NORMA eResearch @NCI Library

YARA Based Defence Mechanism Against NFC Based Attacks For Android Devices

Ningappa, Siddesh (2020) YARA Based Defence Mechanism Against NFC Based Attacks For Android Devices. Masters thesis, Dublin, National College of Ireland.

[img]
Preview
PDF (Master of Science)
Download (2MB) | Preview
[img]
Preview
PDF (Configuration manual)
Download (994kB) | Preview

Abstract

After the advent of Near field Technology[NFC] in 2003, it has made a revolution in the field of contactless communication. NFC chips have been implemented in ATM cards, Travel cards tags etc. Smartphones have NFC hardware which supports reading and writing operation to these NFC chips. Another major implementation in the field of marketing is NFC tags. These tags are attached to products just like how bar-codes are attached. These tags are lightweight and can carry information such as phone number, URL etc. The URL could be a link to download mobile application or a link to their products page. When an NFC enabled Android device is in the proximity of such tags, browser makes a request to the URL embedded in these tags. Such tags can be overwritten effortlessly. An attacker can stick NFC tags to any product in the supermarket. These tags may contain malicious URLs and might potentially lead to a malware download source. Scanning such tags will result in Phishing attack. These tags increase the attack surface on android platform and introduce challenges in identifying the source of attack. Embedded malicious links to tags may become fatal for the security posture of the Android device and availability of the data to users .In this paper we will discuss about detection and prevention of such NFC based attacks by leveraging Yet Another Recursive/Ridiculous Acronym(YARA) rules and Virustotal’s reliable threat databases.
Keywords : NFC tags, Mobile Security, YARA, NFC attacks. NDEF security, Android Security

Item Type: Thesis (Masters)
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science

Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Dan English
Date Deposited: 27 Jan 2021 17:08
Last Modified: 27 Jan 2021 17:08
URI: http://norma.ncirl.ie/id/eprint/4506

Actions (login required)

View Item View Item