Music, lighting can be used to trigger mobile malware
- Muslim women beaten up in Madhya Pradesh over beef rumours
- Harish Rawat confirms Chinese incursion in Uttarakhand's Chamoli district
- GST Bill: Uncertainty continues as States don’t agree on rate
- Cow was killed by lion, not Dalit men flogged by gau rakshaks: CID
- How Governor Raghuram Rajan had his way on venue for RBI interviews
Scientists, including one of Indian-origin, have uncovered new hard-to-detect methods involving music, lighting or vibration that criminals may use to trigger mobile device malware.
Researchers at the University of Alabama at Birmingham (UAB) presented the research at the 8th Association for Computing Machinery (ACM) Symposium on Information, Computer and Communications Security (ASIACCS) in Hangzhou, China.
"When you go to an arena or Starbucks, you don't expect the music to have a hidden message, so this is a big paradigm shift because the public sees only emails and the Internet as vulnerable to malware attacks," said Ragib Hasan, assistant professor of computer and information sciences and director of the UAB SECuRE and Trustworthy (SECRET) computing lab.
"We devote a lot of our efforts towards securing traditional communication channels. But when bad guys use such hidden and unexpected methods to communicate, it is difficult if not impossible to detect that," Hasan said.
A team of UAB researchers was able to trigger malware hidden in mobile devices from 55 feet away in a crowded hallway using music.
They were also successful, at various distances, using music videos; lighting from a television, computer monitor and overhead bulbs; vibrations from a subwoofer; and magnetic fields.
"We showed that these sensory channels can be used to send short messages that may eventually be used to trigger a mass-signal attack," said Nitesh Saxena, director of the UAB Security and Privacy in Emerging computing and networking Systems (SPIES) research group and assistant professor in the Center for Information Assurance and Joint Forensics Research (CIA-JFR).
"While traditional networking communication used to send such triggers can be detected relatively easily, there does not seem to be a good way to detect such covert channels currently," Saxena said.
Researchers were able to trigger malware with a bandwidth of only five bits per second - a fraction of the bandwidth used by laptops or home computers.
- Nativist sentiments and a growing tendency towards looking inwards imperil globalisation
- Poor infrastructure not outdated syllabi — is what ails Indian universities
- India will have to get its act together on urban water
- Qandeel Baloch’s murder: Men craft, interpret and adjudicate over family laws in the subcontinent
- BJP was not dependent on Dalits to win Gujarat. But the apathy may cost in other states
- Jayalalithaa and Mamata defend Mayawati, recast politics on gender lines