Multimedia-based battery drain attacks for Android devices

People using smartphones to connect to the Internet for day-life activities has overtaken the number of people using canonical PCs. This lead to a huge quantity of security threats that usually tend to penetrate the defenses of a smartphone in order to gain control of its resources. Differently, energy-based attacks have the objective of increasing the energy consumption of the victim device. It is important to highlight that this objective could be possibly achieved by just activating the system's defenses as a consequence of canonical attacks and letting the system defenses detect and (try to) defeat them. These activities consume additional energy and could led the mobile device to its complete uselessness. In this paper, an energy-based attack based on soliciting hardware-level encoding/decoding functions through properly crafted multimedia files is analyzed and its impact evaluated. Such kind of attacks are performed without accessing the device by taking advantage of the new HTML5 functionalities. A series of experiments have been performed in order to understand which are the codecs that have a more relevant impact on energy consumption, and, as a consequence, that make the attack more effective.

[1]  Samuel P. Midkiff,et al.  Hypnos: understanding and treating sleep conflicts in smartphones , 2013, EuroSys '13.

[2]  Ajay Gupta,et al.  Anomaly intrusion detection in wireless sensor networks , 2006, J. High Speed Networks.

[3]  Francesco Palmieri,et al.  Energy-oriented denial of service attacks: an emerging menace for large cloud infrastructures , 2014, The Journal of Supercomputing.

[4]  Alessio Merlo,et al.  Improving energy efficiency in distributed intrusion detection systems , 2013, J. High Speed Networks.

[5]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[6]  Senhua Yu,et al.  MILA – multilevel immune learning algorithm and its application to anomaly detection , 2005, Soft Comput..

[7]  Alfredo De Santis,et al.  Do You Trust Your Phone? , 2009, EC-Web.

[8]  Boudewijn R. Haverkort,et al.  Which battery model to use? , 2008, IET Softw..

[9]  Francesco Palmieri,et al.  Evaluating Network-Based DoS Attacks under the Energy Consumption Perspective: New Security Issues in the Coming Green ICT Area , 2011, 2011 International Conference on Broadband and Wireless Computing, Communication and Applications.

[10]  Francesco Palmieri,et al.  Network anomaly detection through nonlinear analysis , 2010, Comput. Secur..

[11]  Francesco Palmieri,et al.  A distributed approach to network anomaly detection based on independent component analysis , 2014, Concurr. Comput. Pract. Exp..

[12]  Rochit Rajsuman System-On-A-Chip: Design and Test , 2000 .

[13]  Michael S. Hsiao,et al.  Denial-of-service attacks on battery-powered mobile computers , 2004, Second IEEE Annual Conference on Pervasive Computing and Communications, 2004. Proceedings of the.

[14]  Lei Yang,et al.  Accurate online power estimation and automatic battery behavior based power model generation for smartphones , 2010, 2010 IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[15]  Naehyuck Chang,et al.  Power conversion efficiency characterization and optimization for smartphones , 2012, ISLPED '12.

[16]  Francesco Palmieri,et al.  Analyzing Local Strategies for Energy-Efficient Networking , 2011, Networking Workshops.

[17]  Alfredo De Santis,et al.  Network anomaly detection with the restricted Boltzmann machine , 2013, Neurocomputing.

[18]  Joseph G. Tront,et al.  Mobile Device Profiling and Intrusion Detection Using Smart Batteries , 2008, Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008).

[19]  Alessio Merlo,et al.  The energy impact of security mechanisms in modern mobile devices , 2012, Netw. Secur..