Inside Job: Understanding and Mitigating the Threat of External Device Mis-Binding on Android presented at NDSS 2014

by Xiaofeng Wang, Xiaoyong Zhou, Carl Gunter, Muhammad Naveed, Soteris Demetriou,

Summary : We found that today’s Android design allows an app with a Bluetooth permission to gain unauthorized access to any Bluetooth devices (particularly healthcare devices) and also misbind the phone with an attack device to inject data to the official apps of the original devices. We also developed an OS-level protection to address this new challenge.