For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Inishing: A UI Phishing Attack to Exploit the Vulnerability of Inotify in Android Smartphones
Woo Hyun AHN Sanghyeon PARK Jaewon OH Seung-Ho LIM
IEICE TRANSACTIONS on Information and Systems
Publication Date: 2016/09/01
Online ISSN: 1745-1361
Type of Manuscript: LETTER
Category: Dependable Computing
security, Android OS, malware, inotify, phishing attack,
Full Text: PDF>>
In Android OS, we discover that a notification service called inotify is a new side-channel allowing malware to identify file accesses associated with the display of a security-relevant UI screen. This paper proposes a phishing attack that detects victim UI screens by their file accesses in applications and steals private information.