JOURNAL BROWSE
Search
Advanced SearchSearch Tips
A Study on the Vulnerability of Security Keypads in Android Mobile Using Accessibility Features
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
A Study on the Vulnerability of Security Keypads in Android Mobile Using Accessibility Features
Lee, Jung-Woong; Kim, In-Seok;
  PDF(new window)
 Abstract
As the fintech industry is growing at an incredible rate, mobile phones are positioned as the most important tool for financial transaction. However, with a rising number of malware applications, the types of attack and illegal access to mobile device are becoming more diverse and sophisticated. This paper studies the potential keylogger attack by exploiting the Accessibility Service in Android framework. This type of attack allows the malicious individual to use keylogger on the victim`s Android mobile phone to steal passwords during mobile financial transaction regardless of security keypad setting. Lastly the paper proposes solutions to counter these types of attack by verifying the accessibility usage and amending the application guideline for accessibility.
 Keywords
Accessibility Service;Smartphone Security;Security Keypads;
 Language
Korean
 Cited by
 References
1.
"Android and iOS Squeeze the Competition", IDC, 2015.2.24., http://www.idc.com/ getdoc.jsp?containerId=prUS25450615

2.
"2015 Mobile Security Threat Expectation Trend Big 4", Ahnlab, 2015.1.6., http://asec.ahnlab.com/1018

3.
Yunho Lee, "An Analysis on the Vulnerabi lity of Secure Keypads for Mobile Device," Journal of Korean Society for Internet Information, 14(3), pp.15-21, June. 2013

4.
Android Accessibility, https://support.google.com/accessibility/android/answer/6006564?hl=ko

5.
Web Standards Darum, "Android Accessi bility-TalkBack" http://darum.daum.net/accessibility/tools/android

6.
Android Developers, "Building Accessibil ity Services" https://developer.android.com/guide/topics/ui/accessibility/services.html

7.
Accessibility Service, https://developer. android.com/reference/android/accessibilityservice/AccessibilityService.html

8.
Accessibility Event, http://developer.an droid.com/reference/android/view/accessibility/AccessibilityEvent.html

9.
Kakao Talk, https://play.google.com/store/apps/details?id=com.kakao.talk

10.
360 Security, https://play.google.com/store/apps/details?id=com.qihoo.security

11.
MSIP Framework Act on National Informatization, http://www.law.go.kr/lsInfo P.do?lsiSeq=162070&efYd=20141119# AJAX

12.
MSIP Mobile Application Accessibility Guideline, http://www.law.go.kr/conAd mrulByLsPop.do?&lsiSeq=162070&joNo=0032&joBrNo=00&datClsCd=010102&dguBun=DEG&#AJAX