Mobile Application Security: Malware Threats and Defenses
7 Pages6648 Words56 Views
Added on 2023-06-11
About This Document
This article discusses why smartphones are vulnerable to security attacks, presents malicious behavior and threats of malware, and reviews the existing malware prevention and detection techniques.
Mobile Application Security: Malware Threats and Defenses
Added on 2023-06-11
ShareRelated Documents
IEEE Wireless Communications • February 2015138 1536-1284/15/$25.00 © 2015 IEEE
Daojing He is with Shang-
hai Key Lab for Trustwor-
thy Computing, East China
Normal University and
State Key Laboratory of
Power Transmission
Equipment & System Secu-
rity and New Technology,
Chongqing University.
Sammy Chan is with City
University of Hong Kong.
Mohsen Guizani is with
Qatar University.
A C C E P T E D F R O M O P E N C A L L
INTRODUCTION
Compared to traditional mobile phones, which
mainly provide mobile telephony functions,
smartphones are general-purpose handheld com-
puting and communications devices that support
multimedia communications and applications for
entertainment and work. Due to this quantum
jump in functionality, the rate of upgrading tra-
ditional mobile phones to smartphones is
tremendous. According to the IDC (Internation-
al Data Corporation) Worldwide Quarterly
Mobile Phone Tracker, worldwide shipment of
smartphones in 2013 surpassed one billion units,
which is a record yearly shipment figure [1].
The rapid growth of the global smartphone
market in the coming years will also be acceler-
ated by the increasing business use of smart-
phones. Besides the traditional corporate-liable
model, the new employee-liable BYOD (bring
your own device) model is gaining acceptance in
enterprises throughout the world. According to
its studies, IDC believes that in 2013, 132.3 mil-
lion and 61.4 million smartphones were used as
employee-liable and corporate-liable devices,
respectively. This is a 50.3 percent and 18.5 per-
cent growth rate compared to the 2012 ship-
ments for the two models. Moreover, shipment
of employee-liable and corporate-liable smart-
phones in 2017 are expected to reach 328.4 and
88 million units, respectively [2].
One of the distinct features of smartphones is
that they allow users to install and run third-
party application programs, which are usually
referred to as apps. They significantly broaden
the functionality boundary of smartphones and
hence enrich the user experience. These applica-
tions are officially distributed via online stores
referred to as app markets — Apple App Store
for the iOS platform and Google Play Store for
the Android platform. These markets provide a
convenient venue for app developers to dis-
tribute their apps and for users to explore and
download new apps. This has driven the tremen-
dous development rate of apps in recent years.
For instance, by September 2012 the Google
Play Store and Apple App Store were home to
more than 650,000 and 700,000 apps, respectively.
Like other cyber systems, smartphones are
also vulnerable to malware, which are malicious
programs designed to run on infected systems
without their owners’ awareness. While users are
keen on downloading apps from app markets,
this provides hackers a convenient way to infect
smartphones with malware. For example, they
would repackage popular games with malware
and distribute them in the app markets. Very
often users are attracted to download the infect-
ed apps. A recent survey reported that 267,259
malware-infected apps have been found, among
which 254,158 reside on the Android platform [3].
It also suggested that the number of malware in
apps has increased by 614 percent since 2012.
There are also a variety of other ways for mal-
ware to infect targets [4]. Some malware are dis-
guised as the macros of files. Some are installed
through certain known vulnerabilities existing in
a network device or mobile platform. Some are
installed in victims’ smartphones when they click
a multimedia messaging service (MMS) message
or open an email attachment. In any case, mal-
ware can cause serious issues relating to infor-
mation security and data privacy, with severe
repercussions for users and even organizations.
In the remainder of this article we first dis-
cuss why smartphones are vulnerable to security
attacks and then present malicious behavior and
threats of malware. Then we review the existing
malware prevention and detection techniques.
We argue that efforts are required from app
D AOJING HE , S AMMY C HAN, AND M OHSEN GUIZANI
ABSTRACT
Due to the quantum leap in functionality, the
rate of upgrading traditional mobile phones to
smartphones is tremendous. One of the most
attractive features of smartphones is the avail-
ability of a large number of apps for users to
download and install. However, it also means
hackers can easily distribute malware to smart-
phones, launching various attacks. This issue
should be addressed by both preventive
approaches and effective detection techniques.
This article first discusses why smartphones are
vulnerable to security attacks. Then it presents
malicious behavior and threats of malware. Next,
it reviews the existing malware prevention and
detection techniques. Besides more research in
these directions, it points out efforts from app
developers, app store administrators, and users,
who are also required to defend against such
malware.
M OBILE A PPLICATION S ECURITY:
M ALWARE T HREATS AND D EFENSES
GUIZANI_LAYOUT.qxp_Author Layout 2/17/15 4:16 PM Page 138
Daojing He is with Shang-
hai Key Lab for Trustwor-
thy Computing, East China
Normal University and
State Key Laboratory of
Power Transmission
Equipment & System Secu-
rity and New Technology,
Chongqing University.
Sammy Chan is with City
University of Hong Kong.
Mohsen Guizani is with
Qatar University.
A C C E P T E D F R O M O P E N C A L L
INTRODUCTION
Compared to traditional mobile phones, which
mainly provide mobile telephony functions,
smartphones are general-purpose handheld com-
puting and communications devices that support
multimedia communications and applications for
entertainment and work. Due to this quantum
jump in functionality, the rate of upgrading tra-
ditional mobile phones to smartphones is
tremendous. According to the IDC (Internation-
al Data Corporation) Worldwide Quarterly
Mobile Phone Tracker, worldwide shipment of
smartphones in 2013 surpassed one billion units,
which is a record yearly shipment figure [1].
The rapid growth of the global smartphone
market in the coming years will also be acceler-
ated by the increasing business use of smart-
phones. Besides the traditional corporate-liable
model, the new employee-liable BYOD (bring
your own device) model is gaining acceptance in
enterprises throughout the world. According to
its studies, IDC believes that in 2013, 132.3 mil-
lion and 61.4 million smartphones were used as
employee-liable and corporate-liable devices,
respectively. This is a 50.3 percent and 18.5 per-
cent growth rate compared to the 2012 ship-
ments for the two models. Moreover, shipment
of employee-liable and corporate-liable smart-
phones in 2017 are expected to reach 328.4 and
88 million units, respectively [2].
One of the distinct features of smartphones is
that they allow users to install and run third-
party application programs, which are usually
referred to as apps. They significantly broaden
the functionality boundary of smartphones and
hence enrich the user experience. These applica-
tions are officially distributed via online stores
referred to as app markets — Apple App Store
for the iOS platform and Google Play Store for
the Android platform. These markets provide a
convenient venue for app developers to dis-
tribute their apps and for users to explore and
download new apps. This has driven the tremen-
dous development rate of apps in recent years.
For instance, by September 2012 the Google
Play Store and Apple App Store were home to
more than 650,000 and 700,000 apps, respectively.
Like other cyber systems, smartphones are
also vulnerable to malware, which are malicious
programs designed to run on infected systems
without their owners’ awareness. While users are
keen on downloading apps from app markets,
this provides hackers a convenient way to infect
smartphones with malware. For example, they
would repackage popular games with malware
and distribute them in the app markets. Very
often users are attracted to download the infect-
ed apps. A recent survey reported that 267,259
malware-infected apps have been found, among
which 254,158 reside on the Android platform [3].
It also suggested that the number of malware in
apps has increased by 614 percent since 2012.
There are also a variety of other ways for mal-
ware to infect targets [4]. Some malware are dis-
guised as the macros of files. Some are installed
through certain known vulnerabilities existing in
a network device or mobile platform. Some are
installed in victims’ smartphones when they click
a multimedia messaging service (MMS) message
or open an email attachment. In any case, mal-
ware can cause serious issues relating to infor-
mation security and data privacy, with severe
repercussions for users and even organizations.
In the remainder of this article we first dis-
cuss why smartphones are vulnerable to security
attacks and then present malicious behavior and
threats of malware. Then we review the existing
malware prevention and detection techniques.
We argue that efforts are required from app
D AOJING HE , S AMMY C HAN, AND M OHSEN GUIZANI
ABSTRACT
Due to the quantum leap in functionality, the
rate of upgrading traditional mobile phones to
smartphones is tremendous. One of the most
attractive features of smartphones is the avail-
ability of a large number of apps for users to
download and install. However, it also means
hackers can easily distribute malware to smart-
phones, launching various attacks. This issue
should be addressed by both preventive
approaches and effective detection techniques.
This article first discusses why smartphones are
vulnerable to security attacks. Then it presents
malicious behavior and threats of malware. Next,
it reviews the existing malware prevention and
detection techniques. Besides more research in
these directions, it points out efforts from app
developers, app store administrators, and users,
who are also required to defend against such
malware.
M OBILE A PPLICATION S ECURITY:
M ALWARE T HREATS AND D EFENSES
GUIZANI_LAYOUT.qxp_Author Layout 2/17/15 4:16 PM Page 138
IEEE Wireless Communications • February 2015 139
store administrators, app developers, researchers, and
users to defend against such malware. Finally,
we conclude with several outstanding security
issues that need further research work.
WHY SMARTPHONES ARE VULNERABLE ?
There are a number of factors that make smart-
phones vulnerable to security attacks, and these
are discussed below.
First, personal data are often stored in smart-
phones. In particular, since more and more users
carry out financial transactions such as online
banking and shopping from their smartphones,
some data can be very sensitive. Hackers can
have substantial financial gain from such sensi-
tive data and thus find smartphones to be lucra-
tive targets.
Second, more and more smartphones are
based on the Android platform. With Android’s
policy of open-source kernel, malware writers
can gain a deeper understanding of the mobile
platform. According to Google’s marketing strat-
egy, development of third-party apps is encour-
aged and publishing of apps is made easy to gain
market share. As a result, there are many oppor-
tunities for hackers to create and publish mal-
ware. At the same time, as users are in the habit
of downloading and installing apps for their
smartphones, the chances of installing malwares
increases as well.
Third, most users have the impression that
their smartphones are just mobile phones that
are installed with a wide variety of software for
communications and entertainment. They are
not sensitive to the fact that their smartphones
are essentially handheld computers that are vul-
nerable to cyber attacks. As a result, not enough
attention is paid to security measures.
In addition, with the advent of the hardware
and operating systems of smartphones, malware
writers are less constrained to implement their
malicious actions. Moreover, sometimes it is
convenient for adversaries to develop mobile
malware; they simply migrate PC malware to
smartphone platforms.
MALICIOUS BEHAVIOR AND
THREATS OF MALWARE
Mobile malwares are characterized by their
propagation behavior, remote control behavior,
and malicious attack behavior [5]. The propaga-
tion behavior refers to how malware may be
transmitted to the victims. The remote control
behavior indicates how the mobile malware
makes use of a remote server to further exploit
the infected device. The attack behavior refers
to how the malware, after infecting a victim’s
devices, attacks the devices via different commu-
nication channels (e.g. Bluetooth). A more
detailed description of the threats posed by mal-
ware is provided as follows.
Once malware is installed on smartphones, it
would try to gain access to the data stored in the
devices, interfere with the normal functions of
the devices, or open more security vulnerabilities
such as enabling unauthorized remote access. In
general, through malware, various types of
attacks can be launched. Typically, threats include
phishing, spyware, surveillance attacks, dialler-
ware attacks, financial malware attacks, worm-
based attacks, and botnets, as listed in Table 1.
Phishing Attacks — A phishing attack is a well-
known threat for PC users. Since this type of
attack does not need to attack the users’ systems
in any way, it is actually platform-independent
and readily applicable to smartphones. The mal-
ware only needs to contain URLs of faked web
sites, which masquerad as trusted web sites, to
steal personal information such as credit card
details. It has been found that approximately 25
percent of malware contains suspicious URLs.
There are several reasons for hackers to
choose smartphones to phish users. First, it is
easy to disguise infected apps as legitimate apps
and distribute them in app markets. Second,
smartphones tend to have a small screen, so it is
easier to disguise trust cues on which users rely
to decide whether it is risky to submit creden-
tials, for example, cues that indicate whether the
site is enabled by Secure Sockets Layer. Third,
there are various channels in smartphones that
hackers can use for phishing, e.g instant messag-
ing, short message service (SMS), and so on.
Fourth, users are often not aware that phishing
can be a risk on smartphones. Also, many users
trust their smartphones more than their PCs.
Spyware Attacks — Malware that covertly collects
users’ various information stored in their infect-
ed smartphones are referred to as spyware. The
Table 1. Typical attacks launched by malware.
Attack Description
Phishing
Users' credentials such as account details and
credit card numbers are collected by means of
apps, emails, or SMS, which seem to be genuine.
Spyware
Users' activities on the smartphones are being
monitored, which means personal information is
extracted or inferred. Compared to surveillance
attacks, spyware does not have specific targeted
victims.
Surveillance attacks
A specific user is under surveillance by means of
his/her infected smartphone, making use of the
built-in sensors.
Diallerware attacks
Users' money is stolen using the malware that
makes hidden calls to premium numbers or SMS
services.
Financial malware attacks
Such attacks aim to steal users' credentials from
the smartphones or perform man-in-the-middle
attacks on financial applications.
Worm-based attacks
A worm is a malware that duplicates itself, typi-
cally propagating from one device to another,
using different means through an existing net-
work without users' intervention.
Botnets
A botnet is a set of zombie devices that are
infected by malware so that a hacker can remote-
ly control them.
GUIZANI_LAYOUT.qxp_Author Layout 2/17/15 4:16 PM Page 139
store administrators, app developers, researchers, and
users to defend against such malware. Finally,
we conclude with several outstanding security
issues that need further research work.
WHY SMARTPHONES ARE VULNERABLE ?
There are a number of factors that make smart-
phones vulnerable to security attacks, and these
are discussed below.
First, personal data are often stored in smart-
phones. In particular, since more and more users
carry out financial transactions such as online
banking and shopping from their smartphones,
some data can be very sensitive. Hackers can
have substantial financial gain from such sensi-
tive data and thus find smartphones to be lucra-
tive targets.
Second, more and more smartphones are
based on the Android platform. With Android’s
policy of open-source kernel, malware writers
can gain a deeper understanding of the mobile
platform. According to Google’s marketing strat-
egy, development of third-party apps is encour-
aged and publishing of apps is made easy to gain
market share. As a result, there are many oppor-
tunities for hackers to create and publish mal-
ware. At the same time, as users are in the habit
of downloading and installing apps for their
smartphones, the chances of installing malwares
increases as well.
Third, most users have the impression that
their smartphones are just mobile phones that
are installed with a wide variety of software for
communications and entertainment. They are
not sensitive to the fact that their smartphones
are essentially handheld computers that are vul-
nerable to cyber attacks. As a result, not enough
attention is paid to security measures.
In addition, with the advent of the hardware
and operating systems of smartphones, malware
writers are less constrained to implement their
malicious actions. Moreover, sometimes it is
convenient for adversaries to develop mobile
malware; they simply migrate PC malware to
smartphone platforms.
MALICIOUS BEHAVIOR AND
THREATS OF MALWARE
Mobile malwares are characterized by their
propagation behavior, remote control behavior,
and malicious attack behavior [5]. The propaga-
tion behavior refers to how malware may be
transmitted to the victims. The remote control
behavior indicates how the mobile malware
makes use of a remote server to further exploit
the infected device. The attack behavior refers
to how the malware, after infecting a victim’s
devices, attacks the devices via different commu-
nication channels (e.g. Bluetooth). A more
detailed description of the threats posed by mal-
ware is provided as follows.
Once malware is installed on smartphones, it
would try to gain access to the data stored in the
devices, interfere with the normal functions of
the devices, or open more security vulnerabilities
such as enabling unauthorized remote access. In
general, through malware, various types of
attacks can be launched. Typically, threats include
phishing, spyware, surveillance attacks, dialler-
ware attacks, financial malware attacks, worm-
based attacks, and botnets, as listed in Table 1.
Phishing Attacks — A phishing attack is a well-
known threat for PC users. Since this type of
attack does not need to attack the users’ systems
in any way, it is actually platform-independent
and readily applicable to smartphones. The mal-
ware only needs to contain URLs of faked web
sites, which masquerad as trusted web sites, to
steal personal information such as credit card
details. It has been found that approximately 25
percent of malware contains suspicious URLs.
There are several reasons for hackers to
choose smartphones to phish users. First, it is
easy to disguise infected apps as legitimate apps
and distribute them in app markets. Second,
smartphones tend to have a small screen, so it is
easier to disguise trust cues on which users rely
to decide whether it is risky to submit creden-
tials, for example, cues that indicate whether the
site is enabled by Secure Sockets Layer. Third,
there are various channels in smartphones that
hackers can use for phishing, e.g instant messag-
ing, short message service (SMS), and so on.
Fourth, users are often not aware that phishing
can be a risk on smartphones. Also, many users
trust their smartphones more than their PCs.
Spyware Attacks — Malware that covertly collects
users’ various information stored in their infect-
ed smartphones are referred to as spyware. The
Table 1. Typical attacks launched by malware.
Attack Description
Phishing
Users' credentials such as account details and
credit card numbers are collected by means of
apps, emails, or SMS, which seem to be genuine.
Spyware
Users' activities on the smartphones are being
monitored, which means personal information is
extracted or inferred. Compared to surveillance
attacks, spyware does not have specific targeted
victims.
Surveillance attacks
A specific user is under surveillance by means of
his/her infected smartphone, making use of the
built-in sensors.
Diallerware attacks
Users' money is stolen using the malware that
makes hidden calls to premium numbers or SMS
services.
Financial malware attacks
Such attacks aim to steal users' credentials from
the smartphones or perform man-in-the-middle
attacks on financial applications.
Worm-based attacks
A worm is a malware that duplicates itself, typi-
cally propagating from one device to another,
using different means through an existing net-
work without users' intervention.
Botnets
A botnet is a set of zombie devices that are
infected by malware so that a hacker can remote-
ly control them.
GUIZANI_LAYOUT.qxp_Author Layout 2/17/15 4:16 PM Page 139
IEEE Wireless Communications • February 2015140
amount of personal data and sensitive informa-
tion stored in and processed by smartphones
makes them attractive targets for spyware. More-
over, covert channels are available in smart-
phones for returning collected information to
hackers. Sometimes, even when an app seems to
have a legitimate need to send data to the out-
side world, the permission settings of smart-
phones may not be granular enough to prevent
abuse of such a permission. For example, a
weather app can have the permission to send
location data to some weather information
servers, but if it is implanted with spyware, it can
abuse the permission by sending the same loca-
tion data to advertisement servers for spamming
marketing information [6].
Depending on the type of information being
collected, different levels of damage can be
incurred. In the above example where users’
location information is used to trigger spam
messages, users are only annoyed. However, if
more sensitive information is collected, more
serious damage can be done. For example, a
recent spyware in the Android platform, Zitmo,
is more dangerous than other common spyware.
It intercepts confirmation SMS sent by banks.
Such a SMS message may contain credentials of
the owner of the spied smartphone for Internet
banking. Using such information, the hacker can
carry out fraudulent transactions [7].
Surveillance Attacks — Smartphones are commonly
equipped with sensors such as a Global Position-
ing System (GPS) sensor, accelerometer, micro-
phone, and camera. Combined with the fact that
they are closely associated with their owners,
smartphones infected with suitable spyware can
be used to keep targeted users under surveil-
lance [6]. In particular, the GPS sensor is partic-
ularly useful as it can provide highly sensitive
personal information. There are already exam-
ples of legitimate apps that are exploited by
hackers to keep the targeted users under surveil-
lance. Moreover, even apps that are not originally
designed as spyware may be covertly configured
to support tracking.
Diallerware Attacks — As shown in Fig. 1, hackers
can incur financial charges to smartphone users
by diallerwares, which send premium-rate SMS
messages without users’ awareness. The original
purpose of premium-rate SMS messages and
calls were to provide value-added services such
as news and stock quotes, with the cost being
charged in the users’ phone bills. Premium-rate
calls are abused for the hacker’s profit under
this attack. Hackers lure owners of infected
smartphones into signing up premium-rate ser-
vices controlled by themselves. For example,
HippoSMS is an Android malware that sends
SMS messages to a premium-rated number. It
blocks SMS messages from service providers so
that users are not aware of the unwanted addi-
tional charges [7].
Financial Malware Attacks — Financial malware
aims to steal credentials from the smartphones
or perform man-in-the-middle attacks on finan-
cial applications. Similar to PCs, smartphones
are also vulnerable to financial malware. Finan-
cial malware may simply be a key-logger that
collects credit card numbers. In a more sophisti-
cated form, it may be an app impersonating a
real banking app. If users download and run the
app, the hacker can launch a man-in-the-middle
attack for banking transactions.
Worm-Based Attacks — A worm can damage and
compromise the security of smartphones. More-
over, it duplicates itself, typically propagating
from one device to another, using different
means through an existing network without the
users’ intervention. In fact, worms can be easily
spread by just one click to infect smartphones in
any part of the world with a large chance of suc-
cess. Moreover, as network function virtualiza-
tion will be introduced into next generation
mobile networks to reduce capital and operating
expenditures [8], worm-based attacks to the vir-
tualization environment and hence to smart-
phones are expected to increase.
Botnets — A botnet is a set of zombie devices
that are infected by malware so that hackers can
remotely control them. When a number of
smartphones are compromised and remotely
controlled, a mobile botnet is formed. Botnets
impose serious security threats to the Internet,
and most of them are used in organized crime,
launching attacks to gain money. Some examples
include sending spam, Denial-of-Service attacks,
or collecting information that can be used for
illegal purposes. Once a smartphone is infected,
it becomes a zombie for cyber attacks.
CHALLENGES
Compared to PCs, smartphones have very differ-
ent security principles. In particular, the security
problems on smartphones originate from the
integration of multiple technologies to access the
Internet. The following three factors distinguish
mobile security from traditional computer security:
• Mobility: devices are carried by their owners
and have high mobility. Therefore, they are
subject to the risk of being stolen or physically
tampered with.
• Strong personalization: normally, the device
owner is also its unique user.
• Strong connectivity: smartphones enable users
to access various Internet services. As a result,
devices can be infected by malware through
different channels.
Also, the limited resources of smartphones
are the most obvious difference from a PC. Lim-
ited CPU power, memory, and battery life
Figure 1. Diallerware attacks.
Premium charge
Infected smartphones Premium services’
provider
Hacker
Payments
Command bots to call
premium services Call premium
services
GUIZANI_LAYOUT.qxp_Author Layout 2/17/15 4:16 PM Page 140
amount of personal data and sensitive informa-
tion stored in and processed by smartphones
makes them attractive targets for spyware. More-
over, covert channels are available in smart-
phones for returning collected information to
hackers. Sometimes, even when an app seems to
have a legitimate need to send data to the out-
side world, the permission settings of smart-
phones may not be granular enough to prevent
abuse of such a permission. For example, a
weather app can have the permission to send
location data to some weather information
servers, but if it is implanted with spyware, it can
abuse the permission by sending the same loca-
tion data to advertisement servers for spamming
marketing information [6].
Depending on the type of information being
collected, different levels of damage can be
incurred. In the above example where users’
location information is used to trigger spam
messages, users are only annoyed. However, if
more sensitive information is collected, more
serious damage can be done. For example, a
recent spyware in the Android platform, Zitmo,
is more dangerous than other common spyware.
It intercepts confirmation SMS sent by banks.
Such a SMS message may contain credentials of
the owner of the spied smartphone for Internet
banking. Using such information, the hacker can
carry out fraudulent transactions [7].
Surveillance Attacks — Smartphones are commonly
equipped with sensors such as a Global Position-
ing System (GPS) sensor, accelerometer, micro-
phone, and camera. Combined with the fact that
they are closely associated with their owners,
smartphones infected with suitable spyware can
be used to keep targeted users under surveil-
lance [6]. In particular, the GPS sensor is partic-
ularly useful as it can provide highly sensitive
personal information. There are already exam-
ples of legitimate apps that are exploited by
hackers to keep the targeted users under surveil-
lance. Moreover, even apps that are not originally
designed as spyware may be covertly configured
to support tracking.
Diallerware Attacks — As shown in Fig. 1, hackers
can incur financial charges to smartphone users
by diallerwares, which send premium-rate SMS
messages without users’ awareness. The original
purpose of premium-rate SMS messages and
calls were to provide value-added services such
as news and stock quotes, with the cost being
charged in the users’ phone bills. Premium-rate
calls are abused for the hacker’s profit under
this attack. Hackers lure owners of infected
smartphones into signing up premium-rate ser-
vices controlled by themselves. For example,
HippoSMS is an Android malware that sends
SMS messages to a premium-rated number. It
blocks SMS messages from service providers so
that users are not aware of the unwanted addi-
tional charges [7].
Financial Malware Attacks — Financial malware
aims to steal credentials from the smartphones
or perform man-in-the-middle attacks on finan-
cial applications. Similar to PCs, smartphones
are also vulnerable to financial malware. Finan-
cial malware may simply be a key-logger that
collects credit card numbers. In a more sophisti-
cated form, it may be an app impersonating a
real banking app. If users download and run the
app, the hacker can launch a man-in-the-middle
attack for banking transactions.
Worm-Based Attacks — A worm can damage and
compromise the security of smartphones. More-
over, it duplicates itself, typically propagating
from one device to another, using different
means through an existing network without the
users’ intervention. In fact, worms can be easily
spread by just one click to infect smartphones in
any part of the world with a large chance of suc-
cess. Moreover, as network function virtualiza-
tion will be introduced into next generation
mobile networks to reduce capital and operating
expenditures [8], worm-based attacks to the vir-
tualization environment and hence to smart-
phones are expected to increase.
Botnets — A botnet is a set of zombie devices
that are infected by malware so that hackers can
remotely control them. When a number of
smartphones are compromised and remotely
controlled, a mobile botnet is formed. Botnets
impose serious security threats to the Internet,
and most of them are used in organized crime,
launching attacks to gain money. Some examples
include sending spam, Denial-of-Service attacks,
or collecting information that can be used for
illegal purposes. Once a smartphone is infected,
it becomes a zombie for cyber attacks.
CHALLENGES
Compared to PCs, smartphones have very differ-
ent security principles. In particular, the security
problems on smartphones originate from the
integration of multiple technologies to access the
Internet. The following three factors distinguish
mobile security from traditional computer security:
• Mobility: devices are carried by their owners
and have high mobility. Therefore, they are
subject to the risk of being stolen or physically
tampered with.
• Strong personalization: normally, the device
owner is also its unique user.
• Strong connectivity: smartphones enable users
to access various Internet services. As a result,
devices can be infected by malware through
different channels.
Also, the limited resources of smartphones
are the most obvious difference from a PC. Lim-
ited CPU power, memory, and battery life
Figure 1. Diallerware attacks.
Premium charge
Infected smartphones Premium services’
provider
Hacker
Payments
Command bots to call
premium services Call premium
services
GUIZANI_LAYOUT.qxp_Author Layout 2/17/15 4:16 PM Page 140
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Mobile Application Security: Malware Threats and Defenseslg...
|6
|1508
|435