TY - JOUR
T1 - The Vulnerability Exploitation Conveying Digital Data Over Mobile Voice Call Channels
AU - Lee, Seungjoon
AU - Ha, Youngmok
AU - Yoon, Sungjun
AU - Jo, Hyunju
AU - Jang, Soohee
AU - Lee, Jiyeon
AU - Kim, Youngan
AU - Yoon, Ji Won
N1 - Publisher Copyright:
© 2017, Springer Science+Business Media New York.
Copyright:
Copyright 2017 Elsevier B.V., All rights reserved.
PY - 2017/9/1
Y1 - 2017/9/1
N2 - As employees bring mobile devices into the workplace, many companies have been encouraging their use for business purposes. As a result, data leakage accidents have been increasing, which can weaken companies’ competitiveness and can even threaten their survival. Therefore, many companies have recently adopted data leakage/loss prevention (DLP) solutions to avoid such leakages. However, these solutions and their study are limited to dedicated data channels such as SMS/MMS, HSPA and WIFI, but other types of channels, such as, voice call channels can be used to bypass and inactivate the DLP. In this paper, our attack model focuses on the malicious use of digital communication over these voice call channels by showing the possibility to deliver the text files, pictures and malicious codes. Furthermore, we also use post processing such as spell checking and image restoration for the maximum effectiveness of our attack scenario. Overall, we show the feasibility of voice call channels as new malicious attack channels.
AB - As employees bring mobile devices into the workplace, many companies have been encouraging their use for business purposes. As a result, data leakage accidents have been increasing, which can weaken companies’ competitiveness and can even threaten their survival. Therefore, many companies have recently adopted data leakage/loss prevention (DLP) solutions to avoid such leakages. However, these solutions and their study are limited to dedicated data channels such as SMS/MMS, HSPA and WIFI, but other types of channels, such as, voice call channels can be used to bypass and inactivate the DLP. In this paper, our attack model focuses on the malicious use of digital communication over these voice call channels by showing the possibility to deliver the text files, pictures and malicious codes. Furthermore, we also use post processing such as spell checking and image restoration for the maximum effectiveness of our attack scenario. Overall, we show the feasibility of voice call channels as new malicious attack channels.
KW - Data leakage prevention
KW - Malware
KW - Mobile voice call
UR - http://www.scopus.com/inward/record.url?scp=85019736029&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85019736029&partnerID=8YFLogxK
U2 - 10.1007/s11277-017-4229-9
DO - 10.1007/s11277-017-4229-9
M3 - Article
AN - SCOPUS:85019736029
SN - 0929-6212
VL - 96
SP - 1145
EP - 1172
JO - Wireless Personal Communications
JF - Wireless Personal Communications
IS - 1
ER -