Knock-Knock: The unbearable lightness of Android Notifications

01/24/2018
by   Constantinos Patsakis, et al.
0

Android Notifications can be considered as essential parts in Human-Smartphone interaction and inextricable modules of modern mobile applications that can facilitate User Interaction and improve User Experience. This paper presents how this well-crafted and thoroughly documented mechanism, provided by the OS can be exploited by an adversary. More precisely, we present attacks that result either in forging smartphone application notifications to lure the user in disclosing sensitive information, or manipulate Android Notifications to launch a Denial of Service attack to the users' device, locally and remotely, rendering them unusable. This paper concludes by proposing generic countermeasures for the discussed security threats.

READ FULL TEXT

Please sign up or login with your details

Forgot password? Click here to reset