Mobile Application Security: A Critique of Two Research Papers
VerifiedAdded on  2023/03/23
|9
|2657
|64
Report
AI Summary
This report presents a critical evaluation of two scholarly articles concerning mobile application security. The analysis begins with an introduction to mobile employee security, outlining the examination of mobile applications, identifying threats, and the goals of attackers. The critique delves into the research questions, assessing their significance and relevance to the field. The papers' coverage of existing research literature, methodologies employed, and the agreement between research questions, philosophical frameworks, and methods are then examined. Various attacks, including spyware, phishing, and financial malware are discussed. The report highlights the strengths and weaknesses of the research, including the limitations of not discussing long-term mitigation strategies. The analysis concludes with an overview of the data collection and analysis process, the threat model used, and the ethical considerations. The report provides a comprehensive assessment of the selected research papers, discussing their contributions and limitations within the context of mobile application security.
Running head: MOBILE APPLICATIONS
MOBILE APPLICATIONS
Name of Student
Name of University
Author’s Note
MOBILE APPLICATIONS
Name of Student
Name of University
Author’s Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1MOBILE APPLICATIONS
Introduction
Mobile employee security include the process of examination of the overall structure
of various mobile applications and then carrying out a study of how they actually work along
with focusing at vital areas of threats and what various hackers as well as numerous attackers
want to obtain. Various security experts had developed numerous assessments on the basis of
threats such as theft to any sort of financial data or some personal identifiers or the
unauthorized access to various devices (Chen, Qian and Mao 2016). Areas that are covered
by various security of mobile application are threat modelling, risk analysis and source code
review. Developers might concentrate at various areas like database, configuration files or
cache, risk analysis and many more or at various underlying platforms in order to understand
the ways that can be used for the purpose of protecting mobile applications as well as devices
from numerous vulnerabilities (Delac, Silic and Krolo, 2011). This assignment deals with
choosing two scholarly articles that reflects on the concept of mobile applications security.
This assignment also presents a critique on both the papers. The assignment discusses
regarding the issues stated in the papers, it also represents if the research covers the present
research literature for the research questions. It further presents the methodology that has
been presented in the papers and many similar factors related to the papers.
Critique body
The research questions that have been presented in these papers are very clearly
stated, they are significant as well because this particular assignment deals with the concept
of security of mobile applications (Delac, Silic and Krolo, 2011). These papers describe the
fact that when compared to various traditional phones, which usually provided only
telephony functions, smart phones are computing as well as communicating devices which
support communications that also provides multimedia communication for the purpose of
Introduction
Mobile employee security include the process of examination of the overall structure
of various mobile applications and then carrying out a study of how they actually work along
with focusing at vital areas of threats and what various hackers as well as numerous attackers
want to obtain. Various security experts had developed numerous assessments on the basis of
threats such as theft to any sort of financial data or some personal identifiers or the
unauthorized access to various devices (Chen, Qian and Mao 2016). Areas that are covered
by various security of mobile application are threat modelling, risk analysis and source code
review. Developers might concentrate at various areas like database, configuration files or
cache, risk analysis and many more or at various underlying platforms in order to understand
the ways that can be used for the purpose of protecting mobile applications as well as devices
from numerous vulnerabilities (Delac, Silic and Krolo, 2011). This assignment deals with
choosing two scholarly articles that reflects on the concept of mobile applications security.
This assignment also presents a critique on both the papers. The assignment discusses
regarding the issues stated in the papers, it also represents if the research covers the present
research literature for the research questions. It further presents the methodology that has
been presented in the papers and many similar factors related to the papers.
Critique body
The research questions that have been presented in these papers are very clearly
stated, they are significant as well because this particular assignment deals with the concept
of security of mobile applications (Delac, Silic and Krolo, 2011). These papers describe the
fact that when compared to various traditional phones, which usually provided only
telephony functions, smart phones are computing as well as communicating devices which
support communications that also provides multimedia communication for the purpose of
2MOBILE APPLICATIONS
work as well as entertainment (Chen, Qian and Mao 2016). It also describes the fact that
because of quantum jump in the functionality, the overall rate of the process of upgrading the
traditional phones to various smart phones is huge. One more point that has been presented in
these papers which also provides the maximum level of significance to the papers is the fact
that though the mobile platform has been very rich in basic features, it could be extended
with the help of installation of applications, the papers represent some research questions
such as which applications increases the vulnerability of the devices along with the data in it
(Delac, Silic and Krolo, 2011). They are mainly vulnerable because besides using computing
power that is provided by the mobile devices, the attackers aim in targeting the data, this
happens because the smart phones have become the storage units for personal data through
the use of numerous social networking applications, email clients and personal organizers.
These papers represent a particular attacker centric threat model for various mobile platforms
(Delac, Silic and Krolo, 2011). The threat model aims in addressing three major issues of
mobile devices security, the goal of attackers, mobile malware and attack vendors. Firstly it
aims in defining the motives for attacking the mobile platforms for identifying the interest of
attackers as well as their potential targets.
The main attack goal is dedicated on motives that are been introduced by various
modern mobile phones as well as devices (Delac, Silic and Krolo, 2011). Secondly, the model
aims in incorporating various attack vendors for presenting possible entry points for various
malicious content on the devices. After these, the model then considers various types of
threats that are applicable to the mobile platforms in case the presented attack vendors have
been utilized in a successful manner.
The research describes regarding the existing research literature that is relevant, for
the research questions, it presents the research that has been carried out by various
researchers regarding the attacks that had been taken place previously, and these attacks had
work as well as entertainment (Chen, Qian and Mao 2016). It also describes the fact that
because of quantum jump in the functionality, the overall rate of the process of upgrading the
traditional phones to various smart phones is huge. One more point that has been presented in
these papers which also provides the maximum level of significance to the papers is the fact
that though the mobile platform has been very rich in basic features, it could be extended
with the help of installation of applications, the papers represent some research questions
such as which applications increases the vulnerability of the devices along with the data in it
(Delac, Silic and Krolo, 2011). They are mainly vulnerable because besides using computing
power that is provided by the mobile devices, the attackers aim in targeting the data, this
happens because the smart phones have become the storage units for personal data through
the use of numerous social networking applications, email clients and personal organizers.
These papers represent a particular attacker centric threat model for various mobile platforms
(Delac, Silic and Krolo, 2011). The threat model aims in addressing three major issues of
mobile devices security, the goal of attackers, mobile malware and attack vendors. Firstly it
aims in defining the motives for attacking the mobile platforms for identifying the interest of
attackers as well as their potential targets.
The main attack goal is dedicated on motives that are been introduced by various
modern mobile phones as well as devices (Delac, Silic and Krolo, 2011). Secondly, the model
aims in incorporating various attack vendors for presenting possible entry points for various
malicious content on the devices. After these, the model then considers various types of
threats that are applicable to the mobile platforms in case the presented attack vendors have
been utilized in a successful manner.
The research describes regarding the existing research literature that is relevant, for
the research questions, it presents the research that has been carried out by various
researchers regarding the attacks that had been taken place previously, and these attacks had
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3MOBILE APPLICATIONS
resulted in improvement of the devices in the aspects of their design, security and privacy in
spite of these, there have been attacks that had led to the research questions that had been
presented in these papers (Chen, Qian and Mao 2016). These papers describe about the
attacks that have been cause in the application of smart phones along with their description,
few attacks that have been discusses in the papers include spyware, phishing, dialler ware
attacks, surveillance attacks, financial malware attacks, worm based attacks and botnets.
These attacks have their own impacts on the applications of the mobile phones, one of the
common vulnerability caused by these attacks include the access to user data (Chen, Qian and
Mao 2016). The phishing attack is described to be the attack in which the credentials of uses
like account details as well as credit card numbers that are usually accessed by the means of
applications, SMS, emails that seem to be true (Delac, Silic and Krolo, 2011). Spyware has
been described as a particular attack where the activities of the users on smartphones are
monitored, this means that the personal data is extracted as well as interfered.
When compared to the surveillance attacks, spyware do not have various targeted
victims. One more attack that has been discussed in these papers include surveillance attacks,
in this particular attack, a certain user is kept under the surveillance by the means of his or
her smartphones that are infected and which makes use of the builtin sensors (Delac, Silic and
Krolo, 2011). Dialler ware attacks had also been discussed in these papers, this attack deals
with stealing money with the use of malware which carried out hidden calls to various
premium numbers of SMS services. One more attack that had been discussed include
financial malware attacks (Chen, Qian and Mao 2016). These attacks aim in stealing the
credentials of the users from their smartphones and hence carry out man in the middle attacks
on their various applications that deal with financial transactions. A similar attack is the one
that is worm based, a particular worm can be described as a particular malware which tends
to duplicate itself, and this typically propagates from a particular device to another one
resulted in improvement of the devices in the aspects of their design, security and privacy in
spite of these, there have been attacks that had led to the research questions that had been
presented in these papers (Chen, Qian and Mao 2016). These papers describe about the
attacks that have been cause in the application of smart phones along with their description,
few attacks that have been discusses in the papers include spyware, phishing, dialler ware
attacks, surveillance attacks, financial malware attacks, worm based attacks and botnets.
These attacks have their own impacts on the applications of the mobile phones, one of the
common vulnerability caused by these attacks include the access to user data (Chen, Qian and
Mao 2016). The phishing attack is described to be the attack in which the credentials of uses
like account details as well as credit card numbers that are usually accessed by the means of
applications, SMS, emails that seem to be true (Delac, Silic and Krolo, 2011). Spyware has
been described as a particular attack where the activities of the users on smartphones are
monitored, this means that the personal data is extracted as well as interfered.
When compared to the surveillance attacks, spyware do not have various targeted
victims. One more attack that has been discussed in these papers include surveillance attacks,
in this particular attack, a certain user is kept under the surveillance by the means of his or
her smartphones that are infected and which makes use of the builtin sensors (Delac, Silic and
Krolo, 2011). Dialler ware attacks had also been discussed in these papers, this attack deals
with stealing money with the use of malware which carried out hidden calls to various
premium numbers of SMS services. One more attack that had been discussed include
financial malware attacks (Chen, Qian and Mao 2016). These attacks aim in stealing the
credentials of the users from their smartphones and hence carry out man in the middle attacks
on their various applications that deal with financial transactions. A similar attack is the one
that is worm based, a particular worm can be described as a particular malware which tends
to duplicate itself, and this typically propagates from a particular device to another one
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4MOBILE APPLICATIONS
(Chen, Qian and Mao 2016). This is done with the use of different means with the help of a
particular existing network without the intervention of the users. Botnets are also among
some attacks that occur in the mobile applications, a particular botnet is considered to be a
specific set of various zombie devices which has been infected by malware such that a
particular hacker has the ability to remotely control these bots (Delac, Silic and Krolo, 2011).
These sort of attacks are very vulnerable because they result in causing issues in the mobile
phones. This attack is carried out, would provide the hacker in giving the access to data that
belongs to users.
The methodology that has been utilized for this particular assignment includes the
collection of data with the help of secondary resources, they have collected the data from
various researches that have been carried out by many researchers and which have presented
their readings into various studies (Chen, Qian and Mao 2016). For the purpose of presenting
a broad overview of various challenges that mobile applications face the papers present a
particular threat model that is attacker centric for the mobile devices. The three main
dimensions that had been described in the mobile applications that are affected due to the
attacks. These dimensions include collecting data that is private in nature, since various
mobile devices have been in effect of becoming various storage units for the purpose of
storing personal data, they act as a particular attractive target for the purpose of breaching
privacy of users (Delac, Silic and Krolo, 2011). The target of the attackers target the integrity
as well as the confidentiality of the information that has been stored. An attack that has been
executed successfully has the ability to empower the attackers with the ability to read MMS
and SMS, email messages, contact details and call logs (Chen, Qian and Mao 2016). Some
more dimension that has been discussed in these papers include utilization of computing
resources, undertaking harmful as well as malicious actions, and some more, these vectors are
mentioned in details in the papers that have been selected in this assignment.
(Chen, Qian and Mao 2016). This is done with the use of different means with the help of a
particular existing network without the intervention of the users. Botnets are also among
some attacks that occur in the mobile applications, a particular botnet is considered to be a
specific set of various zombie devices which has been infected by malware such that a
particular hacker has the ability to remotely control these bots (Delac, Silic and Krolo, 2011).
These sort of attacks are very vulnerable because they result in causing issues in the mobile
phones. This attack is carried out, would provide the hacker in giving the access to data that
belongs to users.
The methodology that has been utilized for this particular assignment includes the
collection of data with the help of secondary resources, they have collected the data from
various researches that have been carried out by many researchers and which have presented
their readings into various studies (Chen, Qian and Mao 2016). For the purpose of presenting
a broad overview of various challenges that mobile applications face the papers present a
particular threat model that is attacker centric for the mobile devices. The three main
dimensions that had been described in the mobile applications that are affected due to the
attacks. These dimensions include collecting data that is private in nature, since various
mobile devices have been in effect of becoming various storage units for the purpose of
storing personal data, they act as a particular attractive target for the purpose of breaching
privacy of users (Delac, Silic and Krolo, 2011). The target of the attackers target the integrity
as well as the confidentiality of the information that has been stored. An attack that has been
executed successfully has the ability to empower the attackers with the ability to read MMS
and SMS, email messages, contact details and call logs (Chen, Qian and Mao 2016). Some
more dimension that has been discussed in these papers include utilization of computing
resources, undertaking harmful as well as malicious actions, and some more, these vectors are
mentioned in details in the papers that have been selected in this assignment.
5MOBILE APPLICATIONS
There is a medium level of agreement among the research questions the philosophical
framework as well as the research methods that has been used in these papers. The research
questions that had been presented in these papers completely relate to the philosophical
framework of the articles, this has been done for the purpose of better understanding (Chen,
Qian and Mao 2016). The authors propose a new method that is qualitative in nature for the
purpose of building a conceptual framework for a specific phenomenon that are usually
linked to the bodies of the knowledge that are multidisciplinary. At first the author redefines
the vital terms of the conceptual framework analysis, conceptual framework, concept and
many more. Concept includes some vital components that actually defines it (Delac, Silic and
Krolo, 2011). A conceptual framework has been defined as a particular network or a
particular plane of the linked concepts. Analysis of conceptual framework usually provides a
particular procedure of the theorization for the purpose of building various conceptual
frameworks on the basis of grounded the method (Chen, Qian and Mao 2016). The actual
advantages of the analysis of conceptual framework are their flexible capacity for the purpose
of modification and the emphasis of the understanding instead of the prediction.
There has been a good level of agreement between the researches questions, the
philosophical framework that has been used as well as the research methods. The theoretical
as well as conceptual framework had explained the overall path of the research grounds, it
has been firmly in the theoretical constructs (Chen, Qian and Mao 2016). The actual aim of
two frameworks is noting down the research findings that are meaningful, acceptable to
various theoretical constructs in this particular field of research as well as ensures
generalizability. They have been assisted in stimulating research at the time of ensuring the
extension of the knowledge with the help of providing both the direction and hence impetus
to the inquiry of the research (Delac, Silic and Krolo, 2011). They had also helped in
enhancing the empiricism as well as rigor of the research that has been carried out in this
There is a medium level of agreement among the research questions the philosophical
framework as well as the research methods that has been used in these papers. The research
questions that had been presented in these papers completely relate to the philosophical
framework of the articles, this has been done for the purpose of better understanding (Chen,
Qian and Mao 2016). The authors propose a new method that is qualitative in nature for the
purpose of building a conceptual framework for a specific phenomenon that are usually
linked to the bodies of the knowledge that are multidisciplinary. At first the author redefines
the vital terms of the conceptual framework analysis, conceptual framework, concept and
many more. Concept includes some vital components that actually defines it (Delac, Silic and
Krolo, 2011). A conceptual framework has been defined as a particular network or a
particular plane of the linked concepts. Analysis of conceptual framework usually provides a
particular procedure of the theorization for the purpose of building various conceptual
frameworks on the basis of grounded the method (Chen, Qian and Mao 2016). The actual
advantages of the analysis of conceptual framework are their flexible capacity for the purpose
of modification and the emphasis of the understanding instead of the prediction.
There has been a good level of agreement between the researches questions, the
philosophical framework that has been used as well as the research methods. The theoretical
as well as conceptual framework had explained the overall path of the research grounds, it
has been firmly in the theoretical constructs (Chen, Qian and Mao 2016). The actual aim of
two frameworks is noting down the research findings that are meaningful, acceptable to
various theoretical constructs in this particular field of research as well as ensures
generalizability. They have been assisted in stimulating research at the time of ensuring the
extension of the knowledge with the help of providing both the direction and hence impetus
to the inquiry of the research (Delac, Silic and Krolo, 2011). They had also helped in
enhancing the empiricism as well as rigor of the research that has been carried out in this
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6MOBILE APPLICATIONS
particular paper. The research findings had become very weak, this is because of improper
application of suitable theoretical framework along with conceptual framework (Chen, Qian
and Mao 2016). The presence of theoretical or conceptual framework had made it very
difficult for various readers in the process of ascertaining various underlying factors to the
assertions of the researcher.
There had been numerous flaws in the logic or the methods which undermine the
overall results of the research, the flaws include the fact that the papers do not discuss
regarding the long term mitigation of the issues faced by the applications that had been
incorporating within smart phones (Chen, Qian and Mao 2016). This disables people to know
regarding the ways by which they could know regarding the ways by which they could ensure
privacy and security to their employees. The articles describes in brief regarding the issues
that are faced by the mobile applications in details along with their mitigations. The study
that has been carried out in this particular study is biased in nature because it states the issues
that are usually faced by the applications in smart phones (Chen, Qian and Mao 2016). The
issues include the attacks that are carried out by the hackers in the applications in order to
access the data that belongs to the users.
The study is completely ethical in nature because it involved requirements on daily
work, it protects the dignity of various subjects as well as the publication of the data in this
particular research (Chen, Qian and Mao 2016). Ethical behaviour has also been critical for
the collaboration work, this is because it helps in encouraging the environment of trust,
mutual respect, accountability, among various researchers. This is especially important in this
case because it deals with carrying out research regarding the sharing of data, co-sharing,
confidentiality, co-authorship along with many more issues.
particular paper. The research findings had become very weak, this is because of improper
application of suitable theoretical framework along with conceptual framework (Chen, Qian
and Mao 2016). The presence of theoretical or conceptual framework had made it very
difficult for various readers in the process of ascertaining various underlying factors to the
assertions of the researcher.
There had been numerous flaws in the logic or the methods which undermine the
overall results of the research, the flaws include the fact that the papers do not discuss
regarding the long term mitigation of the issues faced by the applications that had been
incorporating within smart phones (Chen, Qian and Mao 2016). This disables people to know
regarding the ways by which they could know regarding the ways by which they could ensure
privacy and security to their employees. The articles describes in brief regarding the issues
that are faced by the mobile applications in details along with their mitigations. The study
that has been carried out in this particular study is biased in nature because it states the issues
that are usually faced by the applications in smart phones (Chen, Qian and Mao 2016). The
issues include the attacks that are carried out by the hackers in the applications in order to
access the data that belongs to the users.
The study is completely ethical in nature because it involved requirements on daily
work, it protects the dignity of various subjects as well as the publication of the data in this
particular research (Chen, Qian and Mao 2016). Ethical behaviour has also been critical for
the collaboration work, this is because it helps in encouraging the environment of trust,
mutual respect, accountability, among various researchers. This is especially important in this
case because it deals with carrying out research regarding the sharing of data, co-sharing,
confidentiality, co-authorship along with many more issues.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7MOBILE APPLICATIONS
The data collection as well as analysis is appropriate because it discusses regarding
the issues that prove to be vulnerable for the users of smart phones, these issues make the
applications within a phone prone to a situation where they tend to leak data or provide
access to data to the unauthorized users (Chen, Qian and Mao 2016). The findings of the
research has also been supported by the evidence because the articles had few references that
were provided at the end of their research, these were the evidences that had been included in
the articles.
Conclusion
From the above report, it can be concluded that security of mobile application is a sort
of next generation processes based in the solutions of security that are intended for various
computers that are personal. Similar to the personal computers, various mobile devices also
run on numerous operating systems which have numerous threats as well as security
problems. This is because mobile devices usually tend to become ubiquitous, various security
experts have been scrambling for catching up by developing various mobile applications
security processes as well as solutions for the purpose of using in future. The areas that are
covered by the mobile application security includes the threats modelling, risk analysis and
source code review. Developers might look at various areas such as database cache or the
configuration files in the underlying platform for understanding the ways that could be used
for the purpose of better protection of the mobile applications as well as devices from various
vulnerabilities.
The data collection as well as analysis is appropriate because it discusses regarding
the issues that prove to be vulnerable for the users of smart phones, these issues make the
applications within a phone prone to a situation where they tend to leak data or provide
access to data to the unauthorized users (Chen, Qian and Mao 2016). The findings of the
research has also been supported by the evidence because the articles had few references that
were provided at the end of their research, these were the evidences that had been included in
the articles.
Conclusion
From the above report, it can be concluded that security of mobile application is a sort
of next generation processes based in the solutions of security that are intended for various
computers that are personal. Similar to the personal computers, various mobile devices also
run on numerous operating systems which have numerous threats as well as security
problems. This is because mobile devices usually tend to become ubiquitous, various security
experts have been scrambling for catching up by developing various mobile applications
security processes as well as solutions for the purpose of using in future. The areas that are
covered by the mobile application security includes the threats modelling, risk analysis and
source code review. Developers might look at various areas such as database cache or the
configuration files in the underlying platform for understanding the ways that could be used
for the purpose of better protection of the mobile applications as well as devices from various
vulnerabilities.
8MOBILE APPLICATIONS
References
Chen, M., Qian, Y., Mao, S., Tang, W. and Yang, X., 2016. Software-defined mobile
networks security. Mobile Networks and Applications, 21(5), pp.729-743.
Delac, G., Silic, M. and Krolo, J., 2011, May. Emerging security threats for mobile platforms.
In 2011 Proceedings of the 34th International Convention MIPRO (pp. 1468-1473). IEEE.
References
Chen, M., Qian, Y., Mao, S., Tang, W. and Yang, X., 2016. Software-defined mobile
networks security. Mobile Networks and Applications, 21(5), pp.729-743.
Delac, G., Silic, M. and Krolo, J., 2011, May. Emerging security threats for mobile platforms.
In 2011 Proceedings of the 34th International Convention MIPRO (pp. 1468-1473). IEEE.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 9
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.