing Wi-Fi Networks , 2005, Computer.

[24]  Frank Piessens,et al.  Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 , 2017, CCS.

[25]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[26]  Kevin Lee,et al.  Large MTUs and internet performance , 2012, 2012 IEEE 13th International Conference on High Performance Switching and Routing.

[27]  Minas Gjoka,et al.  AntMonitor: System and Applications , 2016, ArXiv.

[28]  Kenneth G. Paterson,et al.  Plaintext-Recovery Attacks Against Datagram TLS , 2012, NDSS.

[29]  Yuanzhang Li,et al.  A Covert Channel Over VoLTE via Adjusting Silence Periods , 2018, IEEE Access.

[30]  Helen J. Wang,et al.  Discoverer: Automatic Protocol Reverse Engineering from Network Traces , 2007, USENIX Security Symposium.

[31]  Matthias Bauer New covert channels in HTTP: adding unwitting Web browsers to anonymity sets , 2003, WPES '03.

[32]  Gilles Barthe,et al.  Verifiable side-channel security of cryptographic implementations: constant-time MEE-CBC , 2016, IACR Cryptol. ePrint Arch..

[33]  Sushil Jajodia,et al.  Model-Based Covert Timing Channels: Automated Modeling and Evasion , 2008, RAID.

[34]  Kenneth G. Paterson,et al.  Lucky Thirteen: Breaking the TLS and DTLS Record Protocols , 2013, 2013 IEEE Symposium on Security and Privacy.

[35]  Alan O. Freier,et al.  Internet Engineering Task Force (ietf) the Secure Sockets Layer (ssl) Protocol Version 3.0 , 2022 .

[36]  Jyh-Cheng Chen,et al.  SIP-based mobile VPN for real-time applications , 2005, IEEE Wireless Communications and Networking Conference, 2005.

[37]  Weiwei Liu,et al.  Designing Analog Fountain Timing Channels: Undetectability, Robustness, and Model-Adaptation , 2016, IEEE Transactions on Information Forensics and Security.