SlideShare a Scribd company logo

CS_UNIT 2(P3).pptx

Download as PPTX, PDF
G
GaytriDhingra1

cyber security notes

Education
1 of 27
UNIT 2  Credit Card Frauds in Mobile & Wireless Computing Era  Security Challenges  Registry Settings for Mobile Devices  Authentication Service Security  Attacks on Mobile/Cell Phones
 Trends in Mobility  In the past two decades, we’ve not only cut the cord between our phones and the wall, but we have gained the ability to stream video, play games, and access the web from what has essentially become a powerful handheld computer. 5G will push those capabilities to the next level.  Since the late 1970s, the ability to communicate with others using a device that is untethered to a wire has changed the way people interact, whether they are located across the street or in another country. Prior to the introduction of cellular technology, ham shortwave and FM radios provided two-way communication to those willing to learn Morse code and obtain a license. Citizens band (CB) radios offered up to 20-mile links and became wildly popular with the mass market in the early to mid-1960s. However, weather conditions and time of day had a major influence on reliability of ham radio links, while transmission power limits and chatty enthusiasts reduced the usefulness of CB.
 The industry needed a system that consumed little energy to enable small portable devices to operate on battery power. Cellular phones evolved to meet this need. Rather than adopt a point-to-point long-distance strategy, cellular phones link to a grid of local relay base stations.  A progression of enhanced technical standards enabled compatibility among devices and opened the door to development of a rapidly expanding market. Efficient network management was the other key to development of advanced cellular communication systems in terms of speed, reliability, latency, capacity, and additional features.
 The first generation of mobile networks, dubbed 1G, was introduced in Japan in 1979. It offered analog 2.4Kb/s with limited coverage and no roaming support. In 1991, 2G employed digital signaling to bump the speed to 64Kb/s and used the Global System for Mobile Communications (GSM) standard for improved voice fidelity and reliability. It also ushered in the ability to send text messages and photos. 3G was introduced in 2001 and harmonized global standards, along with 256Kb/s speed. Additional functions included video conferencing, streaming, and Voice over Internet Protocol (VoIP). The fourth and most common generation in use today, 4G Long-Term Evolution (LTE), can deliver speeds to 1Gb/s for high-definition video, web access, and gaming applications.  We are now on the cusp of 5G, which is designed to support the escalating demands of a universe of Internet of Things (IoT), explosion of consumer video, telemedicine, telework, and future autonomous transportation. In addition to a 10 times to as much as 100 times increase in speed, latency will be dramatically reduced. The ability to support many more connected devices with greater network efficiency and reduced latency is driving the transition to 5G.
Credit Card Frauds & Wireless Computing Era Types of Credit Card Frauds  Traditional Techniques:  paper based fraud – criminal uses stolen or fake documents, to open an account in someone else’s name.  can be divided into ID theft  Financial fraud  illegal use of lost or stolen card  Modern Techniques:  enable criminals to produce fake or doctored cards.  Skimming process 1. Triangulation 2. Credit Card Generators (From Book)
Triangulation Method - aim to create great deal of confusion for the authorities.
Main challenges involved in credit card fraud detection are:  Enormous Data is processed every day and the model build must be fast enough to respond to the scam in time.  Imbalanced Data i.e most of the transactions (99.8%) are not fraudulent which makes it really hard for detecting the fraudulent ones  Data availability as the data is mostly private.  Misclassified Data can be another major issue, as not every fraudulent transaction is caught and reported.  Adaptive techniques used against the model by the scammers.
Security challenges posed by mobile devices (FROM PPT) Mobility brings two main challenges to cyber security: first, on the hand-held devices, information is being taken outside the physically controlled environment. and Second, remote access back to the protected environment is being granted. The importance of providing employees with remote access and the ability to work from anywhere means that organizations need to implement tools that increase the security of mobile devices. Mobile phone security threats generally include application based, web-based, network-based, physical threats (or challenges) and technical challenges.
Security challenges posed by mobile devices 1. Application based threat: Application-based threats happen when people download apps that look legitimate but actually skim data from their device. Even legitimate apps often request more permission than needed to perform their function, which can expose more data than necessary. Examples are spyware and malware that steal personal and business information without people realizing it’s happening. These threats also includes Data Leakage via Malicious Apps (as hackers can easily find an unprotected mobile app and use that unprotected app to design larger attacks or steal data, digital wallets, backend details, and other juicy bits directly from the app) and Zero Day Vulnerabilities (zero-day vulnerabilities that left its devices open for spyware attacks and released a patch to protect users against these vulnerabilities. A software vulnerability discovered by attackers before the vendor has become aware of it. Because the vendors are unaware, no patch exists for zero-day vulnerabilities, making attacks likely to succeed)
Security challenges posed by mobile devices 1. Application based threat: Contd…. The best way to protect your organization against data leakage (or App based threats) through malicious or unsecured applications is by using mobile application management (MAM) tools. These tools allow IT admins to manage corporate apps (wipe or control access permissions) on their employees’ devices without disrupting employees’ personal apps or data.
Security challenges posed by mobile devices 2. Web based threat: Web-based threats are subtle and tend to go unnoticed. They happen when people visit affected sites that seem fine on the front-end but, in reality, automatically download malicious content onto devices. Examples: Phishing Scams Social Engineering Drive By Downloads Operating System Flaws
Security challenges posed by mobile devices 2. Web based threat: Contd… Social Engineering Social engineering attacks are when bad actors send fake emails (phishing attacks) or text messages (smishing attacks) to your employees in an effort to trick them into handing over private information like their passwords or downloading malware onto their devices. Drive By Downloads Drive by download attacks specifically refer to malicious programs that install to your devices — without your consent. This also includes unintentional downloads of any files or bundled software onto a computer device. Operating System Flaws Operating system (OS) vulnerabilities are exposures within an OS that allow cyber attackers to cause damage on any device where the OS is installed. Large numbers of mobile devices are not kept up to date with operating system releases. Out of date operating systems mean devices are vulnerable to security threats that are patched in the later versions. Mobile security requires continuous work to find and patch vulnerabilities that bad actors use to gain unauthorized access to your systems and data.
Security challenges posed by mobile devices 2. Web based threat: Contd… Tips to Combat Web based threats  The best defense for phishing and other social engineering attacks is to teach employees how to spot phishing emails and SMS messages that look suspicious and avoid falling prey to them altogether.  Reducing the number of people who have access to sensitive data or systems can also help protect your organization against social engineering attacks because it reduces the number of access points attackers have to gain access to critical systems or information.  Only use your computer’s admin account for program installations. Keep your web browser and operating system up to date. Be wary of keeping too many unnecessary programs and apps. Always avoid websites that may contain malicious code. Carefully read and examine security popups on the web before clicking. Use Ad-Blocker
Security challenges posed by mobile devices 3. Network-based threat: Network-based threats are especially common and risky because cybercriminals can steal unencrypted data while people use public WiFi networks. Users often rely on public Wi-Fi to stay connected when they work outside the office. These unsecured Wi-Fi networks can allow malware to be installed on devices or eavesdroppers to intercept data. Public WiFi networks are generally less secure than private networks because there’s no way to know who set the network up, how (or if) it’s secured with encryption, or who is currently accessing it or monitoring it. And as more companies offer remote work options, the public WiFi networks your employees use to access your servers (e.g., from coffee shops or cafes) could present a risk to your organization. For example, cybercriminals often set up WiFi networks that look authentic but are actually a front to capture data that passes through their system (a “man in the middle” attack). Examples: •Network Exploits •WiFi Sniffing •Packet Sniffing •BYOD (Bring Your Own Device)
Security challenges posed by mobile devices 3. Network-based threat: Contd…. There’s no single standard for mobile devices, especially when you allow BYOD rather than supplying the devices. Because of the variety of devices and operating systems, it’s difficult to apply controls consistently to ensure the safety of all of them.
Security challenges posed by mobile devices 3. Network-based threat: Contd…. Tips to Combat The best way for you to protect your organization against threats over public WiFi networks is by requiring employees to use a VPN to access company systems or files. This will ensure that their session stays private and secure, even if they use a public network to access your systems.
Security challenges posed by mobile devices 4. Physical Threats: Physical threats to mobile devices most commonly refer to the loss or theft of a device. Because hackers have direct access to the hardware where private data is stored, this threat is especially dangerous to enterprises. Example - Loss/Theft: Loss or theft is the most unwanted physical threat to the security of your mobile device. Any devices itself has value and can be sold on the secondary market after all your information is stolen and sold. Tips to Combat First and foremost, you’ll want to ensure employees know what steps to take if they lose their device. Since most devices come with remote access to delete or transfer information, that should include asking employees to make sure those services are activated
Security challenges posed by mobile devices 5. Technical challenges in mobile security are:  Managing the registry settings and configurations,  Authentication service security,  Cryptography security,  Remote access server (RAS) security, Media player control security, Networking application program interface (API), security etc.
Registry Settings for Mobile Devices: Let us understand the issue of registry settings on mobile devices through an example: Microsoft Activesync is meant for synchronization with Windows-powered personal computers (PCs) and Microsoft Outlook. ActiveSync acts as the "gateway between Windows-powered PC and Windows mobile-powered device, enabling the transfer of applications such as Outlook information, Microsoft Office documents, pictures, music, videos and applications from a user's desktop to his/her device. In addition to synchronizing with a PC, ActiveSync can synchronize directly with the Microsoft exchange server so that the users can keep their E-Mails, calendar, notes and contacts updated wirelessly when they are away from their PCs. In this context, registry setting becomes an important issue given the ease with which various applications allow a free flow of information.
Authentication Service Security: There are two components of security in mobile computing: 1. security of devices and 2. security in networks. A secure network access involves authentication between the device and the base stations or Web servers. This is to ensure that only authenticated devices can be connected to the network for obtaining the requested services. No Malicious Code can impersonate the service provider to trick the device into doing something it does not mean to. Thus, the networks also play a crucial role in security of mobile devices. Some eminent kinds of attacks to which mobile devices are subjected to are: push attacks, pull attacks and crash attacks. Authentication services security is important given the typical attacks on mobile devices through wireless networks: Dos attacks, traffic analysis, eavesdropping, man-in-the-middle attacks and session hijacking. Security measures in this scenario come from Wireless Application Protocols (WAPs), use of VPNs, media access control (MAC) address filtering and development in 802.xx standards.
Attacks on Mobile/Cell Phones (Same as Book) 1. Mobile Phone Theft: Mobile phones have become an integral part of everbody's life and the mobile phone has transformed from being a luxury to a bare necessity. Increase in the purchasing power and availability of numerous low cost handsets have also lead to an increase in mobile phone users. Theft of mobile phones has risen dramatically over the past few years. Since huge section of working population in India use public transport, major locations where theft occurs are bus stops, railway stations and traffic signals. Attacks on Cell phones increases because of  increasing usage of cell phones and availability of internet using cell phones.  Increasing demand of WiFi zones in Metropolitans & extensive usage of cell phones with the lack of awareness/knowledge about the vulnerabilities of the technology.
Attacks on Mobile/Cell Phones (Same as Book) 1. Mobile Phone Theft: Contd….. The following factors contribute for outbreaks on mobile devices: 1. Enough target terminals: The first Palm OS virus was seen after the number of Palm OS devices reached 15 million. The first instance of a mobile virus was observed during June 2004 when it was discovered that an organization "Ojam" had engineered an antipiracy Trojan virus in older versions of their mobile phone game known as Mosquito. This virus sent SMS text messages to the organization without the users' knowledge.
Attacks on Mobile/Cell Phones (Same as Book) 1. Mobile Phone Theft: Contd….. 2. Enough functionality: Mobile devices are increasingly being equipped with office functionality and already carry critical data and applications, which are often protected insufficiently or not at all. The expanded functionality also increases the probability of malware. 3. Enough connectivity: Smartphones offer multiple communication options, such as SMS, MMS, synchronization, Bluetooth, infrared (IR) and WLAN connections. Therefore, unfortunately, the increased amount of freedom also offers more choices for virus writers.
Attacks on Mobile/Cell Phones (Same as Book) 2. Mobile Viruses: Mobile Viruses 3. Mishing: Mishing 4. Vishing: Vishing 5. Smishing: Smishing 6. Hacking Bluetooth: Hacking Bluetooth

Recommended

Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpointgalaxy201
 
Goals of protection
Goals of protectionGoals of protection
Goals of protectionveena ali
 
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptxChap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptxSharmilaMore5
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-MalwareArpit Mittal
 
Authentication service security
Authentication service securityAuthentication service security
Authentication service securityG Prachi
 
Windowsforensics
WindowsforensicsWindowsforensics
WindowsforensicsSantosh Khadsare
 
Steganography presentation
Steganography presentationSteganography presentation
Steganography presentationBSheghembe
 
What Is Spyware?
What Is Spyware?What Is Spyware?
What Is Spyware?Lookout
 

Recommended

Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpointgalaxy201
 
Goals of protection
Goals of protectionGoals of protection
Goals of protectionveena ali
 
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptxChap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptxSharmilaMore5
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-MalwareArpit Mittal
 
Authentication service security
Authentication service securityAuthentication service security
Authentication service securityG Prachi
 
Windowsforensics
WindowsforensicsWindowsforensics
WindowsforensicsSantosh Khadsare
 
Steganography presentation
Steganography presentationSteganography presentation
Steganography presentationBSheghembe
 
What Is Spyware?
What Is Spyware?What Is Spyware?
What Is Spyware?Lookout
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application SecurityIshan Girdhar
 
Malware Classification and Analysis
Malware Classification and AnalysisMalware Classification and Analysis
Malware Classification and AnalysisPrashant Chopra
 
Distributed system Tanenbaum chapter 1,2,3,4 notes
Distributed system Tanenbaum chapter 1,2,3,4 notes Distributed system Tanenbaum chapter 1,2,3,4 notes
Distributed system Tanenbaum chapter 1,2,3,4 notes SAhammedShakil
 
Android malware presentation
Android malware presentationAndroid malware presentation
Android malware presentationSandeep Joshi
 
Ransomware
Ransomware Ransomware
Ransomware Armor
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoorsGaurav Dalvi
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityBharath Rao
 
Access control matrix
Access control matrixAccess control matrix
Access control matrixAravindharamanan S
 
Analysing Ransomware
Analysing RansomwareAnalysing Ransomware
Analysing RansomwareNapier University
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Controlidingolay
 
إختبارات في أمن المعلومات It security
إختبارات في أمن المعلومات It securityإختبارات في أمن المعلومات It security
إختبارات في أمن المعلومات It securitySherief Elmetwali
 
The Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSThe Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSPriyanka Aash
 
Spyware
SpywareSpyware
SpywareIshita Bansal
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and SpywaresAnkit Mistry
 
Computer Worms
Computer WormsComputer Worms
Computer Wormssadique_ghitm
 
Advanced persistent threat (apt)
Advanced persistent threat (apt)Advanced persistent threat (apt)
Advanced persistent threat (apt)mmubashirkhan
 
Types of malicious software and remedies
Types of malicious software and remediesTypes of malicious software and remedies
Types of malicious software and remediesManish Kumar
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and RisksInformation Technology
 
Client server network threat
Client server network threatClient server network threat
Client server network threatRaj vardhan
 
Mac Forensics
Mac ForensicsMac Forensics
Mac ForensicsCTIN
 
Chapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptxChapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptx1SI19IS064TEJASS
 
Cn35499502
Cn35499502Cn35499502
Cn35499502IJERA Editor
 

More Related Content

What's hot

Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application SecurityIshan Girdhar
 
Malware Classification and Analysis
Malware Classification and AnalysisMalware Classification and Analysis
Malware Classification and AnalysisPrashant Chopra
 
Distributed system Tanenbaum chapter 1,2,3,4 notes
Distributed system Tanenbaum chapter 1,2,3,4 notes Distributed system Tanenbaum chapter 1,2,3,4 notes
Distributed system Tanenbaum chapter 1,2,3,4 notes SAhammedShakil
 
Android malware presentation
Android malware presentationAndroid malware presentation
Android malware presentationSandeep Joshi
 
Ransomware
Ransomware Ransomware
Ransomware Armor
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoorsGaurav Dalvi
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityBharath Rao
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Controlidingolay
 
إختبارات في أمن المعلومات It security
إختبارات في أمن المعلومات It securityإختبارات في أمن المعلومات It security
إختبارات في أمن المعلومات It securitySherief Elmetwali
 
The Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSThe Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSPriyanka Aash
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and SpywaresAnkit Mistry
 
Advanced persistent threat (apt)
Advanced persistent threat (apt)Advanced persistent threat (apt)
Advanced persistent threat (apt)mmubashirkhan
 
Types of malicious software and remedies
Types of malicious software and remediesTypes of malicious software and remedies
Types of malicious software and remediesManish Kumar
 
Client server network threat
Client server network threatClient server network threat
Client server network threatRaj vardhan
 
Mac Forensics
Mac ForensicsMac Forensics
Mac ForensicsCTIN
 

What's hot (20)

Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
 
Malware Classification and Analysis
Malware Classification and AnalysisMalware Classification and Analysis
Malware Classification and Analysis
 
Distributed system Tanenbaum chapter 1,2,3,4 notes
Distributed system Tanenbaum chapter 1,2,3,4 notes Distributed system Tanenbaum chapter 1,2,3,4 notes
Distributed system Tanenbaum chapter 1,2,3,4 notes
 
Android malware presentation
Android malware presentationAndroid malware presentation
Android malware presentation
 
Ransomware
Ransomware Ransomware
Ransomware
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoors
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
 
Access control matrix
Access control matrixAccess control matrix
Access control matrix
 
Analysing Ransomware
Analysing RansomwareAnalysing Ransomware
Analysing Ransomware
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Control
 
إختبارات في أمن المعلومات It security
إختبارات في أمن المعلومات It securityإختبارات في أمن المعلومات It security
إختبارات في أمن المعلومات It security
 
The Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSThe Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOS
 
Spyware
SpywareSpyware
Spyware
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and Spywares
 
Computer Worms
Computer WormsComputer Worms
Computer Worms
 
Advanced persistent threat (apt)
Advanced persistent threat (apt)Advanced persistent threat (apt)
Advanced persistent threat (apt)
 
Types of malicious software and remedies
Types of malicious software and remediesTypes of malicious software and remedies
Types of malicious software and remedies
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and Risks
 
Client server network threat
Client server network threatClient server network threat
Client server network threat
 
Mac Forensics
Mac ForensicsMac Forensics
Mac Forensics
 

Similar to CS_UNIT 2(P3).pptx

Chapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptxChapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptx1SI19IS064TEJASS
 
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdfCASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdfkostikjaylonshaewe47
 
Securing mobile devices in the business environment
Securing mobile devices in the business environmentSecuring mobile devices in the business environment
Securing mobile devices in the business environmentIBM Software India
 
Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveMobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveIcomm Technologies
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?acijjournal
 
IRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET Journal
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate ITPeter Wood
 
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)ijccsa
 
A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...
A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...
A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...ijccsa
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile securityKavita Rastogi
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityBryCunal
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data ProtectionUthsoNandy
 
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...iosrjce
 

Similar to CS_UNIT 2(P3).pptx (20)

Chapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptxChapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptx
 
Cn35499502
Cn35499502Cn35499502
Cn35499502
 
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdfCASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
 
Securing mobile devices in the business environment
Securing mobile devices in the business environmentSecuring mobile devices in the business environment
Securing mobile devices in the business environment
 
Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveMobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to Solve
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
 
IRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and Threats
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate IT
 
Protecting Americas Next Generation Networks
Protecting Americas Next Generation NetworksProtecting Americas Next Generation Networks
Protecting Americas Next Generation Networks
 
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
 
A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...
A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...
A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...
 
Network monitoring white paper
Network monitoring white paperNetwork monitoring white paper
Network monitoring white paper
 
Cybercrimes
CybercrimesCybercrimes
Cybercrimes
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
 
Information security
Information securityInformation security
Information security
 
L017326972
L017326972L017326972
L017326972
 
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
 
C018131821
C018131821C018131821
C018131821
 

Recently uploaded

ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxAshokKarra1
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYKayeClaireEstoconing
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Celine George
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 

Recently uploaded (20)

ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdf
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptx
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptx
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptxFINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 

CS_UNIT 2(P3).pptx

  • 1. UNIT 2  Credit Card Frauds in Mobile & Wireless Computing Era  Security Challenges  Registry Settings for Mobile Devices  Authentication Service Security  Attacks on Mobile/Cell Phones
  • 2.  Trends in Mobility  In the past two decades, we’ve not only cut the cord between our phones and the wall, but we have gained the ability to stream video, play games, and access the web from what has essentially become a powerful handheld computer. 5G will push those capabilities to the next level.  Since the late 1970s, the ability to communicate with others using a device that is untethered to a wire has changed the way people interact, whether they are located across the street or in another country. Prior to the introduction of cellular technology, ham shortwave and FM radios provided two-way communication to those willing to learn Morse code and obtain a license. Citizens band (CB) radios offered up to 20-mile links and became wildly popular with the mass market in the early to mid-1960s. However, weather conditions and time of day had a major influence on reliability of ham radio links, while transmission power limits and chatty enthusiasts reduced the usefulness of CB.
  • 3.
  • 4.  The industry needed a system that consumed little energy to enable small portable devices to operate on battery power. Cellular phones evolved to meet this need. Rather than adopt a point-to-point long-distance strategy, cellular phones link to a grid of local relay base stations.  A progression of enhanced technical standards enabled compatibility among devices and opened the door to development of a rapidly expanding market. Efficient network management was the other key to development of advanced cellular communication systems in terms of speed, reliability, latency, capacity, and additional features.
  • 5.  The first generation of mobile networks, dubbed 1G, was introduced in Japan in 1979. It offered analog 2.4Kb/s with limited coverage and no roaming support. In 1991, 2G employed digital signaling to bump the speed to 64Kb/s and used the Global System for Mobile Communications (GSM) standard for improved voice fidelity and reliability. It also ushered in the ability to send text messages and photos. 3G was introduced in 2001 and harmonized global standards, along with 256Kb/s speed. Additional functions included video conferencing, streaming, and Voice over Internet Protocol (VoIP). The fourth and most common generation in use today, 4G Long-Term Evolution (LTE), can deliver speeds to 1Gb/s for high-definition video, web access, and gaming applications.  We are now on the cusp of 5G, which is designed to support the escalating demands of a universe of Internet of Things (IoT), explosion of consumer video, telemedicine, telework, and future autonomous transportation. In addition to a 10 times to as much as 100 times increase in speed, latency will be dramatically reduced. The ability to support many more connected devices with greater network efficiency and reduced latency is driving the transition to 5G.
  • 6.
  • 7.
  • 8. Credit Card Frauds & Wireless Computing Era Types of Credit Card Frauds  Traditional Techniques:  paper based fraud – criminal uses stolen or fake documents, to open an account in someone else’s name.  can be divided into ID theft  Financial fraud  illegal use of lost or stolen card  Modern Techniques:  enable criminals to produce fake or doctored cards.  Skimming process 1. Triangulation 2. Credit Card Generators (From Book)
  • 9. Triangulation Method - aim to create great deal of confusion for the authorities.
  • 10. Main challenges involved in credit card fraud detection are:  Enormous Data is processed every day and the model build must be fast enough to respond to the scam in time.  Imbalanced Data i.e most of the transactions (99.8%) are not fraudulent which makes it really hard for detecting the fraudulent ones  Data availability as the data is mostly private.  Misclassified Data can be another major issue, as not every fraudulent transaction is caught and reported.  Adaptive techniques used against the model by the scammers.
  • 11. Security challenges posed by mobile devices (FROM PPT) Mobility brings two main challenges to cyber security: first, on the hand-held devices, information is being taken outside the physically controlled environment. and Second, remote access back to the protected environment is being granted. The importance of providing employees with remote access and the ability to work from anywhere means that organizations need to implement tools that increase the security of mobile devices. Mobile phone security threats generally include application based, web-based, network-based, physical threats (or challenges) and technical challenges.
  • 12. Security challenges posed by mobile devices 1. Application based threat: Application-based threats happen when people download apps that look legitimate but actually skim data from their device. Even legitimate apps often request more permission than needed to perform their function, which can expose more data than necessary. Examples are spyware and malware that steal personal and business information without people realizing it’s happening. These threats also includes Data Leakage via Malicious Apps (as hackers can easily find an unprotected mobile app and use that unprotected app to design larger attacks or steal data, digital wallets, backend details, and other juicy bits directly from the app) and Zero Day Vulnerabilities (zero-day vulnerabilities that left its devices open for spyware attacks and released a patch to protect users against these vulnerabilities. A software vulnerability discovered by attackers before the vendor has become aware of it. Because the vendors are unaware, no patch exists for zero-day vulnerabilities, making attacks likely to succeed)
  • 13. Security challenges posed by mobile devices 1. Application based threat: Contd…. The best way to protect your organization against data leakage (or App based threats) through malicious or unsecured applications is by using mobile application management (MAM) tools. These tools allow IT admins to manage corporate apps (wipe or control access permissions) on their employees’ devices without disrupting employees’ personal apps or data.
  • 14. Security challenges posed by mobile devices 2. Web based threat: Web-based threats are subtle and tend to go unnoticed. They happen when people visit affected sites that seem fine on the front-end but, in reality, automatically download malicious content onto devices. Examples: Phishing Scams Social Engineering Drive By Downloads Operating System Flaws
  • 15. Security challenges posed by mobile devices 2. Web based threat: Contd… Social Engineering Social engineering attacks are when bad actors send fake emails (phishing attacks) or text messages (smishing attacks) to your employees in an effort to trick them into handing over private information like their passwords or downloading malware onto their devices. Drive By Downloads Drive by download attacks specifically refer to malicious programs that install to your devices — without your consent. This also includes unintentional downloads of any files or bundled software onto a computer device. Operating System Flaws Operating system (OS) vulnerabilities are exposures within an OS that allow cyber attackers to cause damage on any device where the OS is installed. Large numbers of mobile devices are not kept up to date with operating system releases. Out of date operating systems mean devices are vulnerable to security threats that are patched in the later versions. Mobile security requires continuous work to find and patch vulnerabilities that bad actors use to gain unauthorized access to your systems and data.
  • 16. Security challenges posed by mobile devices 2. Web based threat: Contd… Tips to Combat Web based threats  The best defense for phishing and other social engineering attacks is to teach employees how to spot phishing emails and SMS messages that look suspicious and avoid falling prey to them altogether.  Reducing the number of people who have access to sensitive data or systems can also help protect your organization against social engineering attacks because it reduces the number of access points attackers have to gain access to critical systems or information.  Only use your computer’s admin account for program installations. Keep your web browser and operating system up to date. Be wary of keeping too many unnecessary programs and apps. Always avoid websites that may contain malicious code. Carefully read and examine security popups on the web before clicking. Use Ad-Blocker
  • 17. Security challenges posed by mobile devices 3. Network-based threat: Network-based threats are especially common and risky because cybercriminals can steal unencrypted data while people use public WiFi networks. Users often rely on public Wi-Fi to stay connected when they work outside the office. These unsecured Wi-Fi networks can allow malware to be installed on devices or eavesdroppers to intercept data. Public WiFi networks are generally less secure than private networks because there’s no way to know who set the network up, how (or if) it’s secured with encryption, or who is currently accessing it or monitoring it. And as more companies offer remote work options, the public WiFi networks your employees use to access your servers (e.g., from coffee shops or cafes) could present a risk to your organization. For example, cybercriminals often set up WiFi networks that look authentic but are actually a front to capture data that passes through their system (a “man in the middle” attack). Examples: •Network Exploits •WiFi Sniffing •Packet Sniffing •BYOD (Bring Your Own Device)
  • 18. Security challenges posed by mobile devices 3. Network-based threat: Contd…. There’s no single standard for mobile devices, especially when you allow BYOD rather than supplying the devices. Because of the variety of devices and operating systems, it’s difficult to apply controls consistently to ensure the safety of all of them.
  • 19. Security challenges posed by mobile devices 3. Network-based threat: Contd…. Tips to Combat The best way for you to protect your organization against threats over public WiFi networks is by requiring employees to use a VPN to access company systems or files. This will ensure that their session stays private and secure, even if they use a public network to access your systems.
  • 20. Security challenges posed by mobile devices 4. Physical Threats: Physical threats to mobile devices most commonly refer to the loss or theft of a device. Because hackers have direct access to the hardware where private data is stored, this threat is especially dangerous to enterprises. Example - Loss/Theft: Loss or theft is the most unwanted physical threat to the security of your mobile device. Any devices itself has value and can be sold on the secondary market after all your information is stolen and sold. Tips to Combat First and foremost, you’ll want to ensure employees know what steps to take if they lose their device. Since most devices come with remote access to delete or transfer information, that should include asking employees to make sure those services are activated
  • 21. Security challenges posed by mobile devices 5. Technical challenges in mobile security are:  Managing the registry settings and configurations,  Authentication service security,  Cryptography security,  Remote access server (RAS) security, Media player control security, Networking application program interface (API), security etc.
  • 22. Registry Settings for Mobile Devices: Let us understand the issue of registry settings on mobile devices through an example: Microsoft Activesync is meant for synchronization with Windows-powered personal computers (PCs) and Microsoft Outlook. ActiveSync acts as the "gateway between Windows-powered PC and Windows mobile-powered device, enabling the transfer of applications such as Outlook information, Microsoft Office documents, pictures, music, videos and applications from a user's desktop to his/her device. In addition to synchronizing with a PC, ActiveSync can synchronize directly with the Microsoft exchange server so that the users can keep their E-Mails, calendar, notes and contacts updated wirelessly when they are away from their PCs. In this context, registry setting becomes an important issue given the ease with which various applications allow a free flow of information.
  • 23. Authentication Service Security: There are two components of security in mobile computing: 1. security of devices and 2. security in networks. A secure network access involves authentication between the device and the base stations or Web servers. This is to ensure that only authenticated devices can be connected to the network for obtaining the requested services. No Malicious Code can impersonate the service provider to trick the device into doing something it does not mean to. Thus, the networks also play a crucial role in security of mobile devices. Some eminent kinds of attacks to which mobile devices are subjected to are: push attacks, pull attacks and crash attacks. Authentication services security is important given the typical attacks on mobile devices through wireless networks: Dos attacks, traffic analysis, eavesdropping, man-in-the-middle attacks and session hijacking. Security measures in this scenario come from Wireless Application Protocols (WAPs), use of VPNs, media access control (MAC) address filtering and development in 802.xx standards.
  • 24. Attacks on Mobile/Cell Phones (Same as Book) 1. Mobile Phone Theft: Mobile phones have become an integral part of everbody's life and the mobile phone has transformed from being a luxury to a bare necessity. Increase in the purchasing power and availability of numerous low cost handsets have also lead to an increase in mobile phone users. Theft of mobile phones has risen dramatically over the past few years. Since huge section of working population in India use public transport, major locations where theft occurs are bus stops, railway stations and traffic signals. Attacks on Cell phones increases because of  increasing usage of cell phones and availability of internet using cell phones.  Increasing demand of WiFi zones in Metropolitans & extensive usage of cell phones with the lack of awareness/knowledge about the vulnerabilities of the technology.
  • 25. Attacks on Mobile/Cell Phones (Same as Book) 1. Mobile Phone Theft: Contd….. The following factors contribute for outbreaks on mobile devices: 1. Enough target terminals: The first Palm OS virus was seen after the number of Palm OS devices reached 15 million. The first instance of a mobile virus was observed during June 2004 when it was discovered that an organization "Ojam" had engineered an antipiracy Trojan virus in older versions of their mobile phone game known as Mosquito. This virus sent SMS text messages to the organization without the users' knowledge.
  • 26. Attacks on Mobile/Cell Phones (Same as Book) 1. Mobile Phone Theft: Contd….. 2. Enough functionality: Mobile devices are increasingly being equipped with office functionality and already carry critical data and applications, which are often protected insufficiently or not at all. The expanded functionality also increases the probability of malware. 3. Enough connectivity: Smartphones offer multiple communication options, such as SMS, MMS, synchronization, Bluetooth, infrared (IR) and WLAN connections. Therefore, unfortunately, the increased amount of freedom also offers more choices for virus writers.
  • 27. Attacks on Mobile/Cell Phones (Same as Book) 2. Mobile Viruses: Mobile Viruses 3. Mishing: Mishing 4. Vishing: Vishing 5. Smishing: Smishing 6. Hacking Bluetooth: Hacking Bluetooth