Inside Job: Understanding and Mitigating the Threat of External Device Mis-Binding on Android

No ratings

Presented at NDSS 2014 by

Carl Gunter

Xiaofeng Wang

Xiaoyong Zhou

Muhammad Naveed

Soteris Demetriou

We found that today’s Android design allows an app with a Bluetooth permission to gain unauthorized access to any Bluetooth devices (particularly healthcare devices) and also misbind the phone with an attack device to inject data to the official apps of the original devices. We also developed an OS-level protection to address this new challenge.