This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Mobile phones have come a long way over the past few years. Today's mobile phones are equipped with far more functionalities than just mere calling and texting. They are equivalent to today's computers equipped with a lot of functionalities. This leads to calling the mobile phones "Smartphone". The Smartphones developed today come with a variety of features to help the user in day-to-day activities. They have sensors, network and Wi-Fi coverage, entertainment and business applications, powerful mobile processors and lots of in-built memory that can be extended externally. With todays Smartphones being equivalent to computers, security is a concern as it is for computers. Smartphones are prone to the same attacks as computers and many more. In this paper we explore the various vulnerabilities that Smartphone are prone to and the possible ways to mitigate the various attacks possible on them.
The underlying architecture of Smartphones is far more secure than that of the operating systems for computers. The developers of various architectures took special care to ensure higher security in the Smartphones developed. In spite of these efforts there are some loopholes that attackers look for and try to attack the device. Also as most of the important and personal information is carried by people on their Smartphone, attacking it appears more lucrative.
There are number of various devices available in the market today like the Apple phone, Google Android, Blackberry (RIM), Symbian, Palm and Windows- based devices. These devices differ from one another in the underlying architecture, functionalities provided, security norms followed and the applications supported. The Windows phones provide a number of to the user. The options provided by the Windows phones far exceed those provided by the other Smartphone. This is true as mostly all the wireless providers provide service to the Windows phone and it is also easier to develop applications on the Windows platform. The Apple OS provides extensive usability and touch interface. The RIM devices also offer a varied amount of features but more from the business point of view. The Palm devices have lesser features in their Smartphones. The chart below shows the various Smartphone players and percentage of people using them. As it can be observed from the charts the number of users is increasing steadily over the years.
This increased usage of Smartphone users increases the concerns related to the security of these devices. Some of these Smartphones have been susceptible to various attacks in the past. The new phones built as of today are built with a stronger architecture to overcome the flaws of earlier designs. The next section explores some attacks on Smartphones that occurred in the past.
Attacks on Smartphones:
The first Smartphone worm Cabir was detected in 2004. This worm basically spread through Bluetooth connections. Fie named caribe.sis would be found in the inbox of the user. When the user clicked this file it would run and try and spread itself to other users connected via the Bluetooth. This worm infected the Nokia Symbian users mainly. It was possible for the worm to spread to only those phones that had Bluetooth turned on and which were discoverable.
Another attack on Smartphones is the Zeus malware. This is a financial malware that helps criminals automatically create online attacks to steal people's financial credentials. This malware attacks the Smartphone and steals the credentials, the hacker then performs the transactions and when bank contacts the user regarding the transaction the call is redirected to the attacker. This malware gives the attacker access to the real time transactions that take place.
The movie player Trojan horse infected Android phones. When the users of the Android phones downloaded a version of the media player, the Trojan horse would send messages to premium- rate phone numbers without the user's knowledge, thus passing money to the criminals.
Another attack seen is that of the use of tiny URL for Smartphones. A tiny URL is the shortening of the actual URL. Attackers spoof the actual URL, so that when the user clicks on the legitimate tiny URL the user is redirected to a malicious site that can then attack the user.
The use of remote tapping has and is a very old and followed means of intercepting the mobile traffic. This involves passively listening in on a user's conversation, reporting this to spies or holding this information against the user for ransom, encrypting and transmitting this conversation with other information and sending it across the Internet.
The latest virus attack seen on Smartphones is the Zombie virus which was detected in September 2010. This virus has affected a number of Smartphones and it uses text messaging to collect an estimated $300, 000, 00 dollars a day. The Zombie virus hides in bogus anti-virus programs and sends the users SIM card information to the hackers. The hackers use this information to remotely get access to the phone and send URL's to all the contacts in the user's phone.
Also a recent study showed that the various applications found on the iPhone and the Android device secretly sends out information about the user to third party companies.
Looking at the various attacks on Smartphones in the past, security of these devices is a concern as the world is shifting to the use of mobile applications in contrast to computers. The next sections explore the motive behind attacking Smartphones, the threats and the defenses needed.
Why Attack Smartphones?
Smartphones are similar to computers in many ways. The motive behind attacking Smartphones is similar to those for attacking computers. In addition to the known motives there are some more reasons for people to attack Smartphones. The main reason for attacking the Smartphone is for getting access to a user's personal data. Most people today use the Smartphone to do access and store important and personal information like bank accounts, personal data, business documents, etc. All these documents are of interest to an attacker for identity theft or for personal reasons.
Another reason for attacking Smartphones is the continuous access to a network connection- Wi-Fi or the cellular network. An attacker who has gained access to other users Smartphone can access various sites using the network connection available by default on the phone or the Wi-Fi access. They can use this device as a source to launch another attack.
The Smartphone industry has lesser security updates applied to their phones as compared to computers. This makes the phone more susceptible to attack from various sources. Once a flaw in the architecture of the device has been discovered it is easy to attack the OS and cause further harm.
The time to market the devices is greater with increasing competition in the Smartphone industry. This leads to improper testing of the device. Some unknown or known flaws may be left behind in the system that attackers would like to explore. Thus bringing to notice a flaw in the architecture could be one of the reasons for attackers to attack the Smartphones.
The brief overview presented above explaining the motives for attacking Smartphones now brings to the fore the need to explore the various types of threats that Smartphones are exposed to.
Threats for Smartphones - how they are compromised:
The most common means of attack for Smartphones is malware. Malware includes viruses, Trojans, worms, spyware, etc. This malware affects the Smartphones the same way that it affects the computers. They can affect the system by accessing the Web through the browser available on the phone, syncing the data with that on the PC, using services that are always on like the Bluetooth, Wi-Fi or malformed SMS messages. Spyware is the main malware affecting these devices. A spyware program is essentially dangerous due to the functionalities that it can perform. A spyware program is capable of listening to actual telephone calls as they happen, secretly read SMS, emails, call logs, view the GPS location, forward all events to another inbox, remotely control all the functions of the phone and evade detection during operation. These features of the spyware make it undetectable for users of the Smartphone. Trojans like a key stroke logging Trojan could keep a track of the various passwords entered.
The other way is of direct attack. This means attacking the interface available on the phone or attacking the browser itself. Theft of the device is a major concern, as the attacker can impersonate as the user with access to all the personal information and the device. Also the data is not encrypted thus making it easily accessible to attackers. The passwords used for the device and the various applications are not encrypted when stored on the device. In addition, the information of various contacts stored on the device is not encrypted and stored in the phone database, thus making sensitive data easily available.
Another threat is that of sniffing the data packets as they are sent over the network. The data packets could be those sent via the carrier, the Wi-Fi or Bluetooth. The attacker could passively sniff the packets causing no malicious harm or the attacker could intercept the packets and read sensitive data leading to confidentiality loss. Smartphones are the easy hosts for botnet. Botnet operators can install bot malware and then control the phone remotely to launch network attacks like flooding the network, brute force, scanning or vulnerability hacking.
A type of attack is one where in the device is sent packets so as not to allow the device to go into the sleep mode. This tends to waste the device battery and keep the device in a constant responding mode. This keeps the device in a mode such that it is vulnerable.
Once a Smartphone is attacked, it can be used as a host to attack other Smartphones. In such scenarios sensitive data could be lost from an organization or the government. Device cameras can be used to bypass email filters and monitor transferring sensitive data.
Today's Smartphones come with a variety of applications. Also a number of applications are being developed daily. Users download these applications to their device. These applications are the easiest way to attach viruses, worms, Trojans, etc. Very few Smartphone companies validate all the applications allowed on the device and thus this becomes one of the easiest ways to attack Smartphones.
Social Engineering is also a very commonly used method for attacking devices. The attacker tricks the user to give out information like the bank account number, credit card number, etc.
The above mentioned threats are the common ways in which the Smartphones are susceptible to attacks. These threats are growing day- by - day and hence there is a need to find ways and means to prevent these. The following section emphasizes the defenses that can be employed to protect the phones.
Smartphone Attacks against the Telecom Networks:
Compromised Smartphones can easily attack the base stations. The radio channel of the base station can be exhausted by number of well coordinated attacks by a number of phone zombies in the same cell initiating calls and using up the available time slots. The called Smartphone can be programmed not to answer the call. Thus, no cost is incurred by the caller but useful network resources are used up. This affects the availability rate of the cellular network. Similar attacks can be launched against GPRS. In GPRS, time slots can be assigned to GPRS users in a base station. The maximum data rate is 171 Kbps and this small bandwidth capacity can be easily saturated. GPRS networks may assign private addresses to smart-phones due to IPV4 address shortage and use Network Address Translation Protocols to communicate with the rest of the Internet. In this case, compromised smart-phones can actively initiate connections and then both sides are free to send packets to each other.
The other way to attack Smartphones is using the distributed Denial of Service attack on the call centers. This is similar to the distributed denial of service attacks launched on the Internet. In this attack the compromised Smartphone is the victim than the attacker. This is because it is difficult to know the true identity of the attacker. Using this strategy it is simple to attack PSTN and cellular switches thus rendering them useless. Thus a large number of Smartphones causing this attack can cause a flash effect. Smartphones can attack using the distributed Denial of Service attack and can cause serious financial losses and service disruptions along with jeopardizing national security by attacking emergency service numbers.
Attackers can manipulate smart-phones that are compromised to send junk messages through SMS. The charging model used is flat and such a device can spam for "free" without its owner even noticing. SMS spamming gives attackers good incentives to compromise smart-phones.
Also it is easy for an attacker to get access to the SIM card of a Smartphone. In some countries the SIM used serves as the user's identity for voting, shopping, etc. Thus gaining access to the SIM allows the attacker to impersonate as the user.
A look at all the ways and means of how Smartphones can be compromised and the way that they can attack the telecommunication channels there is a need to look at ways and means in which we can increase the security level of Smartphones to protect them against the various vulnerabilities.
Functionality has always gained more importance than security. People prefer having systems that are more usable than those that are more secure. Enlisted are some of the methods used for protecting the device itself from attacks.
Attack surface reduction:
The best way of protecting the device is to reduce the surface that is available. This can be done by reducing the amount of functions that are turned on at a particular time. This was applied for PC's but its practicality restricted its usage. PC's are commonly used for file sharing, common network access and these are features that need to be provided to the user. But in contrast this model can be used for Smartphones. Smartphones have different functionalities like SMS, internet access, Wi-Fi connectivity, Bluetooth, etc. It is advisable to keep only those features turned on and available, which are required. If the Wi-Fi or the Bluetooth is not in use it should be turned off to prevent attackers from finding channels to launch attacks on the device. This method of surface reduction can be applied to Smartphones as its usage model is different from that of PC's.
The Smartphone OS can be made stronger to protect it from malicious attacks. Displaying a caller's number or turning on the LCD display when dialing a number are the simple mechanisms that an OS can implement. This can be achieved by implementing Security enhanced API's to applications. Attacks made from malicious user programs can be easily detected by the OS unless the attacker subverts the attacks intelligibly.
Hardware hardening is a very efficient way of securing the Smartphone. The way of achieving this is using a smartcard. In the case of Smartphones the SIM card acts as the smartcard for the device. The SIM card makes use of the SIM toolkit which is an API for securely loading the applications to the SIM card. The SIM toolkit gives the mobile providers the facility to create or provision services by loading them in the SIM instead of changing the GSM handset. One of the plausible ways of providing security is by combining the SIM toolkit and the TCG's Trusted Platform Model into the SIM card. This will help in providing the Smartphone hardening.
Internet Side protection:
In order to provide Internet Side protection, we can use the same approaches as we would for the PC's using the Internet. This will protect the Smartphones from the known vulnerabilities of the Internet. This would include patches for the various vulnerabilities, traffic shielding, etc. So as to protect the devices from those vulnerabilities that are unknown the Internet service providers should check that the devices accessing the internet are properly protected and various security patches have been applied. For those Smartphones that access the internet through the telecom networks can have the base stations check if the devices have the required protection available on their devices and if not they would not be given access till they are protected. This is an impractical way of ensuring protection as those devices that use the 802.11 protocol can easily violate this as the protocol may not enforce the rule as mentioned above. The enforcement of this rule also leads to challenging handoffs between the networks.
Telecommunication Side protection:
Smartphones can be easily attacked through the network that they use. This makes it essential that the telecom providers monitor the network to look for misbehavior and try and control these actions observed on the network. In contrast to the Internet traffic the telecom traffic is predictable and easy to monitor as it consists of voice and data packets. Analyzing the Smartphone network data is essential and there are different parameters of the data that can be analyzed.
One is to look for an abnormal blocking rate of the base station or a switch. A sudden increase in the blocking rate implies that an attack is in progress. Similarly a drop in the blocking rate implies the chances of an attack. Another is an attack on the call center. If the call center receives a sudden flow of incoming messages or if there is an abnormal behavior seen for the various clients there are chances of the call center being under attack. Abnormal behavior of the clients could also imply the chances of an attack. This behavior of the clients could be calls that try to make a connection and then abort, connected calls with no voice traffic, spamming, etc. Checking the content of the data being transmitted and spam filtering for SMS messages can help analyze the abnormal behavior of clients. Telecom providers can perform rate limiting, call filtering or add the zombie-attack causing phones to a blacklist. Those phones that are added to the blacklist can then be denied service to prevent them from causing further harm. Also with a only a few network providers in use it is easier to provide protection in comparison to the number of applications available on the Internet.
Co-operation between the Internet and Telecom Networks:
The above mentioned methods help protect the Smartphone from the various attacks individually. But there is a need to employ these methods together to provide maximum protection to the Smartphones. It is essentially important to have coordination between the Internet and the telecommunication networks. The attack information, virus , worm, etc. information that can be available through the study of Internet attacks can be given to the Telecom networks so as to protect them or give them a heads on the possibilities of attacks.
With the Telecom network keeping a track of the black listed phones, it can deny service to these devices. Also letting the Internet providers know of these devices helps protect the Internet from chances of attacks. This requires the need for SIM based authentication. Assigning unique identities to all wireless access points will help in distinguishing whether the end- point is a Smartphone or a wireless access point. The other method is that the OS should provide the SIM id for authentication to check if the device is allowed access or not.
Thus the methods mentioned above and the interaction and cooperation between these methods will help us provide greater security to our Smartphones.
Protecting the Smartphone:
Keep the Bluetooth always turned off.
Keep the GPRS or Connectivity to Internet only permissible by you and disable auto invoke.
Don't receive any files from persons you do not trust
Always use a good MobileÂ AntivirusÂ likeÂ KasperskyÂ orÂ NetQin.
Always keep theÂ AntivirusÂ updated
If Wi-Fi is there in your phone keep it disabled unless required.
Update your Mobile OS or any other platform to the latest whenever available. It fixes theÂ securityÂ holes.
Always keep tab whatÂ softwareÂ is being installed in your phone.
Do not install anyÂ softwareÂ from any source that is not trusted.
Pirated application is definitely a no-no it will open back doors for hackers before you ever know.
This paper report presents the various challenges in security faced by Smartphones. It presented the various threats that today's Smartphones are susceptible to. It also discussed the ways and means of protecting the Smartphones from the Internet side, telecom network side and the device itself. It also presented some general methods that one can follow for protecting the device on a daily basis.