Detection and prevention of LeNa Malware on Android
Hwan-Taek Lee1, Minkyu Park2*, and Seong-Je Cho1
1Dankook University, Yongin-si, Gyeonggi-do, Republic of Korea
{htlee, sjcho}@dankook.ac.kr
2Konkuk University, Chungju-si, Chungcheongbuk-do, Republic of Korea
minkyup@kku.ac.kr
Abstract
Smartphones contain security-sensitive information of a user such as contacts, SMS, photos, and GPS information. Because smartphones are always turned on and ready to connect to the Internet, that sensitive information is in danger of leakage. Various kinds of malware are more and more attacking smartphones, especially Android phones. We propose a scheme that protects Android phones against one of them, called LeNa. LeNa infects rooted Android phones and periodically leaks sensitive information of the phone. LeNa also dominates the system and makes the phone a zombie which can perform Distributed Denial of Service (DDoS) attack. The proposed scheme checks whether a process is allowed to execute a requesting operation even after the process have acquired the root privilege. This scheme can also protect smartphones from malware targeted for rooted phones.
Keywords: LeNa, malware, rooting, Android, root privilege
*: Corresponding author: Minkyu Park
Room 105, Sanghuh research bldg., Department of Computer Engineering, Konkuk University,
268 Chungwon-daero, Chungju-si, Chungcheongbuk-do, 380-701, Republic of Korea,
Tel: +82-(0)43-840-3559
Journal of Internet Services and Information
Security (JISIS), 3(3/4): 63-71, November 2013 [pdf]
|