Analysis of Mobile Device Security in Computer Networking

Verified

Added on 2023/03/17

AI Summary

This report provides a comprehensive overview of mobile device security within the context of computer networking and applications. It begins by highlighting the challenges posed by app stores and the prevalence of malware, particularly on Android platforms due to their open application environment. The report then delves into storage security, emphasizing the difficulties of secure data storage on mobile devices and the importance of encryption key management. It explores the significance of OS updates for device security, noting the impact of supply chain delays and platform fragmentation. Furthermore, the report addresses security in coding, discussing vulnerabilities arising from insecure coding practices, such as the Stagefright engine, and the need for secure coding standards. The conclusion emphasizes the importance of addressing these security challenges through identifying and remediating issues in device OSs and configurations to prevent further security threats. The report also references various research papers and patents related to mobile device security.

Running head: MOBILE DEVICE SECURITY
MOBILE DEVICE SECURITY
Name of the Student
Name of the Organization
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1COMPUTER NETWORKING AND APPLICATION
Introduction
The main aim of the paper is to help in providing an entire overview of the security
ecosystem of the mobile device and also in identifying all the top challenges of security. The
particular security of mobile device mostly involves the entire ecosystem of mobile which
involves the endpoint device as well as the security of data, secular sharing of information and
also a secure access for a number of applications of the enterprise and data. It also involves
secure testing, development which is secure and also the delivery of several applications with the
help of a number of app stores as well as several websites (Chen et al. 2015). This paper will be
comprising of some sections and each will be describing a huge area of concern in the security of
mobile device.
Discussion
App Stores and the malware
It has been observed that there are a number of sources which have the capability of
citing a rise in the malware of mobile device. It has been examined a number of times that there
are some statistics as well as trends for several infections of malware in a number of devices
which are seen to be connected via some fixed networks and mobile devices (Sinha and Zscaler
Inc 2015). It has been seen that most of the malware of android is recently distributed as several
apps which are trojanized and Android has the capability of offering an easier target for mainly
this due to the open environment of the application. Several apps of Android are seen to be
downloaded from all the stores of app as well as websites belonging to the third party (Patten and
Harris 2013). There is no such control of all the certificates which are digital mainly used for
signing several apps of Android. Apps of Android are mainly known for being self-signed and it

2COMPUTER NETWORKING AND APPLICATION
cannot be easily traced to all the developers. It has been become very much easy for hijacking
any app of Android, injecting code within it and also for redistributing it. In such a situation, an
innovative detection technique of malware named MassVet can be utilized for comparing an app
which has been already submitted with some other apps upon a market by focusing upon all its
differences with all of them possessing a similar kind of the structure of UI as well as
interactions with others (Mahaffey, Hering and Burgess 2013). It has been seen that this
particular technique of the detection of malware has been used a lot for analyzing about 1.2
millions of applications and has been able to discover a huge number of apps which are highly
malicious apps.
Storage security
It has been reported by some authors that in the year 2014, huge number of users have
spent about 96% of their time on all the mobile devices by using all the different mobile apps. In
all the applications of browser which are mainly traditional, it has been noticed that there is a
tendency of all the data to be easily stored upon the side of the server where a number of tough
controls can be highly enforced (A. Harris and Patten 2014). All the devices of mobile are
utilized in a number of unique ways which has been making it quite a challenging one for storing
data securely. The main challenge for the encryption of data is actually the key storage. On all
the devices of mobile, the key of encryption is required to be available for accessing data for all
the different users. Storage of the key of encryption on a server which is remote does not mean
generally that it will be solving the problem because any attacker who will be having the access
to the particular device can be able to request simply for the key of encryption from that
particular server and finally decrypt the data (Ramalingam, Walsh and Carr Amazon
Technologies Inc 2013). It has been observed that most of the devices of mobile will be making

3COMPUTER NETWORKING AND APPLICATION
use of some types of passcode which will be utilized in a secure manner for deriving a particular
key of encryption which will then be utilized for encrypting data. It has been seen that a secure
enclave upon iOS 9 will be providing a hardware module of security which will helping in the
generation and the use of several keys in the chip of hardware without having to gain access to it.
OS updates of the mobile
It has been observed that both running as well as the installation of the latest mobile
version of OS is really very important for the security of the device (Pathiyal and BlackBerry Ltd
2013). Several versions of Android are capable of providing with a large number of levels of the
layout randomization of the space of the address. It has been seen that Android Jelly Bean (4.1)
is the first OS of Android for providing total ASLR (Harris, Patten and Regan 2013). Hence, as a
result it has been observed that several newer versions of OS are seen to be much more resistant
towards the exploitation. A large number of devices of Android are seen to having a quite a
lengthy chain of supply which is capable of making the deploying of all the updates of OS a very
uncertain as well as a slow procedure (Andersson, S.M. and Pettersson 2015). The chain of
supply for all the different operating systems varies broadly. It has been seen that longer is the
chain of supply for the update of OS for getting deployed to a particular customer, the longer is
the delay. It has been seen that there is even a kind of uncertainty regarding if any particular
device will be receiving updates at all or not. This is seen to have been creating a large number
of problems for all the developers which are being needed for accounting for a particular market
which is highly fragmented with each and every version of the platform which provides several
APIs of security.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4COMPUTER NETWORKING AND APPLICATION
Security in coding
It has been seen that there are a number of vulnerabilities in all the devices of mobile
which are frequently the ultimate result of any kind of insecure practices of coding (Green and
Basil 2013). The particular Stagefright engine of android is mainly a playback service of media
for the Android which is seen to be containing a number of vulnerabilities which is responsible
for enabling any remote attacker in accessing files or rather executing code upon the device.
There remains a high chance that any kind of attacker sends any kind of MMS which may be
parsed in an improper manner by the tool of Stagefright. All other vectors of attack will be
involving all the web browsers, email, Bluetooth, SD cards, gallery and even some others as well
which are not even identified. There are a number of several vulnerabilities which are contained
within Stagefright from several errors of coding. If any kind of effective way is thought for the
prevention of such errors than it can be the adoption of a particular secure standard of coding and
this will be making sure that all developers will be having a particular training which will be an
effective one in a secure coding.
Conclusion
It can be concluded that as per the overview of the security ecosystem of the mobile
device is considered, there are a number of top challenges of security which are needed to be
taken care of. Several apps which are leaky which mostly stores or rather transmits any kind of
sensitive or personal information in an insecure manner is really creating a great concern. The
security of mobile will be requiring both the identification as well as the remediation of several
issues related to security in the OSs of the device as well as several configurations. All kinds of
security procedures which have been described within each of the security challenges will be
helping a lot in preventing any kind of further security challenge further to a great extent.

5COMPUTER NETWORKING AND APPLICATION

6COMPUTER NETWORKING AND APPLICATION
References
A. Harris, M. and P. Patten, K., 2014. Mobile device security considerations for small-and
medium-sized enterprise business mobility. Information Management & Computer
Security, 22(1), pp.97-114.
Andersson, S.M. and Pettersson, M.G., Sony Corp and Sony Mobile Communications AB,
2015. Device-initiated security policy. U.S. Patent 9,191,822.
Chen, Y., Yuval, G.A. and Sinclair, M.J., Microsoft Technology Licensing LLC, 2015. Mobile
device security using wearable security tokens. U.S. Patent 9,135,620.
Green, R.M. and Basil, N.J., 2013. Mobile device controller application for any security system.
U.S. Patent 8,489,065.
Mahaffey, K.P., Hering, J.G. and Burgess, J.D., Lookout Inc, 2013. Providing access levels to
services based on mobile device security state. U.S. Patent 8,365,252.
Pathiyal, K.K., BlackBerry Ltd, 2013. Security interface for a mobile device. U.S. Patent
8,347,104.
Ramalingam, H., Walsh, P.J. and Carr, M., Amazon Technologies Inc, 2013. Mobile device
security. U.S. Patent 8,521,131.
Sinha, A., Zscaler Inc, 2015. Cloud based mobile device security and policy enforcement. U.S.
Patent 9,119,017.
Patten, K.P. and Harris, M.A., 2013. The need to address mobile device security in the higher
education IT curriculum. Journal of Information Systems Education, 24(1), p.41.
Harris, M.A., Patten, K. and Regan, E., 2013. The need for BYOD mobile device security
awareness and training.