Security Threats to Mobile Multimedia Applications: Camera-Based Attacks on Mobile Phones android project free download

Security Threats to Mobile Multimedia Applications: Camera-Based Attacks on Mobile Phones android project free download 

Security Threats to Mobile Multimedia Applications: Camera-Based Attacks on Mobile Phones

ABSTRACT:

Today’s mobile smartphones are very power ful, and many smartphone applications use wireless multimedia communications. Mobile phone security has become an important aspect of security issues in wireless multimedia communications. As the most popular mobile operating system, Android security has been extensively studied by researchers. However, few works have studied mobile phone multimedia security. In this article, we focus on security issues related to mobile phone cameras. Specifically, we discover several new attacks that are based on the use of phone cameras. We implement the attacks on real phones, and demonstrate the feasibility and effectiveness of the attacks. Furthermore, we propose a lightweight defense scheme that can effectively detect these attacks.

EXISTING SYSTEM:

Several video-based attacks targeted at keystrokes have been proposed. The attacks can obtain user input on touch screen smartphones. Maggi et al. [4] implement an automatic shoulder surfing attack against modern touch-enabled smartphones. The attacker deploys a video camera that can record the target screen while the victim is entering text. Then user input can be reconstructed solely based on the keystroke feedback displayed on the screen. However, this attack requires an additional camera device, and issues like how to place the camera near the victim without catching an alert must be considered carefully.

DISADVANTAGES OF EXISTING SYSTEM:

Moreover, it works only when visual feedback such as magnified keys are available.

PROPOSED SYSTEM:

In this article, we first conduct a survey on the threats and benefits of spy cameras. Then we present the basic attack model and two camera-based attacks: the remote-controlled real-time monitoring attack and the passcode inference attack. We run these attacks along with popular antivirus software to test their stealthiness, and conduct experiments to evaluate both types of attacks. The results demonstrate the feasibility and effectiveness of these attacks. Finally, we propose a lightweight defense scheme.In this work, we are able to hide the whole camera app in Android. Moreover, we implement advanced forms of attacks such as remote-controlled and real-time monitoring attacks. We also utilize computer vision techniques to analyze recorded videos and infer passcodes from users’ eye movements.

ADVANTAGES OF PROPOSED SYSTEM:

The main challenge is to make the attacks run stealthily and silently so that they do not cause a user alert.

MODULES:

1.     Remote-Controlled Real-Time Monitoring Attack

2.     Video-Based Passcode Inference Attack

3.     Application-Oriented Attack

4.     Video-Based Eye Tracking

MODULES DESCRIPTION:

Remote-Controlled Real-Time Monitoring Attack:

We discuss the remote-con-trolled real-time monitoring attack, which could pose a big threat to a phone user’s privacy: daily activities and surrounding environment are all under the eye of the attacker. Camera-based attacks can be detected when multiple apps request the camera device at the same time or if the camera is being used by another app. But this can easily be avoided by selecting the time to launch attack. The malicious camera app can periodically check the screen status and run the stealthy video recording only when the screen is off, which means that the user is not using the phone and the camera device is idle. The status of the phone screen can be obtained by registering two broadcast receivers, ACTION_SCREEN_ON and ACTION_ SCREEN_OFF.

Video-Based Passcode Inference Attack:

When typing, users tend to keep a short distance to the screen, which allows the phone (front) camera to have a clear view of a user’s eye movements. A user’s eyes move along with the keys being touched, which means that tracking the eye movement could possibly tell what the user is entering. Thus, it is of great importance to investigate whether an attacker could obtain a phone user’s passcode by tracking the eye movements. As computer vision techniques are advancing and becoming more accurate, an offline processing of the video can extract the eye position in each frame and draw the path of eye movements, which means that an attacker could infer the passcode based on the video captured by a spy camera app. In this section, we discuss two types of camera attacks for inferring passcodes. We also discuss the computer vision techniques for eye tracking that can be utilized in the attacks.

Application-Oriented Attack:

First, the detection service of a spy camera app must be launched beforehand, by either tempting the user to run the app or registering an ACTION_BOOT_COMPLETED receiver to launch when booting is finished. The

RECEIVE_BOOT_COMPLETED permission is a commonly requested permission that would not be considered dangerous. Second, polling task lists frequently leads to extra consumption of energy resource. To improve the efficiency of scanning, the detection service is active only when a user is using the phone. As mentioned before, this can be determined by screen status. The detection service will cease when the screen is off and continue when the screen lights up again. Moreover, the scanning frequency should be set properly. In a phishing attack, a malicious app needs to poll the running task list every 5 ms to prevent the user from noticing that a new window (the fake app) has replaced the original one. In our phone camera attack, the view is totally translucent to users, so that worry is unnecessary. However, we still need to keep the frequency at around two scanning’s per second; otherwise, the attack may happen after the user starts entering the passcode (which makes the attack unsuccessful).

Video-Based Eye Tracking Method:

In the eye tracking field, two types of imaging approaches are commonly used: visible and infrared spectrum imaging. Visible spectrum imaging passively utilizes the ambient light reflected from the eye, while infrared spectrum imaging is able to eliminate uncontrolled specular reflection with active infrared illumination. Although infrared spectrum eye tracking is more accurate, most smartphones today are not equipped with infrared cameras. Hence, we focus on visible spectrum eye tracking. For images captured by visible spectrum imaging, often the best feature to track is the contour between iris and sclera known as the limbus.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS:

Ø System                           :         Pentium IV 2.4 GHz.

Ø Hard Disk                       :         40 GB.

Ø Floppy Drive                   :         1.44 Mb.

Ø Monitor                          :         15 VGA Colour.

Ø Mouse                            :         Logitech.

Ø Ram                               :         512 Mb.

Ø MOBILE                        :         ANDROID

SOFTWARE REQUIREMENTS:

Ø Operating system   :         Windows XP/7.

Ø Coding Language   :         Java 1.7

Ø Tool Kit                :         Android 2.3 ABOVE

Ø IDE                       :         Eclipse

VIDEO OUTPUT

Author : ss infotech

Share this

Related Posts