Please use this identifier to cite or link to this item:
Title: An advertising overflow attack against android exposure notification system impacting COVID-19 contact tracing applications
Authors: Faria, Henrique
Paiva, Sara
Pinto, Pedro
Keywords: Attack
Denial of service
Contact tracing
Exposure notification
Issue Date: 2021
Citation: Faria, H., Paiva, S., & Pinto, P. (2021). An advertising overflow attack against android exposure notification system impacting COVID-19 contact tracing application. IEEE Access, 9, 103365-103375.
Abstract: The digital contact tracing applications are one of the many initiatives to fight the COVID-19 virus. Some of these Apps use the Exposure Notification (EN) system available on Google and Apple’s operating systems. However, EN-based contact tracing Apps depend on the availability of Bluetooth interfaces to exchange proximity identifiers, which, if compromised, directly impact their effectiveness. This paper discloses and details the Advertising Overflow attack, a novel internal Denial of Service (DoS) attack targeting the EN system on Android devices. The attack is performed by a malicious App that occupies all the Bluetooth advertising slots in an Android device, effectively blocking any advertising attempt of EN or other Apps. The impact of the disclosed attack and other previously disclosed DoS-based attacks, namely Battery Exhaustion and Storage Drain, were tested using two target smartphones and other six smartphones as attackers. The results show that the Battery Exhaustion attack imposes a battery discharge rate 1.95 times higher than in the normal operation scenario. Regarding the Storage Drain, the storage usage increased more than 30 times when compared to the normal operation scenario results. The results of the novel attack reveal that a malicious App can prevent any other App to place their Bluetooth advertisements, for any chosen time period, thus canceling the operation of the EN system and compromising the efficiency of any COVID contact tracing App using this system.
ISSN: 2169-3536
Appears in Collections:ESTG - Artigos indexados à WoS/Scopus

Files in This Item:
File Description SizeFormat 
2021_3.pdf1.43 MBAdobe PDFView/Open

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.