We apologize for a recent technical issue with our email system, which temporarily affected account activations. Accounts have now been activated. Authors may proceed with paper submissions. PhDFocusTM
CFP last date
20 November 2024
Call for Paper
December Edition
IJCA solicits high quality original research papers for the upcoming December edition of the journal. The last date of research paper submission is 20 November 2024

Submit your paper
Know more
Reseach Article

Mobile OS Security and Threats: A Critical Review

by Ahmad Talha Siddiqui, Mudasir M Kirmani, Abdul Wahid
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 86 - Number 9
Year of Publication: 2014
Authors: Ahmad Talha Siddiqui, Mudasir M Kirmani, Abdul Wahid
10.5120/15011-3293

Ahmad Talha Siddiqui, Mudasir M Kirmani, Abdul Wahid . Mobile OS Security and Threats: A Critical Review. International Journal of Computer Applications. 86, 9 ( January 2014), 8-13. DOI=10.5120/15011-3293

@article{ 10.5120/15011-3293,
author = { Ahmad Talha Siddiqui, Mudasir M Kirmani, Abdul Wahid },
title = { Mobile OS Security and Threats: A Critical Review },
journal = { International Journal of Computer Applications },
issue_date = { January 2014 },
volume = { 86 },
number = { 9 },
month = { January },
year = { 2014 },
issn = { 0975-8887 },
pages = { 8-13 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume86/number9/15011-3293/ },
doi = { 10.5120/15011-3293 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:03:45.138395+05:30
%A Ahmad Talha Siddiqui
%A Mudasir M Kirmani
%A Abdul Wahid
%T Mobile OS Security and Threats: A Critical Review
%J International Journal of Computer Applications
%@ 0975-8887
%V 86
%N 9
%P 8-13
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

The adoption of Smartphone's in daily lives is transforming from simple communication to smart and the use of these multipurpose devices is rapidly increasing. The main reason for the increase in the Smartphone usage is their small size, their enhanced functionality and their ability to host many useful and attractive applications. However, this vast use of mobile platform makes these smart devices a soft target for security attacks and breach of privacy. The cases about the attacks on personal mobiles phones are on the rise which is a motivation for developing Smartphone application with better effective and efficient security measures to mitigate the impact of possible threats. This paper examines the feasibility of malware development in Smartphone platforms by average programmers that have access to the official tools and programming libraries provided by Smartphone platforms. In this paper comparison of Smartphones like Android, Blackberry, Apple iOS, Symbian, Window Mobile is given based on the specific evaluation criterions used for assessing the security level.

References
  1. A. Shabtai, Y. Fledel, U. Kanonov, Y. Elovici,S. Dolev, and C. Glezer. Google Android: A Comprehensive Security Assessment. IEEE Security & Privacy, 8(2):35 –44, Mar. 2010.
  2. G. Lawton, "Is It Finally Time to Worry about Mobile Malware?" IEEE Computer, vol. 41, no. 5, 2008.
  3. J. Anderson, J. Bonneau, and F. Stajano. Inglorious Installers: Security in the Application Marketplace. In Proceedings of the 9th Workshop on the Economics of Information Security, 2010.
  4. J. Bickford et al. , "Rootkits on Smart Phones: Attacks, Implications and Opportunities," in Workshop on Mobile Computing Sys. and Appl. (HotMobile'10). ACM, 2010.
  5. Egele, M. , Kruegel, C. , Kirda, E. , Vigna, G. : Pios: Detecting privacy leaks in iOS application. In: Network and distributed System Security Symposium (2011).
  6. Enck, W. , Gilbert, P. , Chun, G. , Cox, P. , Jung, J. , McDaniel, p. , Sheth, N. :Taintdroid: an information-flow tracking system for real time privacy monitoring on smartphone. In: 9th USENIX Symposium on Operating System Design and Implementation (OSDI), pp. 1-6. USENIX Association (2010).
  7. J. Oberheide and F. Jahanian, "When Mobile is Harder Than Fixed (and Vice Versa): Demystifying Security Challenges in Mobile Environments," in Workshop on Mobile Computing Systems and Applications (HotMobile), February 2010.
  8. M. Egele et al. , "PiOS: Detecting Privacy Leaks in iOS Applications," in Network and Distributed System Security Symposium (NDSS), Feb. 2011.
  9. N. Leavitt, "Mobile Phones: The Next Frontier for Hackers?" IEEE Computer, vol. 38, no. 4, 2005.
  10. Gartner: Market Share: Mobile Communication Devices by Region and Country, 3Q11. Technical Report(2011).
  11. Hogben, G. , Dekkar, M . : Smartphone : Information Security Risks, Opportunities and Recommendation for users. Technical Report. ENISA (December 2010).
  12. Hypponen, M. : Malware goes Mobile. Scientific American 295(5),70-77(2006).
  13. iOS dev center, http://developer. apple. com/devcenter/ios/
  14. java code signing keys, http://us. blackberry. com/developers/javaappdev/codekeys. jsp
  15. P. Zheng and L. M. Ni, "The Rise of the Smart Phone," IEEE Distributed Systems Online, vol. 7, no. 3, 2006.
  16. Lineberry, A. , Richardson, D. , Wyatt, T. : These aren't the Permissions you are looking for. Technical Report, DEFCON(2010).
  17. W. Enck, M. Ongtang, and P. McDaniel. Understanding Android Security. IEEE Security & Privacy,7(1):50–57, 2009.
  18. Stephen Smalley, Robert Craig, "Security Enhanced (SE) Android: Bringing Flexible MAC to Android, april 23, 2013.
  19. Mobile Privacy, http://www. gsmworld. com/our-work/public-policy/mobile_privacy. htm.
  20. Mylonas, A. , Dritsas, S. , Gritzalis, D. : A Secure Smartphone Security Evaluation: The Malware Attack Case. In: Samarati, P . , lopez, j (eds) International Conference of Security and Cryptography (SECRYPT'11), pp. 25-36. Scitechpress(2011).
  21. Mylonas, A. , Tsoumas, B. , Dritsas, S. , Gritzalis, D. : A Secure Smartphone Application Roll-out Scheme. In: furnell,s. , lambrinoudakis,C. , pernul, g (eds) Trust, Privacy and Security in Digital Business (TrustBus). LNCS vol. 6863. Pp. 49-61. Springer berlin/Heidelberg(2011).
  22. Fu Cai, Huang Qingfeng, Han LanSheng, Shen Li and Liu Xiao-Yang, "Virus propagation power of the dynamic network, springer EURASIP, 2013.
  23. Security And Permission, http://developer. android. com/guide/topics/security/security. htm.
  24. Andre Egners, Bjorn Marscholleck and Ulrike Meyer, "Messing with Android's Permission Model, IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communication page no : 505-514, april 2012.
  25. security overview, http://docs. blackberry. com/en/developers/deliverables/21091/security_overview_1304155_11. jsp.
  26. Security Policy Settings, http://msdn. microsoft. com/en-us/library/bb416355. aspx.
  27. Seriot, N . : iphone Privacy. Technical Report, Black Hat DC(2010).
  28. Xuetao Wei, Lorenzo Gomez, Ililian Neamtiu, Michalis Faloutsos, "Permission Evolution in the Android Ecosystem, ACM ACSAC, Dec: 3-7, 2012.
  29. David Bareera, Jeremy Clark, Daniel McCarney, "Understanding and Improving App Installation Security Mechanisms through Empirical Analysis of Android, ACM SPSM oct 19, 2012.
  30. Paul Pearce, Adrienne Porter Felt, Gabriel Nunez, David Wagner, "AdDroid: Privilege Separation for Applications and Advertisers in Android, ACM CCS, 2012.
  31. Windows Mobile Device Security Model, http://msdn. microsoft. com/en-us/library/bb416353. aspx
  32. Pern Hui Chia, Yusuke Yamamoto, N. Asokan, "Is this App Safe? A Large Scale Study on Application Permissions and Risk Signals", ACM, IW3C2 april 16-20, 2012.
  33. http://android. developers. blogspot. com/2010/06/exercising-our-remote-application. html
  34. http://developer. android. com/resources/dashboard/platform-versions. html
  35. http://developer. android. com/guide/topic/security/security. html
  36. http://us. blackberry. com/developers/javaappdev/ codekeys. jsp.
  37. http://docs. blackberry. com/en/developers/deliverables/21091/ Security_overview_1304155_11. jsp
  38. https://www. symbiansigned. com/app/page
  39. http://developer. apple. com/devcenter/ios/
  40. http://developer. apple. com/programs/ios/
  41. http://msdn. microsoft. com/en-us/windowsmobile/dd569132. aspx
Index Terms

Computer Science
Information Sciences

Keywords

Smartphone Security Malware Attack Evaluation Criteria Operating System