This document summarizes security issues related to mobile devices, networks, and communication. It discusses how mobile devices store sensitive data and access various networks, raising security concerns. Issues addressed include unauthorized access of data on lost or stolen devices, insecure communication channels, and vulnerabilities in mobile networks like cellular networks. The document also examines existing security measures and the need for improved solutions to address issues like authentication, encryption, and access control across mobile technologies.
The mobile device is one of the fasted growing technologies that is widely used in a diversifying sector.
Mobile devices are used for everyday life, such as personal information exchange – chatting, email,
shopping, and mobile banking, contributing to information security threats. Users' behavior can influence
information security threats. More research is needed to understand users' threat avoidance behavior and
motivation. Using Technology threat avoidance theory (TTAT), this study assessed factors that influenced
mobile device users' threat avoidance motivations and behaviors as it relates to phishing attacks.
Malware threat analysis techniques and approaches for IoT applications: a reviewjournalBEEI
Internet of things (IoT) is a concept that has been widely used to improve business efficiency and customer’s experience. It involves resource constrained devices connecting to each other with a capability of sending data, and some with receiving data at the same time. The IoT environment enhances user experience by giving room to a large number of smart devices to connect and share information. However, with the sophistication of technology has resulted in IoT applications facing with malware threat. Therefore, it becomes highly imperative to give an understanding of existing state-of-the-art techniques developed to address malware threat in IoT applications. In this paper, we studied extensively the adoption of static, dynamic and hybrid malware analyses in proffering solution to the security problems plaguing different IoT applications. The success of the reviewed analysis techniques were observed through case studies from smart homes, smart factories, smart gadgets and IoT application protocols. This study gives a better understanding of the holistic approaches to malware threats in IoT applications and the way forward for strengthening the protection defense in IoT applications.
With rapid growth of science and information technology, Internet of things (IoT) becomes as an integral part of daily life. The applications of IoT are expanded starting from connected cars, wearables, connected health, smart retail and healthcare. However, security issues are increasing with the increase of its use. Lack of compliances on the part of IoT manufacturers, lack of user knowledge and awareness, device update and management, lack of physical hardening and botnet attacks are considered as the major reasons for security issues in IoT based applications. In this aspect, it becomes important to analyze security issues involved with IoT and its impact on the users that has been performed in the present study
A Study on Device Oriented Security Challenges in Internet of Things (IoT)Eswar Publications
Internet of Things (IoT) basically discusses about the connection of various physical devices through a network
and let them take an active part by exchanging information through Internet. This paper presents important applications of IoT and the different challenges of IoT. Out of the various challenges, attacks on the devices used in IoT are of serious concern. Device oriented attacks and the defensive mechanisms are studied in this paper. A comparison is done for the specific malicious attacks on the M2M communicating devices.
The mobile device is one of the fasted growing technologies that is widely used in a diversifying sector.
Mobile devices are used for everyday life, such as personal information exchange – chatting, email,
shopping, and mobile banking, contributing to information security threats. Users' behavior can influence
information security threats. More research is needed to understand users' threat avoidance behavior and
motivation. Using Technology threat avoidance theory (TTAT), this study assessed factors that influenced
mobile device users' threat avoidance motivations and behaviors as it relates to phishing attacks.
Malware threat analysis techniques and approaches for IoT applications: a reviewjournalBEEI
Internet of things (IoT) is a concept that has been widely used to improve business efficiency and customer’s experience. It involves resource constrained devices connecting to each other with a capability of sending data, and some with receiving data at the same time. The IoT environment enhances user experience by giving room to a large number of smart devices to connect and share information. However, with the sophistication of technology has resulted in IoT applications facing with malware threat. Therefore, it becomes highly imperative to give an understanding of existing state-of-the-art techniques developed to address malware threat in IoT applications. In this paper, we studied extensively the adoption of static, dynamic and hybrid malware analyses in proffering solution to the security problems plaguing different IoT applications. The success of the reviewed analysis techniques were observed through case studies from smart homes, smart factories, smart gadgets and IoT application protocols. This study gives a better understanding of the holistic approaches to malware threats in IoT applications and the way forward for strengthening the protection defense in IoT applications.
With rapid growth of science and information technology, Internet of things (IoT) becomes as an integral part of daily life. The applications of IoT are expanded starting from connected cars, wearables, connected health, smart retail and healthcare. However, security issues are increasing with the increase of its use. Lack of compliances on the part of IoT manufacturers, lack of user knowledge and awareness, device update and management, lack of physical hardening and botnet attacks are considered as the major reasons for security issues in IoT based applications. In this aspect, it becomes important to analyze security issues involved with IoT and its impact on the users that has been performed in the present study
A Study on Device Oriented Security Challenges in Internet of Things (IoT)Eswar Publications
Internet of Things (IoT) basically discusses about the connection of various physical devices through a network
and let them take an active part by exchanging information through Internet. This paper presents important applications of IoT and the different challenges of IoT. Out of the various challenges, attacks on the devices used in IoT are of serious concern. Device oriented attacks and the defensive mechanisms are studied in this paper. A comparison is done for the specific malicious attacks on the M2M communicating devices.
A survey on Internet of Things (IoT) security : Challenges and Current statusvivatechijri
When Internet of Things (IoT) applications become a part of people’s daily life, security issues in IoT have caught substantial attention in both academia and industry. Compared to traditional computing systems, IoT systems have more inherent vulnerabilities, and in the intervening time, could have higher security requirements. However, the current design of IoT does not successfully address the higher security requirements postured by those vulnerabilities. Many recent attacks on IoT systems have shown that novel security solutions are needed to defend this emerging system. This paper purposes to examine security challenges resulted from the special characteristics of the IoT systems and the new features of the IoT applications. This could help pave the road to better security solution design. Furthermore, three architectural security designs are suggested and analyzed. Examples of how to implement these designs are discussed. Finally, for each layer in IoT architecture, open issues are also identified.
This approach mainly based on examines how many differences do exist between BlackBerry OS and new BlackBerry OS based on QNX OS. It highlights whether one techniques provide more easy implementation, investigation and handling or not, what common differences examiners may encounter and what they should as concept be involved to forensic handling with these platforms because a Playbook OS is completely a new approach.
http://hakin9.org/dont-be-mocked-secure-your-system-0512-2/
Secure Modern Healthcare System Based on Internet of Things and Secret Sharin...Eswar Publications
The Internet of Things (IoT), is a concept that describes how objects that we are used in daily life will interact and negotiate with other objects over the internet. The amount of devices with Wi-Fi capabilities and built-in sensors keeps on increasing. IoT combines smart devices to provide smart services and applications like smart cities, smart healthcare, smart home, and digital farm etc. But it is very crucial to secure connected IoT devices and networks because of the nature of IoT system. In this paper, the existing works are analyzed and an IoT based
healthcare system architecture is proposed. An authentication scheme to enhance the security of the proposed healthcare system is also present.
Development of wireless and intelligent home automation systemTELKOMNIKA JOURNAL
The Intelligent Home Automation System (IHAS) is usually a cell phone web-based application that enables end users in order to keep track of in addition to manage home/office appliance using their mobile system. The main objective of this system is developed to facilitate home users, especially domestic electrical appliances with simple controls. In addition, it can save the cost of electricity for lighting can be controlled to suit the user. Generally, most home appliances controlled from a distance using a remote control. Has created a system for controlling home lighting from a certain distance, which replaces the remote control using mobile smartphone. To make the smartphone to function as a remote control, an application was developed using Android technology. App Inventor software used for designing applications intended. Hardware microcontroller Arduino UNO R3 which is used to connect the smartphone to the electrical equipment. The system has been tested by developing a mini model and take into account the situation in the domestic home. The test is based on the level of control for wirelessly using Bluetooth and the distance between the lamp and the smartphone. The results of this test, the system can be used on equipment or other home appliances for the purpose of controlling or adjustment. In addition, the security system was also highlighted in a typical system, using the global system for mobile (GSM), it can be warned and notified to the consumer where there is a gas leak or the presence of a person in the vicinity of the residence.
Security Issues & Threats in IoT InfrastructureIJAEMSJORNAL
IoT (Internet of Things) expands the future Internet, and has drawn much attention. As more and more gadgets (i.e. Things) connected to the Internet, the huge amount of data exchanged has reached an unprecedented level.IoT today has a wide scope and researches say that IoT will definitely be a huge reason in the change of human lifestyle. But irrespective of the scope of IoT, we cannot be sure enough to implement it due to the security concerns. There is a genuine need to secure IoT, which has therefore resulted in a need to comprehensively understand the threats and attacks on IoT infrastructure. This paper discusses about the flaws in the security structure of IoT, it is a study about the various layers of IoT and how differentattacks are possible in those layers.
Smartphone Forensic Investigation Process ModelCSCJournals
Law practitioners are in an uninterrupted battle with criminals in the application of computer/digital technologies, and these days the advancement in the use of Smartphones and social media has exponentially increased this risk. Thus it requires the development of a sound methodology to investigate Smartphones in a well defined and secured way. Computer fraud and digital crimes are growing rapidly and only very few cases result in confidence. Nowadays Smartphones accounts for the major portion as a source of digital criminal evidence. This paper tries to enlighten the development of the digital forensics process model for Smartphones, compares digital forensic methodologies, and finally proposes a systematic Smartphone forensic investigation process model. This model adapt most of the previous methodologies with rectifying shortcomings and proposes few more steps which are necessary to be considered to move with the advancement in technology. This paper present an overview of previous forensic strategies and the difficulties now being faced by the particular domain. The proposed model explores the different processes involved in the forensic investigation of a Smartphone in the form of an fourteen- stage model. The Smartphone forensic investigation process model (SPFIPM) has been developed with the aim of guiding the a effective way to investigate a Smartphone with more area of finding the potential evidence.
Comprehensive survey on security problems and key technologies of the interne...RSIS International
Internet of things (IoT) is a collection of many
interconnected objects, services, humans, and devices that can
communicate, share data, and information to achieve a common
goal in different areas and applications. The vision of IoT is to
enable devices to collaborate with each other on the Internet. IoT
security focuses on authentication and access control protocols.
IoT security is the area with protection connected devices and
networks. There are many key challenges in designing a secure
IoT: Privacy, Authentication, Access Control, Trust,
Confidentiality, Mobile Security, etc. Attacks on IoT security
devices are physical attacks, side channel attacks, cryptanalysis
attacks, software attacks, network attacks. This paper describes
Security Problems of IoT, Security issues and Key Technologies
of IoT.
Wearables are small electronic devices, often comprising one or more sensors and having computational capability. Devices such as wrist watches, pens, and glasses with installed cameras are now available at cheap prices for user to purchase to monitor or securing themselves. The Nigerian state at this period is faced with a lot of kidnapping activities in schools, homes and abduction for the purpose of ransomed collection and other illegal activities necessitate these reviews. The success of the wearable technology in medical uses prompted the research into application into security uses. The method of research is the use of case studies and literature search. This paper takes a look at the possible applications of the wearable technology to combat the cases of abduction and kidnapping in Nigeria.
Architectural Layers of Internet of Things: Analysis of Security Threats and ...Scientific Review SR
A pervasive network architecture that interconnect heterogeneous objects, devices, technologies and services called
Internet of Things has prompted a drastic change in demand of smart devices which in turn has increased the rate of
data exchange. These smart devices are built with numerous sensors which collect information from other interacting
devices, process it and send it to remote locations for storage or further processing. Although this mechanism of data
processing and sharing has contributed immensely to the information world, it has recently posed high security risk
on privacy and data confidentiality. This paper therefore analyses different security threats to data at different
architectural layers of Internet of Things, possible countermeasures and other in-depth security measures for Internet
of Things. The paper identifies device authentication on IoT network to be of paramount impo rtance in securing IoT
systems. This paper also suggests some essential technologies of security such as encryption for securing IoT
devices and the data shared over IoT network
IMPROVE SECURITY IN SMART CITIES BASED ON IOT, SOLVE CYBER ELECTRONIC ATTACKS...IJNSA Journal
Smart cities are expected to significantly improve people's quality of life, promote sustainable development, and enhance the efficiency of operations. With the implementation of many smart devices, c problems have become a serious challenge that needs strong treatments, especially the cyber-attack, which most countries suffer from it.
My study focuses on the security of smart city systems, which include equipment like air conditioning, alarm systems, lighting, and doors. Some of the difficulties that arise daily may be found in the garage. This research aims to come up with a simulation of smart devices that can be and reduce cyber attach. Use of Cisco Packet tracer Features Simulated smart home and c devices are monitored. Simulation results show that smart objects can be connected to the home portal and objects can be successfullymonitored which leads to the idea of real-life implementation and see. In my research make manysolutions for attachingissues,which was great, and apply some wirelessprotocol.
A survey on Internet of Things (IoT) security : Challenges and Current statusvivatechijri
When Internet of Things (IoT) applications become a part of people’s daily life, security issues in IoT have caught substantial attention in both academia and industry. Compared to traditional computing systems, IoT systems have more inherent vulnerabilities, and in the intervening time, could have higher security requirements. However, the current design of IoT does not successfully address the higher security requirements postured by those vulnerabilities. Many recent attacks on IoT systems have shown that novel security solutions are needed to defend this emerging system. This paper purposes to examine security challenges resulted from the special characteristics of the IoT systems and the new features of the IoT applications. This could help pave the road to better security solution design. Furthermore, three architectural security designs are suggested and analyzed. Examples of how to implement these designs are discussed. Finally, for each layer in IoT architecture, open issues are also identified.
This approach mainly based on examines how many differences do exist between BlackBerry OS and new BlackBerry OS based on QNX OS. It highlights whether one techniques provide more easy implementation, investigation and handling or not, what common differences examiners may encounter and what they should as concept be involved to forensic handling with these platforms because a Playbook OS is completely a new approach.
http://hakin9.org/dont-be-mocked-secure-your-system-0512-2/
Secure Modern Healthcare System Based on Internet of Things and Secret Sharin...Eswar Publications
The Internet of Things (IoT), is a concept that describes how objects that we are used in daily life will interact and negotiate with other objects over the internet. The amount of devices with Wi-Fi capabilities and built-in sensors keeps on increasing. IoT combines smart devices to provide smart services and applications like smart cities, smart healthcare, smart home, and digital farm etc. But it is very crucial to secure connected IoT devices and networks because of the nature of IoT system. In this paper, the existing works are analyzed and an IoT based
healthcare system architecture is proposed. An authentication scheme to enhance the security of the proposed healthcare system is also present.
Development of wireless and intelligent home automation systemTELKOMNIKA JOURNAL
The Intelligent Home Automation System (IHAS) is usually a cell phone web-based application that enables end users in order to keep track of in addition to manage home/office appliance using their mobile system. The main objective of this system is developed to facilitate home users, especially domestic electrical appliances with simple controls. In addition, it can save the cost of electricity for lighting can be controlled to suit the user. Generally, most home appliances controlled from a distance using a remote control. Has created a system for controlling home lighting from a certain distance, which replaces the remote control using mobile smartphone. To make the smartphone to function as a remote control, an application was developed using Android technology. App Inventor software used for designing applications intended. Hardware microcontroller Arduino UNO R3 which is used to connect the smartphone to the electrical equipment. The system has been tested by developing a mini model and take into account the situation in the domestic home. The test is based on the level of control for wirelessly using Bluetooth and the distance between the lamp and the smartphone. The results of this test, the system can be used on equipment or other home appliances for the purpose of controlling or adjustment. In addition, the security system was also highlighted in a typical system, using the global system for mobile (GSM), it can be warned and notified to the consumer where there is a gas leak or the presence of a person in the vicinity of the residence.
Security Issues & Threats in IoT InfrastructureIJAEMSJORNAL
IoT (Internet of Things) expands the future Internet, and has drawn much attention. As more and more gadgets (i.e. Things) connected to the Internet, the huge amount of data exchanged has reached an unprecedented level.IoT today has a wide scope and researches say that IoT will definitely be a huge reason in the change of human lifestyle. But irrespective of the scope of IoT, we cannot be sure enough to implement it due to the security concerns. There is a genuine need to secure IoT, which has therefore resulted in a need to comprehensively understand the threats and attacks on IoT infrastructure. This paper discusses about the flaws in the security structure of IoT, it is a study about the various layers of IoT and how differentattacks are possible in those layers.
Smartphone Forensic Investigation Process ModelCSCJournals
Law practitioners are in an uninterrupted battle with criminals in the application of computer/digital technologies, and these days the advancement in the use of Smartphones and social media has exponentially increased this risk. Thus it requires the development of a sound methodology to investigate Smartphones in a well defined and secured way. Computer fraud and digital crimes are growing rapidly and only very few cases result in confidence. Nowadays Smartphones accounts for the major portion as a source of digital criminal evidence. This paper tries to enlighten the development of the digital forensics process model for Smartphones, compares digital forensic methodologies, and finally proposes a systematic Smartphone forensic investigation process model. This model adapt most of the previous methodologies with rectifying shortcomings and proposes few more steps which are necessary to be considered to move with the advancement in technology. This paper present an overview of previous forensic strategies and the difficulties now being faced by the particular domain. The proposed model explores the different processes involved in the forensic investigation of a Smartphone in the form of an fourteen- stage model. The Smartphone forensic investigation process model (SPFIPM) has been developed with the aim of guiding the a effective way to investigate a Smartphone with more area of finding the potential evidence.
Comprehensive survey on security problems and key technologies of the interne...RSIS International
Internet of things (IoT) is a collection of many
interconnected objects, services, humans, and devices that can
communicate, share data, and information to achieve a common
goal in different areas and applications. The vision of IoT is to
enable devices to collaborate with each other on the Internet. IoT
security focuses on authentication and access control protocols.
IoT security is the area with protection connected devices and
networks. There are many key challenges in designing a secure
IoT: Privacy, Authentication, Access Control, Trust,
Confidentiality, Mobile Security, etc. Attacks on IoT security
devices are physical attacks, side channel attacks, cryptanalysis
attacks, software attacks, network attacks. This paper describes
Security Problems of IoT, Security issues and Key Technologies
of IoT.
Wearables are small electronic devices, often comprising one or more sensors and having computational capability. Devices such as wrist watches, pens, and glasses with installed cameras are now available at cheap prices for user to purchase to monitor or securing themselves. The Nigerian state at this period is faced with a lot of kidnapping activities in schools, homes and abduction for the purpose of ransomed collection and other illegal activities necessitate these reviews. The success of the wearable technology in medical uses prompted the research into application into security uses. The method of research is the use of case studies and literature search. This paper takes a look at the possible applications of the wearable technology to combat the cases of abduction and kidnapping in Nigeria.
Architectural Layers of Internet of Things: Analysis of Security Threats and ...Scientific Review SR
A pervasive network architecture that interconnect heterogeneous objects, devices, technologies and services called
Internet of Things has prompted a drastic change in demand of smart devices which in turn has increased the rate of
data exchange. These smart devices are built with numerous sensors which collect information from other interacting
devices, process it and send it to remote locations for storage or further processing. Although this mechanism of data
processing and sharing has contributed immensely to the information world, it has recently posed high security risk
on privacy and data confidentiality. This paper therefore analyses different security threats to data at different
architectural layers of Internet of Things, possible countermeasures and other in-depth security measures for Internet
of Things. The paper identifies device authentication on IoT network to be of paramount impo rtance in securing IoT
systems. This paper also suggests some essential technologies of security such as encryption for securing IoT
devices and the data shared over IoT network
IMPROVE SECURITY IN SMART CITIES BASED ON IOT, SOLVE CYBER ELECTRONIC ATTACKS...IJNSA Journal
Smart cities are expected to significantly improve people's quality of life, promote sustainable development, and enhance the efficiency of operations. With the implementation of many smart devices, c problems have become a serious challenge that needs strong treatments, especially the cyber-attack, which most countries suffer from it.
My study focuses on the security of smart city systems, which include equipment like air conditioning, alarm systems, lighting, and doors. Some of the difficulties that arise daily may be found in the garage. This research aims to come up with a simulation of smart devices that can be and reduce cyber attach. Use of Cisco Packet tracer Features Simulated smart home and c devices are monitored. Simulation results show that smart objects can be connected to the home portal and objects can be successfullymonitored which leads to the idea of real-life implementation and see. In my research make manysolutions for attachingissues,which was great, and apply some wirelessprotocol.
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...CSCJournals
The growing usage of smart speakers raises many privacy and trust concerns compared to other technologies such as smart phones and computers. In this study, a proxy measure of trust is used to gauge users’ opinions on three different technologies based on an empirical study, and to understand which technology most people are most likely to trust. The collected data were analyzed using the Kruskal-Wallis H test to determine the statistical differences between the users’ trust level of the three technologies: smart speaker, computer and smart phone. The findings of the study revealed that despite the wide acceptance, ease of use and reputation of smart speakers, people find it difficult to trust smart speakers with their sensitive information via the Direct Voice Input (DVI) and would prefer to use a keyboard or touchscreen offered by computers and smart phones. Findings from this study can inform future work on users’ trust in technology based on perceived ease of use, reputation, perceived credibility and risk of using technologies via DVI.
Instant Messenger (IM) becomes one of the most popular applications in mobile technology and
communication. A lot of users around the world installed it for daily activities. Current IM found security
lacks both in authentication and encryption matters. Various IM growing today still not apply an efficient
method in authentication and encryption process, conventional security methods and client-server
architecture system have to risk too many users for attacking server such as compromising, cracking
password or PINs by Unauthorized people. Common IM services lack native encryption to protect
information being transmitted over the public network and still used high computation in the mobile
environment, this problem needs efficient security methods. Then, in public IM also found various
messages with fake users, it occurs because public IM carry out the separate system in authentication and
encryption process, strong authentication need to solve this issue in messenger environment. The
tremendous growth of mobile IM user needs efficient and secure communication way. This paper proposes
a new efficient method for securing message both in encryption and authentication within the end-to-end
model. In this research, security method proposes new algorithms based on Elliptic Curve (EC) works in
Peer to Peer (P2P) architecture than a conventional client-server model. The result shows this method
produces efficient time in authentication and encryption process while applying in a mobile environment.
Besides, it is compatible with the mobile phone which has a limitation of computation capabilities and
resources.
Security and Privacy of Big Data in Mobile DevicesIOSRjournaljce
Presently, the volume of data generated via mobile devices is at an exponential rate due to the rapid advancement in internet-enabled mobile devices, which makes it complex to ensure the privacy and security of this data. Cloud-based server is currently considered one of the most reliable solutions to address these issues. Nevertheless, the increasing uncertainties of storing useful and sensitive big data in a public cloud have suppressed the exploration of this option. In our paper, we meticulously reviewed the drawbacks in the current adopted solutions for security and privacy of big data within mobile devices. As the utilization of mobile platforms is increasingly generating large data, the current traditional methods of cryptography will not be able to efficiently ensure the security and privacy of this big data. Therefore, this paper will propose the utilization of Federated Identity Management that is Openstack cloud-based as an effective solution that can ensure the privacy and security of big data within mobile device ecosystem.
Mobile devices, specifically smartphones, have become ubiquitous. For this reason, businesses are starting
to develop “Bring Your Own Device” policies to allow their employees to use their owned devices in the
workplace. BYOD offers many potential advantages: enhanced productivity, increased revenues, reduced
mobile costs and IT efficiencies. However, due to emerging attacks and limitations on device resources, it is
difficult to trust these devices with access to critical proprietary information. Therefore, in this paper, the
potential attacks of BYOD and taxonomy of BYOD attacks are presented. Advanced persistent threat (APT)
and malware attack are discussed in depth in this paper. Next, the proposed solution to mitigate the attacks
of BYOD is discussed. Lastly, the evaluations of the proposed solutions based on the X.800 security
architecture are presented.
Network Security and Privacy in Medium Scale Businesses in NigeriaINFOGAIN PUBLICATION
Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. This study investigates a general framework for assessing the security and privacy of current networks. We ask a more general question: what security and privacy mechanisms are available to the medium sized businesses in Nigeria and to what extent have they utilized these mechanisms for the safety of organizational data. The study made use of both primary and secondary data sources. The primary source was a questionnaire administered to a total of 105 medium scale businesses in some of states i, Nigeria. The result showed that medium scale businesses in Nigeria store electronic data to a very high extent but lack the adequate hardware/software to prevent unauthorized access to electronically stored data. However, many of these companies do not have official policy as regards customer data privacy. In cases where they exist, customers are not aware of such policies. This study therefore recommends that government and regulatory bodies should give serious attention to network security and privacy of medium scale businesses in Nigeria. Network security standards should be set for any organization setting up or providing a wireless network. Government should also review existing data privacy laws and ensure that customers are aware of such laws before engaging in any transaction that involves giving aware their personal data to the third party.
Mobile SecurityKalyan BereKodapeComputer Security .docxroushhsiu
Mobile Security
Kalyan Bere
Kodape
Computer Security Foundations- CRN119
10/16/2019
Mobile Security
Abstract:
Mobile security is a concern that is fully dependent on technology. The functionality of mobile phones computations is dependent on the cloud space. With the cloud space, this is a virtual space that connects people globally. Due to this global interaction, there are security concerns that are associated with mobile one's computations. This is what is discussed in this paper. It sheds light on what mobile computation is, critical concerns of this context, threats which make mobile security concern s and finalizes this topic with a measure to curb mobile security compromises.
Introduction
Come to think of mobile computing; almost everyone in the world is using mobile computing. Due to this vast use of mobile computing worldwide, some pros and cons are associated with the use of mobile phones globally. Advantages of mobile computing can be of benefit to mobile phones users' while cons can be a threat to the victimized mobile phone user. In this research paper, the paper will assess the context of mobile security to shed light on the in-depth insight that surrounds this context. To serve this purpose, this research paper will focus on why mobile security is important, dangers and threats of compromised mobile security and how mobile users can protect themselves from mobile security issues. To serve the purpose of research work, this research paper will utilize secondary sources of information, referred to as a literature review. Through the evaluation of the literature review, this paper will screen the most important aspects of mobile security and harmonize information from various sources in on research paperwork.
Literature review:
Definition of mobile security:
A broad array of mobile security confirms mile security as the security precautions that are desired for networks which are used to connect portable computable devices remotely (Margaret) mobile security, retrievable from https://whatis.techtarget.com/definition/mobile-security. Mobile security is desired due to increased users of wireless computation mobile services globally. This increased number of users dictate increased operations the cloud space that employs these portable computing mobile devise. Mobile security is desired majorly to cut financial losses that one can incur when their mobile security has been compromised.
Concerns in mobile security:
Device loss; this concern almost applies to every other owner of any portable computing mobile device because they are prone to get lost. When they get lost, it can become a threatening concern to data that was in the lost mobile device.
Application security; this concern is determined to ensure that application that requires too much authorization is controlled. This is because some of these applications can ask for guaranteed access to private information wh ...
PhD Writing Assistance has recruited their experts after rigorous assessments and as such they possess high credentials from the to UAE, Saudi, the UK, and the Indian Universities. Quite obviously it is recommended to the PhD students that they should follow all these criteria and get the services from PhD Writing Assistance to attain their desired results.
For More: https://www.phdwritingassistance.com/
Proposed T-Model to cover 4S quality metrics based on empirical study of root...IJECEIAES
There are various root causes of software failures. Few years ago, software used to fail mainly due to functionality related bugs. That used to happen due to requirement misunderstanding, code issues and lack of functional testing. A lot of work has been done in past on this and software engineering has matured over time, due to which software’s hardly fail due to functionality related bugs. To understand the most recent failures, we had to understand the recent software development methodologies and technologies. In this paper we have discussed background of technologies and testing progression over time. A survey of more than 50 senior IT professionals was done to understand root cause of their software project failures. It was found that most of the softwares fail due to lack of testing of non-functional parameters these days. A lot of research was also done to find most recent and most severe software failures. Our study reveals that main reason of software failures these days is lack of testing of non-functional requirements. Security and Performance parameters mainly constitute non-functional requirements of software. It has become more challenging these days due to lots of development in the field of new technologies like Internet of things (IoT), Cloud of things (CoT), Artificial Intelligence, Machine learning, robotics and excessive use of mobile and technology in everything by masses. Finally, we proposed a software development model called as T-model to ensure breadth and depth of software is considered while designing and testing of software.
E-Commerce Privacy and Security SystemIJERA Editor
The Internet is a public networks consisting of thousand of private computer network connected together. Private computer network system is exposed to potential threats from anywhere on the public network. In physical world, crimes often leave evidence finger prints, footprints, witnesses, video on security comes and so on. Online a cyber –crimes, also leaves physical, electronic evidence, but unless good security measures are taken, it may be difficult to trace the source of cyber crime. In certain e-commerce-related areas, such as networking, data transfer and data storage, researchers applied scanning and testing methods, modeling analysis to detect potential risks .In the Security system ,Questions are related to online security in which given options are Satisfied, Unsatisfied ,Neutral, Yes, No. and weak password , Strong password. it is revealed that it is quite difficult, if not impossible, to suggest that which online security is best. Online security provide the flexibility, efficiency of work, provide the better security of net banking . The main feature of the research that the data is safe in banking management for long time and open any account after along time. The Future scope of the study of Security is use to reduce threats. Security is used in the long run results in the reduction of number of branches, saying rentals of related and properties. If the better Security operate than net banking and e-marketing will be increase.
E-Commerce Privacy and Security SystemIJERA Editor
The Internet is a public networks consisting of thousand of private computer network connected together. Private computer network system is exposed to potential threats from anywhere on the public network. In physical world, crimes often leave evidence finger prints, footprints, witnesses, video on security comes and so on. Online a cyber –crimes, also leaves physical, electronic evidence, but unless good security measures are taken, it may be difficult to trace the source of cyber crime. In certain e-commerce-related areas, such as networking, data transfer and data storage, researchers applied scanning and testing methods, modeling analysis to detect potential risks .In the Security system ,Questions are related to online security in which given options are Satisfied, Unsatisfied ,Neutral, Yes, No. and weak password , Strong password. it is revealed that it is quite difficult, if not impossible, to suggest that which online security is best. Online security provide the flexibility, efficiency of work, provide the better security of net banking . The main feature of the research that the data is safe in banking management for long time and open any account after along time. The Future scope of the study of Security is use to reduce threats. Security is used in the long run results in the reduction of number of branches, saying rentals of related and properties. If the better Security operate than net banking and e-marketing will be increase.
Mobile devices have been playing vital roles in modern dayeducation delivery as students can access or
download learning materials on their smartphones and tablets, they can also install educational apps and
study anytime, anywhere. The need to provide adequate security forportable devices being used for
learning cannot be underestimated. In this paper, we present a mobile security enhancement app,
designed and developedfor Android smart mobile devices in order to promote security awareness among
students. The app can alsoidentify major and the most significant security weaknesses, scan or check for
vulnerabilities in m-learning devices and report any security threat.
Mobile devices have been playing vital roles in modern dayeducation delivery as students can access or
download learning materials on their smartphones and tablets, they can also install educational apps and
study anytime, anywhere. The need to provide adequate security forportable devices being used for
learning cannot be underestimated. In this paper, we present a mobile security enhancement app,
designed and developedfor Android smart mobile devices in order to promote security awareness among
students. The app can alsoidentify major and the most significant security weaknesses, scan or check for
vulnerabilities in m-learning devices and report any security threat
Mobile devices have been playing vital roles in modern dayeducation delivery as students can access or
download learning materials on their smartphones and tablets, they can also install educational apps and
study anytime, anywhere. The need to provide adequate security forportable devices being used for
learning cannot be underestimated. In this paper, we present a mobile security enhancement app,
designed and developedfor Android smart mobile devices in order to promote security awareness among
students. The app can alsoidentify major and the most significant security weaknesses, scan or check for
vulnerabilities in m-learning devices and report any security threat.
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
COLLEGE BUS MANAGEMENT SYSTEM PROJECT REPORT.pdfKamal Acharya
The College Bus Management system is completely developed by Visual Basic .NET Version. The application is connect with most secured database language MS SQL Server. The application is develop by using best combination of front-end and back-end languages. The application is totally design like flat user interface. This flat user interface is more attractive user interface in 2017. The application is gives more important to the system functionality. The application is to manage the student’s details, driver’s details, bus details, bus route details, bus fees details and more. The application has only one unit for admin. The admin can manage the entire application. The admin can login into the application by using username and password of the admin. The application is develop for big and small colleges. It is more user friendly for non-computer person. Even they can easily learn how to manage the application within hours. The application is more secure by the admin. The system will give an effective output for the VB.Net and SQL Server given as input to the system. The compiled java program given as input to the system, after scanning the program will generate different reports. The application generates the report for users. The admin can view and download the report of the data. The application deliver the excel format reports. Because, excel formatted reports is very easy to understand the income and expense of the college bus. This application is mainly develop for windows operating system users. In 2017, 73% of people enterprises are using windows operating system. So the application will easily install for all the windows operating system users. The application-developed size is very low. The application consumes very low space in disk. Therefore, the user can allocate very minimum local disk space for this application.
Event Management System Vb Net Project Report.pdfKamal Acharya
In present era, the scopes of information technology growing with a very fast .We do not see any are untouched from this industry. The scope of information technology has become wider includes: Business and industry. Household Business, Communication, Education, Entertainment, Science, Medicine, Engineering, Distance Learning, Weather Forecasting. Carrier Searching and so on.
My project named “Event Management System” is software that store and maintained all events coordinated in college. It also helpful to print related reports. My project will help to record the events coordinated by faculties with their Name, Event subject, date & details in an efficient & effective ways.
In my system we have to make a system by which a user can record all events coordinated by a particular faculty. In our proposed system some more featured are added which differs it from the existing system such as security.
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Vaccine management system project report documentation..pdfKamal Acharya
The Division of Vaccine and Immunization is facing increasing difficulty monitoring vaccines and other commodities distribution once they have been distributed from the national stores. With the introduction of new vaccines, more challenges have been anticipated with this additions posing serious threat to the already over strained vaccine supply chain system in Kenya.
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...Amil Baba Dawood bangali
Contact with Dawood Bhai Just call on +92322-6382012 and we'll help you. We'll solve all your problems within 12 to 24 hours and with 101% guarantee and with astrology systematic. If you want to take any personal or professional advice then also you can call us on +92322-6382012 , ONLINE LOVE PROBLEM & Other all types of Daily Life Problem's.Then CALL or WHATSAPP us on +92322-6382012 and Get all these problems solutions here by Amil Baba DAWOOD BANGALI
#vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore#blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #blackmagicforlove #blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #Amilbabainuk #amilbabainspain #amilbabaindubai #Amilbabainnorway #amilbabainkrachi #amilbabainlahore #amilbabaingujranwalan #amilbabainislamabad
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
1. International Journal of Research in Advent Technology, Vol.2, No.5, May 2014
E-ISSN: 2321-9637
22
A Study on the Security of Mobile Devices, Network
and Communication
Umair Rasheed1, Aized Amin Soofi2, M.Umer Sarwar3, M. Irfan Khan4
1,2,3,4 College of Computer Science and Information Studies, Government College University Faisalabad,
Pakistan
Email: umair514@gmail.com1, aizedamin@yahoo.com2
Abstract- The mobile revolution is bringing a remarkable and fundamental change in the world. More and more
users and businesses use smart phones not only as a communication media but also as a means of planning and
managing their work and private life. Mobile devices are expected to access different networks; hence many
sensitivity data are stored in them. The security of information and applications about mobile devices becomes a
difficult problem. Despite of many benefits of using this technology it suffers with some security threats. These
threats exploit security flaws related to smart phones that can come by means of communication like SMS,
MMS and WiFi networks. There is a need to gain the trust of users by eliminating the possible vulnerabilities in
this technology. In this paper an attempt is made to provide detailed view of security issues in mobile devices,
network and communication. Some of the existing security measures or solutions are also discussed in this
work.
Index Terms- Mobile devices, Mobile communication, Mobile network, Communication security
1. INTRODUCTION
With the passage of time a number of mobile
communication systems have been deployed and
several service providers and equipment vendors are
bringing to market a secure stream of new
innovations. The next age group of open operating
systems would not be on desktops or mainframes but
on the small mobile devices we carry every day. New
technologies provide information about design
specifications and the physical properties that define
the abilities and limitations of mobile communication
networks [1]. Advanced computing and electronic
technologies in mobile device, communication and
networks are the need of time. The advancement of
these technologies arises various security aspects.
In [2] a survey on note-book, laptop, tablet, and cell
phone use is conducted. According to obtained results
nearly 63% of employees make use of their mobile
phones for business as well as personal use. This
survey also reveals the fact that most mobile devices
including Blackberries were accepted and organized
by IT company employees. So, the security issues
with mobile devices should be taken seriously to
avoid any kind of problems in near future. In [3]
major mobile security concerns are highlighted which
include; storage of sensitive information,
authorization techniques, usability, network
availability and application environment. Computing
and electronics have gone mobile without us changing
our security approach [3].
The issues like management of assets which are stored
in mobile devices, communicate in trusted and non-trusted
environments and secure interaction must be
strongly protected [4]. The application scope of
mobile devices is increasing day by day which creates
new challenges for information and security.
Therefore, how to protect the security of information
and applications about mobile devices becomes an
exigent problem [5]. The growth of mobile computing
network is leading to new security challenges [6]. In
figure 1 some of the important security risks
associated with mobile devices are presented.
One of the major concerns in computing environment
is security especially in the context of wireless
communication [7].Implementation of communication
security on mobile networks can be both harder and
easier. Communication between mobile and fixed
network create particular problem regarding security
protocol design [1]. The rapid growth and
development of the mobile systems over the past
years has showing the potential and effective
availability of mobile communication [8]. There is a
strong call for advanced and efficient security
mechanism for mobile data network technologies [8].
The new technologies to access mobile networks are
developing rapidly and will be much mingled. These
technologies raised new security issues to all network
layers [9].
2. International Journal of Research in Advent Technology, Vol.2, No.5, May 2014
E-ISSN: 2321-9637
23
Fig. 1. Biggest Security Risk Associated with Mobile Devices [15]
2. METHODOLOGY
The selection criteria through which we evaluated
study sources is based on the research experience of
the authors and in order to select these sources we
have considered certain limitation: studies included in
the selected sources must be related to our problem
and these sources must be web-available.
The review protocol is developed by using keywords;
mobile devices, mobile communication, mobile
networks, communication security and the following
list of sources has been considered to conduct the
systematic review: IEEE, Elsevier Ltd, Springer and
IT Professional Magazine.
Another step in the search process is performed by
searching the related work area of the selected papers
to improve the review potency by confirming that no
helpful reference is fails to notice during the explore
process. Once the sources had been defined, it was
necessary to describe the process and the criteria for
study selection and evaluation.
The inclusion criterion for this study is strictly limited
to studies that contain security issues regarding to
mobile devices, communication, networks and is
relevant for further development of these security
issues.
3. SECURITY ISSUES IN MOBILE
DEVICES
Mobile devices should be given serious consideration
because issue of security act as an obstacle in the
development of mobile services. Every security issue
needs to be addressed at the very outset of the service
development process. The main mobile security
threats for the developers of mobile services include
the complexity of technical solutions, illegal copying
of programs and content and threats provided by the
Internet.
In [3] the security issues of mobile devices such as
Laptop and PC are focused. Today Laptops are the
main personal computing instrument which implies
that all information both business and personal is
stored in them. The security threats related to secret
information in mobile devices can be decreased by
encrypting the information stored on the laptop’s hard
drive and by the usage of removable or storage
devices such as USB or Bluetooth disk. Encryption of
the USB disk can be mandated in some situations but
it often makes the disk unusable since its main
purpose is to transfer data from one device to another
and encryption prevents that. Technology and security
solutions will catch up but for the moment the biggest
burden unfortunately remains not just on the security
managers but also on the final users.
In [4] point is raised that the scenario of laptop
security is changed by the huge number of distribution
of laptops and wireless communication. Lost and theft
of the laptops are also increasing, if this happens
means the lost of your personal data or information.
The growth of the mobile internet and the use of new
mobile technologies (e.g. mobile devices, mobile and
wireless communication) are also pointed in this
paper.
In [4] it is explained that technological advances as
well as the increased number of mobile applications
drive a change in mobile end-user equipment. These
advance technologies arise many security issues
which include: (1) secure management of assets
stored in the mobile devices, (2) secure
communication within trusted and non-trusted
environments (including privacy issues) and (3)
secure interaction with critical IT infrastructures.
The increase in application scope of mobile devices
creates new challenges for information security. In
[5] secure verification and permission procedure for
mobile devices was proposed. The proposed
procedure employs biometric recognition and
password mechanism that allow different users to
access different information with different security
levels. In general, information security is based on
three basic security requests which include:
information privacy, information integrity and
information availability. To satisfy these security
requests for mobile devices, three major problems
should be solved which include: (1) the authorization
for accessing resources in mobile devices. (2) Protect
data and software stored in mobile devices. (3)
Authentication among users, mobile equipments
(MEs) and universal subscriber identity modules
(USIMs).
In [5] secure authentication and authorization protocol
was introduced for mobile devices shown in figure 2.
The proposed protocol employs the mobile trusted
module (MTM) and biometric identification. To
achieve these security protocols the private
3. International Journal of Research in Advent Technology, Vol.2, No.5, May 2014
E-ISSN: 2321-9637
24
cryptography mechanism and public cryptography
mechanism was introduced to ensure the security of
mobile devices to be more secure and support mobile
application.
Fig. 2. Secure Authentication and Authorization protocol [5]
From step 1 to step 4 recognition of the integrity
checking for ME and realization of mutual
authentication between ME and USIM occurs. By the
4 steps, ME and USIM would decide if they have the
same owner. This decision is important to access
control for mobile device. Then in step 5 the user’s
passwords (PW) and biometric data (BD) are captured
safely by ME and then ME creates the encryption
message and delivers h(PW) or BD to USIM. If an
application requires stronger security then ME sends
BD otherwise ME sends h(PW). In step 6 USIM
verifies the signature, and decrypts the received
messages and compares the h(PW) or BD with stored
PW or BC.
In [10] the present integration challenges facing the
organization and workers using mobile devices are
examined. Nowadays mobile workforce is using
mobile tools for communication and computing. To
stay in contact and continue their workflow while on
the road many workers have turned to smart phone,
personal digital assistances (PDAs), notebook
computers and other portable devices that provide
network and internet connectivity when these mobile
workers want to access the enterprise application and
database. While at home they want to upload
information from their portable devices onto the
company computers. These types of activities raise
security as well as the integration concerns.
According to industry observers the issue of security
is important because the number of mobile workers is
about to explode. Another challenge for organizations
is synchronizing data between user’s mobile devices,
PCs and corporate networks.
Due to the usage of various kinds of mobile devices
by more workers the management of the mobile
devices on a large scale is very threatened. A key to
successfully integrating remote access devices into the
enterprise is developing simple and well defined user
requirements. Business and employees must
determine what kind of remote access is critical,
which devices are best for which users and which
business functions need remote-access support to
optimize productivity. However, standardization can
be easier said than done. Good IT planning and
policies can make the effective workplace as
productive as possible. The organizations should
recommend their employees with that PDA and
connectivity software which IT workers are familiar
[10].
4. SECURITY ISSUES IN MOBILE
NETWORK
Mobile networks are being driven by the need for
providing network access to mobile or wandering
devices. Although the need for wireless access to a
network is evident and new problems are inherent in
the wireless medium [11]. Wireless however does not
imply mobility. There are wireless network in which
both ends of communication are fixed such as in
wireless local loops. Thus a study of wireless data
networks has its own scope different from networking
system in general [12]. In [8] strong need for
advanced and efficient security mechanism for mobile
data network technologies is discussed. This work
also highlights the techniques for mobile data
networks that aims to exhibit their potential of
integrity, availability and confidentiality are
discussed.
As compared to wired networks, wireless networks
introduce new opportunities for the users. With the
emerging of portable wireless devices, mobile
networks are becoming an important part of our
everyday networking facilities. The rapid growth of
mobile networks leads us to new security challenges.
Wireless security networks have various development
and implementation stages. Such as 1G system which
is not very secure and protective. This follows the 2G
systems (GSM) gives user authentication and data
confidentiality. Still this system lacked mutual
authentication and protection in the core of network of
the cellular system. Now 3G systems introduce with
the capabilities of speech and data services on high
data rates [8]. Some solutions are also provided in [8]
to the security issues in GSM, UMTS, CDPD, ATM
and VPN.
In mobile cellular networks paging effects contain
significant security issues [16]. Paging attacks could
be very destructive on the boundary of a mobile
operator’s network. Cellular networks usually consist
of two ends i.e. internet access start and subscribers
attach to a 3G network. Mobile operators can take
most of the preventive actions on these end points. In
[16] some attacks to derive the vulnerabilities in GSM
network components due to paging are performed to
examine the effects of these attacks.
4. International Journal of Research in Advent Technology, Vol.2, No.5, May 2014
E-ISSN: 2321-9637
25
In [6] issues regarding to the attacks on mobile
network are discussed. In which some requirements
are proposed for the security of mobile network that
include: (1) Confidentiality, the information sent has
to be unreadable to unauthorized users. (2)
Authentication, able to restrict unauthorized users and
identify a node or a user. (3) Integrity, protect the sent
message being modified or deleted by attackers. (4)
Non-repudiation insured that if an entity sends a
message, the entity cannot refute that the message was
sent by it. (5) Access control prevent unauthorized
user from getting access to the network.
Access control prevents unauthorized users from
getting access to the network. Mobile networks are in
fact more weak to malicious attacks then fixed
networks. Such as the nature of broadcast medium
which expose information to passive listeners, the
limited battery supply and the mobility. Wireless
networks can be easily attacked actively and
passively. Passive attack means an attacker does not
actively as a spy that identifies loop holes of the
network. Active attacks refers that attacker can
disperse various topology information, drop or modify
transmission packets, fabricate false messages or
flood the existing network [6].
According to [6] The advancement of attacking
techniques such as nesses scanner, internet security
systems (ISS), internet scanner, COPS security
checker and N-Stealth results increasing number of
various attacks on mobile network. Bluetooth and Ad-
Hoc network are very commonly attacked by viruses.
There are different types of mobile viruses which
attack Bluetooth connectivity and cause a huge
damage. These viruses can make your mobile devices
unusable generate unwanted messages can disclose
your private data and easily steal your sensitive
information. In MANET the attack commonly occurs
during routing at the network layer or link layers.
5. SECURITY ISSUES IN MOBILE
COMMUNICATION
Wireless devices such as mobile phones, PDAs and
pagers are less secure than their wired counterparts.
This is because of bandwidth, memory and processing
capabilities. The other reason is that interruption of
the data which is send into the air [14].
In [7] it is stated that establishment of secure wireless
communication channels is one of the major
requirements in PCs. Some of the important issues,
which need attention in designing security scheme for
mobile communication such as autonomy of
communicating entities, mobility of the users and
restriction of hardware. The described scheme
provides authentication of the communicating entities,
location privacy and secure messaging. They develop
mobile computing environment by adopting personal
communication scheme (PCS) model. The term
workstation used for static computers and term walk
station used for mobile computers.
In [7] the term base station is used for some special
network devices which have wired and wireless
networking functionality. With help of this mobile
computing environment the security scheme was
designed that scales from indoor wireless LAN’s to
the PCS infrastructure. In this type of environments,
authentication and privacy of communication are two
major requirements. The proposed security scheme
had four goals. (1) The walk station and the base
station must be able to authenticate each other. (2)
Once authenticated, the walk station and base station
should be able to communicate securely. (3) Walk
station should be provided location privacy. (4) The
security scheme should be efficient and optional.
In [1] some of the difficulties that system architects
faced and some of advantages that mobile networks
offer during designing security solutions for mobile
communication are discussed. Over the last few years
number of mobile communication systems has been
developed and numerous service providers and
equipment vendors are bringing a steady stream of
new innovations. The lack of security and a high level
of fraud are seen at conventional e-commerce. Due to
significant efforts security of e-commerce is
developing. Unfortunately, communication security
alone is not enough. Ensuring system security at both
the client and the sever end must not be ignored.
In [1] the security threats on the client side were also
discussed which include poor platform integrity, the
hidden user interface and the huge number of default
Certificate Authority (CA) certificate. As well as on
the server side almost all reported hacker attacks are
targeted against server. Communication security is
often described in terms of confidentiality (privacy),
integrity (accuracy and consistency), authentication
(validation) and non-repudiation of transmitted data.
In [1] a technique was proposed to keep the
confidentiality of transmitted data by encrypting the
information flow between the communication parties
and the encryption can take end-to-end between the
communication parties or alternatively on separate
legs in the communication path. Authentication of
transmitted data is an asymmetric service. The
available types of authentication will depend on the
security protocol used.
In [1] an issue regarding to non-repudiation was also
highlighted. Non-repudiation is similar to
authentication; it is an asymmetric security service.
Digital signature is the mechanism used for non-
5. International Journal of Research in Advent Technology, Vol.2, No.5, May 2014
E-ISSN: 2321-9637
26
repudiation. Different parties will have different
interests regarding authentication and non-repudiation
services. Public key cryptography is the basis of
several important security services. A PKI refers to an
infrastructure for distributing public keys where the
authenticity of public keys is certified by Certification
Authority (CA).
The network architecture and the security goal
together indicate the most appropriate protocol layer
where a security service is to be located. They also
focus that users receive less security information. If
the security is totally hidden from the user he or she
would not be able to tell whether it is working the
way it was projected and as a result this could allow
successful attacks to remain undetected. All this is
very fascinating from functionality and flexibility
point of view but it causes a formidable threat to the
integrity of the client machine [1].
5.1. Security Issues in Mobile WiMAX
(IEEE802.16e)
The IEEE802.16e is the commonly known as
WiMAX. This technology offers broadband wireless
access over last mile as an alternative to cable and
DSL. Most of the companies are deploying WiMAX
to provide mobile broadband. In [13] security issues
in mobile WiMAX were highlighted in which
IEEE802.16e mobile WiMAX standard with mobility
support were discussed. Several potential security
threats and vulnerabilities were also pointed and some
possible security improvements and solution to
abolish these weaknesses were proposed.
In [13] challenges related to the growth of wireless
network were discussed. It is important to understand
the full range of problems that security systems need
to address. These needs are confidentiality, integrity
and authentication. The Virtual Private Networks
(VPNs), Internet Protocol Security (IPSec), Intrusion
Detection System (IDS) and firewall are examples
among various security mechanisms that have been
proposed to address security issues in wired networks.
WiMAX as a new technology seems not to have fully
solved the security flaws of wireless LAN.
Confidentiality, in wireless networks is a primary
concern for a safe transmission. To negotiate
authentication mechanisms or protocols many attacks
can be launched. We have two main attacks, Message
Reply Attach and The Man in The Middle Attack
(MITMA).
WiMAX also introduces a service for multicast and
broadcast communications to enable the BS (Base
Station) to distribute data simultaneously to multiple
MSs (Mobile Subscribers) and it uses a common
group traffic-encryption key for secure broadcast
communication. Most of the management messages
defined in IEEE802.16e are integrity protected.
However some messages are not covered by any
authentication mechanism, this shows some
weaknesses. The neighbor advertisement message is
also not authenticated. The downlink burst profile
change request message to unicast message with no
integrity protection, for the ranging request message
the standard does not unambiguously defined when an
authentication absorb shall be appended [13].
In [13] hash based message authentication code
(HMAC) or Cipher based message authentication
code (CMAC) technique was proposed in which non
authenticated management messages sent on the
primary or basic management connection for
authentication purpose To protect the management
traffic from being read by a competitor all
management communication should be encrypted.
This can be done when both side established a
common key.
5.2. Security Challenges in the Mobile Internet
In [9] the security challenges in the mobile internet
were discussed. The key objectives were to analyze
the security problems to develop appropriate secure
solutions related to all layers to implement sample
prototype solutions and finally to stimulate the
standardization process.
We can find a lot of information on the internet, such
as information from companies, research institute or
governmental organizations. Along with this useful
information some of the information must be
considered garbage. The problem is that it is hard for
the user to know which information he can trust even
when he knows an institution as trustworthy, since the
information (or the website) might be forged.
Protocol e.g. IPSec or SSL/TLS and some layer 2
protocol like 802.11 and Bluetooth include securities
which are known and standardized. But to handle
public key information in a very large scale with
many communication channels is still very difficult.
Rapid changes of the network topology make the job
even harder. It is also unclear how security
mechanisms for communication like IPSec cooperate
with mobile IP and firewalls [9].
Due to the increasing computation capabilities of PCs
and workstations efficient cryptographic algorithms in
low power environments as they are often found in
Ad hoc networks remain unsolved and present. It is
too complicated to use security mechanisms; people
invent tricks like writing passwords into their address
book under “s” like secret. Many people are just
frustrated because of the amount of passwords and
PINs they have to remember [9].
6. International Journal of Research in Advent Technology, Vol.2, No.5, May 2014
E-ISSN: 2321-9637
27
6. CONCLUSION
In this study different articles and conferences
reviewed in order to provide detail view of security
challenges in mobile devices, networks and
communication. It is found that security of mobile
devices is very serious issue. This area needs proper
attention of the researchers to overcome the security
issues in this domain. None of the work fully solves
the whole problem, because of the poor interface of
mobile devices, development in mobile networks and
the latest technologies in mobile communication. In
future these mobile devices access different networks.
Therefore, how to achieve new security challenges is
a thinkable question. Further research is needed in
order to face the security challenges in mobile
environment and it should be given serious
consideration because their security risk poses an
obstacle for users.
REFERENCES
[1] Jøsang, A., & Sanderud, G. (2003). Security in
mobile communications: challenges and
opportunities. Paper presented at the Proceedings
of the Australasian information security workshop
conference on ACSW frontiers 2003- Volume
21.
[2] Siddartha (2012). Security Issues with your
Mobile Devices. Retrieved March 15 2014 from
http://www.gadgetcage.org/security-issues-with-your-
mobile-devices/26991/
[3] Pasquinucci, A. (2009). The security challenges of
mobile devices. Computer Fraud & Security,
2009(3), 16-18.
[4] Eckert, C. (2005). Security issues of mobile
devices Security in Pervasive Computing (pp.163-
163): Springer.
[5] Wang, J., & Jiang, N. (2009). Secure
authentication and authorization scheme for
mobile devices. Paper presented at the
Communications Technology and Applications,
2009. ICCTA'09. IEEE International Conference
on.
[6] Sudin, S., Tretiakov, A., Ali, R., & Rusli, M. E.
(2008). Attacks on mobile networks: An overview
of new security challenge. Paper presented at the
Proc. Int. Conf. Electron. Design.
[7] Bharghavan, V., & Ramamoorthy, C. (1995).
Security issues in mobile communications. Paper
presented at the Autonomous Decentralized
Systems, 1995. Proceedings. ISADS 95., Second
International Symposium on.
[8] Nayak, D., & Rajendran, N., Phatak, D., & Gulati,
V. (2004). Security issues in mobile data
networks. Paper presented at the Vehicular
Technology Conference, 2004. VTC2004-Fall.
2004 IEEE 60th.Conference 2004. VTC2004-Fall.
IEEE 60th, pp. 3229-3233, 2004.
[9] Bernd, L., Dirk, W., (2002). Security Challenges
in the future mobile Internet: Workshop on
Requirements for Mobile Privacy & Security”,
Presented in NEC Network Laboratories.
[10] Goth, G. (1999). Mobile devices present
integration challenges. IT professional, 1(3), 11-
15.
[11] Ashley, P., Hinton, H., & Vandenwauver, M.
(2001). Wired versus wireless security: The
Internet, WAP and iMode for e-commerce. Paper
presented at the Computer Security Applications
Conference, 2001. ACSAC 2001. Proceedings
17th Annual.
[12] Ahmad, A. (2005). Wireless and Mobile Data
Networks: Wiley.
[13] Ibikunle, F. A. (2009). Notice of Violation of
IEEE Publication Principles Security Issues in
Mobile WiMAX (802.16 e). Paper presented at the
Mobile WiMAX Symposium, 2009. MWS'09.
IEEE.
[14] Nichols, R. K., & Lekkas, P. C. (2002). Wireless
security: McGraw-Hill New York.
[15] ESG (2010), Data Breach Incidents Represent the
Biggest Security Risk Associated with Mobile
Devices, ESG Isights and Publications,
http://www.esg-global.com/blogs/data- points-and-truths/
data-breach-incidents-represent-the-biggest-
security-risk-associated-with-mobile-devices.
[16] Oğul, M., & Baktır, S. (2013). Practical Attacks
on Mobile Cellular Networks and Possible
Countermeasures. Future Internet, 5(4), 474-489.