Embed Size (px)
DESCRIPTION
Amnesia Presentation for Effective Presentation Class by Kemal KOCABIYIK
Citation preview
Kemal KOCABIYIK
20060290
WHAT IS SMART PHONE?
Based on an operating system
Have complex software
More complex computing ability
More complex connection ability
High speed web access
ETC Iphone,Blackberry
Smartphone
Communications
Use Area (Wireless)
Communicating with other devices
Internet
AD-Hoc communication
Hotspot
File Transfer
Use Area(Bluetooth)
File Transfer
Data Exchange
Third Party Tools
Use Area(USB)
Charging
Connecting to Computer
Connecting to 3rd party tools
Data Exchange
File Transfer
Communicating
Wireless Communication
Secure
User needs to authenticate
Able to make peer to peer
communication
Packets are instpected by stateful
firewall or instrusion detection systems
Bluetooth Connection
Secure
User needs to give its pair to paired-key
Have its own defense mechanism
Traffic is filtered
USB Connection
Insecure
User does not need to authenticate
People think of that USB connection is
more secure than the other connection
types
Attacks to Smart Phones
3 different types of attacks
Phone-to-Computer attacks
Computer-to-Phone attacks
Phone-to-Phone Attacks
Common Things
An adversary that is already in control of
one end of the USB connection
The attacker can manipulate any
component of the device, ranging from
applications to programmable hardware
components
Phone-to-Computer Attacks
Phone-to-Computer Attacks
USB becomes a bidirectional
communication channel between the
host and the peripheral device.
Can launch attacks and transfer
malicious programs
Phone-to-Computer Attacks
2 types of Phone-to-Computer attacks
Posing as HID peripherals and connect
to computer
The capability of the phone to be
automatically mounted as a USB device
Examples
Showing mobile device as a HID device
than send inputs from mobile device
Put storage and autorun.inf
Computer-to-Phone Attacks
Computer-to-Phone Attacks
Phone is unlocked and in manufacture
out-of-box state.
Using program called fastboot,
unlocking process started
After unlocking the phone, it is now
under control which means you can
change all system files.
Phone-to-Phone Attacks
Phone-to-Phone Attacks
The power of operating system gives us
the capability of doing this kind of
attacks.
Similar to Computer-to-Phone Attacks
Capability is to enable the USB host
mode on one device taking over the
control of the other
Phone-to-Phone Attacks
Phone-to-Phone Attacks
In conclusion
USB is not that much secure
Different types of attacks:
Phone-to-Computer
Computer-to-Phone
Phone-to-Phone
It works not only for google android but
also for all smart phones
