panoptispy characterizing audio and video exfiltration
play

Panoptispy: Characterizing Audio and Video Exfiltration from - PowerPoint PPT Presentation

Mar 14, 2023 •40 likes •400 views

Panoptispy: Characterizing Audio and Video Exfiltration from Android Applications Elleen Pan, Jingjing Ren, Martina Lindorfer*, Christo Wilson, and David Choffnes Northeastern University, *UC Santa Barbara Motivation + internet connectivity

  1. Panoptispy: Characterizing Audio and Video Exfiltration from Android Applications Elleen Pan, Jingjing Ren, Martina Lindorfer*, Christo Wilson, and David Choffnes Northeastern University, *UC Santa Barbara

  2. Motivation + internet connectivity … Panoptispy 2

  3. Examples ultrasonic beacons for cross-device linking patents for recognizing user emotion listening for unlicensed broadcasting photos taken surreptitiously by shrinking preview to 1x1 pixel Media surveillance, so far, has been anecdotal Panoptispy 3

  4. Goals • Identify & measure media (audio, images, video) exfiltration at scale • Large number of apps & broad coverage of app stores • Focus on exfiltration over network • Is the exfiltration a leak (undisclosed/unexpected)? • How do apps use sensors? • Permissions requested • APIs called • First or third-parties Panoptispy 4

  5. Outline • Motivation • Threat Model • Methodology • Aggregate Results • Case Studies • Photography apps • Screen recording • Discussion • Conclusion Panoptispy 5

  6. Android Access Control • Certain APIs require permissions in order for code to execute • Protects sensors from being accessed by apps that don’t need it • Requested at install time for API level 22-, runtime for API level 23+ Panoptispy 6

  7. Android Permission Model • Camera & mic hardware access Panoptispy 7

  8. Why aren’t permissions enough? • Incomplete • No permissions required for capturing app screen • Coarse-grained • Permissions granted at app level • Third-party libraries also get access • Users don’t know when apps are using hardware • Lack of visibility and control (may contain PII!) • as media is exfiltrated over the network • Background access Panoptispy 8

  9. Definition of media leak Suspicious or unexpected 1. Does it further the primary purpose of the app? 2. Is it disclosed to the user? • Privacy policies 3. Is it employed by similar apps? 4. Is it encrypted over the internet? No? It’s a leak Panoptispy 9

  10. Panoptispy 10

  11. App Selection Store # of apps Google Play 15,627 Popular + new from Google Play AppChina 510 Camera or audio permission Popular + random from Mi.com 528 AppChina , Mi.com , Anzhi Anzhi 285 Total 17,260 Panoptispy 11

  12. Static Analysis • Permission analysis (camera, record audio) • Media API references (camera, record audio, video, screen capturing) • Media API references found in third-party libraries Panoptispy 12

  13. Dynamic Analysis • Why is dynamic analysis necessary? • Detect whether media permissions are actually used • Media APIs may be in dead code paths • Detect dynamically loaded / obfuscated code Panoptispy 13

  14. Dynamic Analysis • Test environment • Automated interaction • Monkey for 5,000 events • Recording network traffic • Mitmproxy to intercept traffic Panoptispy 14

  15. Detection of Media in Network Traffic • Extraction Category Supported Unsupported • Mediaextract detection with file Audio 3gp , aac , id3v2, raw magic numbers m4a , ogg , wav • E.g. JPEG files: FF D8 FF … Image bmp , gif, jpg , • False positives require manual png , webp checking Video 3gp , mp4 , webm Panoptispy 15

  16. Detection of Media in Network Traffic • Validation • Test app • Manual tests with known apps – • Verification of detected media by manually interacting with apps Panoptispy 16

  17. Static: Permission vs. API • Large fractions of audio 90.00% (43.8%) and camera 80.00% (75.6%) permission declarations 70.00% % apps over app store set • Permissions > API calls 60.00% • Mi, Google > Anzhi, 50.00% AppChina 40.00% • One exception: API > permission (audio in Play) 30.00% 20.00% 10.00% 0.00% Anzhi AppChina Mi.com Google Play Audio Permission Audio API Camera Permission Camera API Panoptispy 17

  18. Dynamic: Media in Network Traffic • 21 cases of detected media – 12 considered leaks • Unexpected or unencrypted • 9 shared with third parties Panoptispy 18

  19. Case Study: Photography Apps • Server-side photo editing • Photos are sent to servers • Users not notified • App has no other functionality requiring internet connection • Privacy policy vaguely disclosed (5 apps) or didn’t mention (1 app) Panoptispy 19

  20. Case Study: Screen Recording • Screen recording of user interaction, where PII was exposed • Leaked to an Appsee domain • Screen recording as a feature • Developers are responsible for hiding sensitive screens • Few apps use the API method to do so – 5/33 apps • Server-side way exists, unknown how many apps use it Panoptispy 20

  21. Responsible Disclosure • Pulled Appsee from Android & iOS builds • Updated privacy policy • Reviewed GoPuff & Appsee • “Google constantly monitors apps and analytics providers to ensure they are policy-compliant. When notified of our findings, they reviewed GoPuff and Appsee and took the appropriate actions.” ¯ \_( ツ )_/¯ Panoptispy 21

  22. Limitations • Translated media formats (audio being transcribed, etc.) • Controlled experiments do not replicate environmental conditions • Intentional obfuscation of traffic Panoptispy 22

  23. Panoptispy 23

  24. Recommendations • Access to the screen should be protected by OS • Or, users should at least be notified & able to opt out • Main app & third-party permissions should be separated Panoptispy 24

  25. Conclusion • Most apps have over-provisioned permissions • Susceptible for abuse from third parties • 12 cases of unexpected or unencrypted media • 9 cases of third party sharing • Screen recording video sent to a third party library • Sensitive input fields • No permissions or notification to the user https://recon.meddle.mobi/panoptispy/ Panoptispy 25

  27. Threat Model • Goal: media exfiltration from Android apps over the network • Permissions • Not granted • Granted for a user-identifiable purpose • Leaks: unexpected or suspicious Panoptispy 27

  28. Experiment Design Panoptispy 28

  29. Permissions and API references External Audio Camera Screen Storage Permissio Audio Permissio Camera Screensho recording Permissio Store # of Apps n API n API t API API n Anzhi 883 12.8% 9.7% 15.7% 11.7% 20.7% 1.5% 23.4% AppChina 468 28.4% 22.9% 37.0% 28.6% 57.1% 2.4% 94.0% Mi.com 392 55.9% 41.8% 61.0% 45.7% 81.6% 5.6% 97.4% Google 15,627 45.7% 46.2% 80.5% 75.1% 89.1% 10.6% 92.7% Play All 17,260 43.8% 43.6% 75.6% 70.1% 84.6% 9.8% 89.9% Panoptispy 29

  30. Permissions and API references • Large percentages of apps request media permissions • Smaller percentage actually call methods that use those permissions • Multipurpose APIs for screenshots and accessing external storage • High false positive rate • Nontrivial inconsistency between permissions and API calls Panoptispy 30

  31. Static: API References 100.0% 90.0% 80.0% 70.0% 60.0% 50.0% 40.0% 30.0% 20.0% 10.0% 0.0% Anzhi AppChina Mi.com Google Play Audio Camera Screenshot Screen Recording Panoptispy 31

  32. March 26 • Initial disclosure to GoPuff • Lawyer contacts NEU and accuses us of extortion • No direct reply to our team March 27 March 29 • After some back and forth, updated privacy policy – by removing it? • Notified GoPuff of absent privacy policy May 15 • ??? • Informed that the lawyer is no longer with company, but introduced to CTO • Start talking about Appsee & the screen recording June 7 • GoPuff pulls Appsee from iOS & Android builds and updates their privacy policy June 21 Panoptispy 32

  33. • Initial disclosure to GoPuff March 26 • Lawyer contacts NEU and accuses us of extortion March • No direct reply to our team 27 • After some back and forth, updated privacy policy – by removing it? March 29 • Notified GoPuff of absent privacy policy May 15 • ??? • Informed that the lawyer is no longer with company, but introduced to CTO • Start talking about Appsee & the screen recording June 7 June 21 • GoPuff pulls Appsee from iOS & Android builds and updates their privacy policy Panoptispy 33

  34. • ”verges on defamation” • Provided info about screen recording • didn’t have to do with privacy concerns • Asked us to remove Appsee / screen recording • We replied to their points and clarified the privacy risk • No reply Panoptispy 34

  35. • First reported as a security vulnerability • Passed to privacy team • “Google constantly monitors apps and analytics providers to ensure they are policy-compliant. When notified of our findings, they reviewed GoPuff and Appsee and took the appropriate actions.” Panoptispy 35

  36. Screen Capturing • Testfairy • Screenshots of app while in use • Library intended for beta testing • App was not a beta version in the Google Play store • User not informed of recording, not given a prompt to consent to beta testing Panoptispy 36

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Tech Training AUDIO The audio quality of your video itself does not matter as we will

Tech Training AUDIO The audio quality of your video itself does not matter as we will

Tech Training AUDIO The audio quality of your video itself does not matter as we will overlay the mp3 in the editing process. Be sure to submit the same mp3 you used when taping your video. CAMERA Recommend to shoot in a

213 views • 7 slides
www.baconcoach.com/learn Video & Audio Multi Media Content www.baconcoach.com/learn Video

www.baconcoach.com/learn Video & Audio Multi Media Content www.baconcoach.com/learn Video

TRAINING - Video & Audio www.baconcoach.com/learn Video & Audio Multi Media Content www.baconcoach.com/learn Video Video is an electronic medium for the recording, copying, playback, broadcasting, and display of moving visual

683 views • 46 slides
Audio Video Power Conditioners Setting a New Standard for Audio Video Power Conditioners Made In

Audio Video Power Conditioners Setting a New Standard for Audio Video Power Conditioners Made In

Audio Video Power Conditioners Setting a New Standard for Audio Video Power Conditioners Made In Canada T ORUS P OWER : B UILT IN C ANADA BY P LITRON Plitron Manufacturing: 30 years of experience designing and manufacturing toroidal

577 views • 26 slides
Immersiveness of Audio Implementations across Video Game Engines Presented by Mark Schlax

Immersiveness of Audio Implementations across Video Game Engines Presented by Mark Schlax

Immersiveness of Audio Implementations across Video Game Engines Presented by Mark Schlax Outline Refresher of Acoustics What is a Video Game Engine? Why Real Time Audio is Difficult Audio Emulation Across Engines Audio

464 views • 17 slides
Audio, Video, Film Pathway Skills: High School Credits: 3 CTAE Pathway Credits Students will

Audio, Video, Film Pathway Skills: High School Credits: 3 CTAE Pathway Credits Students will

Audio, Video, Film Pathway Skills: High School Credits: 3 CTAE Pathway Credits Students will learn Adobe CC to Audio, Video, and Film I include: Premiere and After Audio, Video, and Film II Effects. Audio, Video, and Film III 1 English

520 views • 5 slides
Procedural Audio for Video Games: Are we there yet ? Nicolas Fournel Principal Audio

Procedural Audio for Video Games: Are we there yet ? Nicolas Fournel Principal Audio

Procedural Audio for Video Games: Are we there yet ? Nicolas Fournel Principal Audio Programmer Sony Computer Entertainment Europe Overview What is procedural audio ? How can we implement it in games ? Pre-production Design

903 views • 68 slides
ConferenceXP Jos Feghali TCU School of Music, with Fred Videon University of Washington

ConferenceXP Jos Feghali TCU School of Music, with Fred Videon University of Washington

ConferenceXP Jos Feghali TCU School of Music, with Fred Videon University of Washington Video conferencing with compressed or uncompressed audio Independent compression settings for video/audio Sync audio/video with audio

384 views • 10 slides
VLC audio/video outputs Linux.conf.au Multimedia & Music R emi Denis-Courmont VideoLAN

VLC audio/video outputs Linux.conf.au Multimedia & Music R emi Denis-Courmont VideoLAN

VLC audio/video outputs Linux.conf.au Multimedia & Music R emi Denis-Courmont VideoLAN project Auckland, 12th January 2015 Outline Pipeline Audio output Video output Forewords Pipeline Audio output Video output End Note well

670 views • 40 slides
First experiments in audio/video features for phoneme recognition Petr Motl cek FIT VUT

First experiments in audio/video features for phoneme recognition Petr Motl cek FIT VUT

First experiments in audio/video features for phoneme recognition Petr Motl cek FIT VUT Brno, motlicek@fit.vutbr.cz M4 meeting in Prague, January 22nd - 23rd 2004 Introduction Data: M4 IDIAP, 41 min., audio-video data (training,

360 views • 6 slides
Introduction to Web Design Web Audio and Video Introduction to Web Design Web Audio and Video

Introduction to Web Design Web Audio and Video Introduction to Web Design Web Audio and Video

Introduction to Web Design Web Audio and Video Introduction to Web Design Web Audio and Video Sound consists of pressure waves moving through air. Sound Without air, there is no sound. Our ears are sensitive to pressure waves and transmit

630 views • 10 slides
Create PowerPoint Audio and Video V0B August 2020 V0B V0B Schield: 2020 PPTX Create Audio-Video

Create PowerPoint Audio and Video V0B August 2020 V0B V0B Schield: 2020 PPTX Create Audio-Video

Create PowerPoint Audio and Video V0B August 2020 V0B V0B Schield: 2020 PPTX Create Audio-Video 1 Schield: 2020 PPTX Create Audio-Video 2 PowerPoint: Record Audio: Create Audio and Video Overview by There are two ways to record audio in

171 views • 15 slides
One Thing Is Certain, You Need To Plan June 23, 2020 Tech Norms Presenter video and audio

One Thing Is Certain, You Need To Plan June 23, 2020 Tech Norms Presenter video and audio

Scenario Planning: During Uncertain Times, One Thing Is Certain, You Need To Plan June 23, 2020 Tech Norms Presenter video and audio on/off as needed Attendee video and audio off, except during breakout session Use chat

435 views • 29 slides
OUR SERVICES They are on the cutting edge of the most popular technologies of mankind. TRAINING

OUR SERVICES They are on the cutting edge of the most popular technologies of mankind. TRAINING

OUR SERVICES They are on the cutting edge of the most popular technologies of mankind. TRAINING AND AUDIO/VIDEO EMPLOYEE TRADE PERSONAL LINK RELATIONS AUTOMATION DEVELOPMENT AUDIO/VIDEO LINK PAYCHAT from INAI Text/Audio/Video Chat with

450 views • 7 slides
Beyond Audio & Video Beyond Audio & Video Beyond Audio & Video the Internet was the

Beyond Audio & Video Beyond Audio & Video Beyond Audio & Video the Internet was the

University of North Carolina at University of North Carolina at University of North Carolina at Multimedia Networking Multimedia Networking Chapel Hill Beyond Audio and Video Beyond Audio and Video Chapel Hill Chapel Hill Support for

508 views • 7 slides
360 and 3DoF+ video Wo Workshop on Coding Technologies for Immersive Audio/Visual Experiences

360 and 3DoF+ video Wo Workshop on Coding Technologies for Immersive Audio/Visual Experiences

360 and 3DoF+ video Wo Workshop on Coding Technologies for Immersive Audio/Visual Experiences Bart Kroon Philips Research Eindhoven July 10, 2019 Introduction In 360 video: ability to look around (regular or stereo) 3DoF+ video:

669 views • 31 slides
3D VIDEO SYSTEMS Fernando Pereira Audio and Video Communication, Fernando Pereira, 2014/2015

3D VIDEO SYSTEMS Fernando Pereira Audio and Video Communication, Fernando Pereira, 2014/2015

3D VIDEO SYSTEMS Fernando Pereira Audio and Video Communication, Fernando Pereira, 2014/2015 Its a 3D World ! Audio and Video Communication, Fernando Pereira, 2014/2015 Context and Motivation Strong interest in 3D services Increasing

1.47k views • 88 slides
Simple set-up to lvss.edu.sg & Google Suite for Education Content 1. Logging into Google

Simple set-up to lvss.edu.sg & Google Suite for Education Content 1. Logging into Google

Simple set-up to lvss.edu.sg & Google Suite for Education Content 1. Logging into Google with lvss.edu.sg 2. Securing the lvss.edu.sg e-mail 3. Logging into Google Classroom and Joining a Class 4. Submission of Assignment in Google

650 views • 33 slides
Life after App Uninstallation: Are the Data Still Alive? Data Residue Attacks on Android Xiao

Life after App Uninstallation: Are the Data Still Alive? Data Residue Attacks on Android Xiao

Life after App Uninstallation: Are the Data Still Alive? Data Residue Attacks on Android Xiao Zhang, Kailiang Ying, Yousra Aafer, Zhenshen Qiu, and Wenliang Du App Life Installation Interaction Uninstallation But, what if Windows

187 views • 16 slides
Google Docs: Presentation basics Once you know the basics on how to access, create, and edit

Google Docs: Presentation basics Once you know the basics on how to access, create, and edit

Google Docs: Presentation basics Once you know the basics on how to access, create, and edit Google Docs, read here to learn the basics that apply specifically to Google Docs presentations. Before we start... Youre probably already good to

351 views • 7 slides
SIGMOD VIABILITY REVIEW March 2013 Yannis Ioannidis, Chair Christian S. Jensen, Vice-Chair Alex

SIGMOD VIABILITY REVIEW March 2013 Yannis Ioannidis, Chair Christian S. Jensen, Vice-Chair Alex

SIGMOD VIABILITY REVIEW March 2013 Yannis Ioannidis, Chair Christian S. Jensen, Vice-Chair Alex Labrinidis, Secretary/Treasurer Financial Summary SIGMOD finances are strong 2014 fund balance projection: $1.2M, $750K over requirement

354 views • 6 slides
(Android) https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2

(Android) https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2

(Android) https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2 (iPhone) https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8 (Android)

365 views • 13 slides
Cloud of Suspicion Scaling Up Phishing campaigns Using Google Apps Scripts MAOR BIN NOVEMBER

Cloud of Suspicion Scaling Up Phishing campaigns Using Google Apps Scripts MAOR BIN NOVEMBER

Cloud of Suspicion Scaling Up Phishing campaigns Using Google Apps Scripts MAOR BIN NOVEMBER 2017 Overview Google Apps Scripts Overview Google Apps Scripts A scripting language based on JavaScript that lets you automate actions with

268 views • 15 slides
STINUS Standardised Transfer of INformation about Users Service David Simonsen Mads Freek

STINUS Standardised Transfer of INformation about Users Service David Simonsen Mads Freek

STINUS Standardised Transfer of INformation about Users Service David Simonsen Mads Freek Petersen Hub and spoke Single login, Single sign on provisioning on the fly Systems Institutions 1 Login X WAYF 2 Login Y RASMUS Remote Access

496 views • 12 slides
From a pipeline to a government cloud Toby Lorne SRE @ GOV.UK Platform-as-a-Service

From a pipeline to a government cloud Toby Lorne SRE @ GOV.UK Platform-as-a-Service

From a pipeline to a government cloud Toby Lorne SRE @ GOV.UK Platform-as-a-Service www.toby.codes github.com/tlwr github.com/alphagov From a pipeline to a government cloud How the UK government deploy a Platform-as-a-Service using

978 views • 75 slides

More recommend