A. Contribution

1. Problem addressed by the paper

Exploring new model of threat and defense for smartphone “sensory malware”.

2. Solution proposed in the paper. Why is it better than previous work?

An app that secretly tries to record credit card number from user’s phone call to automated banking system.

The authors claim that their malware app can circumvent current known defenses. They also develop new defense mechanism in addition to current known defenses.

3. The major results

The app successfully extracts credit card number from user’s phone conversation and then transmits it to the master. Tone recognition (85% accuracy) works better than speech recognition (55% accuracy)

B. Basic idea and approach. How does the solution work?

They develop an app called Soundcomber with legitimate function for audio recording. Soundcomber has additional secret function to run in the background and record user’s phone conversation. Then it will analyze the recording to extract user’s credit card number by matching it against profile database. It then sends the credit card number via a web browser or a second colluding app (Deliverer).

Soundcomber-_A_Stealthy_and_Context-Aware_Sound_Trojan_for_Smartphones_pdf

C. Strengths

  1. The method proposed in the paper is quite novel.
  2. There are good ideas to further prevent detectability, such as analysis at night, when the user is not present, and when charging. Although these ideas seem to have not been implemented yet.

D. Weaknesses

  1. Speech recognition analysis done locally on the phone may consume significant phone resources. Will it work on cheap phones? Will it work on low battery mode?
  2. Soundcomber does not have network permission. Could it invoke a web browser?
  3. When using the phone for playing games, for example, the user may feel the phone is running slow because Soundcomber is running in the background. The user can then further invoke list of background apps currently running. The user can then kill Soundcomber and might further become suspicious or annoyed (interrupt the user from enjoying games) and then uninstall Soundcomber.
  4. Paired Trojan installation via pop-up ad: the user might not click the ad and cancel the installation. Most users ignore pop-up ad and might further have ad-blocker app installed.
  5. Paired Trojan installation via packaged app: the user might not believe and thus cancel the installation. Furthermore, the user might be annoyed because it felt not easy to use and then uninstall Soundcomber.
  6. Android OS is fragmented. Will it have equal performance on different handset (hardware) and different version of Android OS (software)?
  7. Antivirus apps tested that do not detect Soundcomber as malware are not well known antivirus provider. I have never heard of these Antivirus apps.

E. Future work, Open issues, possible improvements

  1. Possible additional defense: an audio recording app should not be allowed to run in the background, unless triggered by the user legitimately.