Inside Job: Understanding and Mitigating the Threat of External Device Mis-Bonding on Android
Download: Paper (PDF)
Date: 22 Feb 2014
Document Type: Briefing Papers
Additional Documents: Slides
Associated Event: NDSS Symposium 2014
We found that today’s Android design allows an app with a Bluetooth permission to gain unauthorized access to any Bluetooth devices (particularly healthcare devices) and also misbind the phone with an attack device to inject data to the official apps of the original devices. We also developed an OS-level protection to address this new challenge.