Smartphones have been widely accepted by mass market users and enterprise users.
However, the threats related to Smartphones have also emerged. Smartphones carry substantial
amount of sensitive data. There have been successful attacks in the wild on jail broken phones.
Smartphones needs to be treated like a computer and has to be secured from all type of attacks.
There are proof of concept attacks on Apple iOS and Google Android. This project aims to
analyse some attacks on Smartphones and possible solutions to defend the attacks. This project
also uses a proof of concept malware for testing antivirus software.
Table of Contents
Chapter 1
Introduction
1.1 Background
1.2 Project objectives
1.3 Methods used
Chapter 2 Understanding the Antivirus Application
2.1 Introduction
2.2 Components of a conventional or computer Antivirus
2.3 Components of a Smartphone antivirus
2.4 Comparison of computer antivirus and Smartphone antivirus
2.5 Smartphone Security for enterprises
Chapter 3 An overview of iOS and Android security features
3.1 Introduction
3.2 Security features of Apple iOS
3.3 Security features of Google Android
Chapter 4 Testing ‘Proof of Concept’ Smartphone malware against antivirus software
4.1 Introduction
4.2 The testing process
4.2.1 Rooting Android for HTC G1
4.2.2 Running the BOT application as root
4.2.3 Testing the Smartphone Antivirus
4.3 Test results
Chapter 5 Attacks on Smartphones
5.1 Introduction
5.2 Attacks and threats to Smartphone
5.2.1 Malicious Applications such as, Virus, Malware and Trojan
5.2.2 Vulnerabilities
5.2.3 False positive detection
5.2.4 Removable card
5.2.5 Loss of device
5.2.6 Social Engineering
Chapter 6 Analysis of cloud based security solutions
Chapter 7 Conclusion
Project Objectives and Focus
This research investigates the effectiveness of transferring protective security measures from the PC environment to smartphones. The primary objective is to evaluate how current smartphone antivirus software functions compared to traditional computer antivirus, specifically identifying vulnerabilities and potential defensive improvements in the mobile threat landscape.
- Analysis of security architectures in Android and iOS.
- Evaluation of traditional antivirus components versus mobile-specific security features.
- Testing of proof-of-concept malware against common mobile antivirus solutions.
- Assessment of enterprise-grade security strategies for mobile devices.
- Investigation of cloud-based security models as a potential alternative for resource-constrained mobile devices.
Excerpt from the Book
4.2.1 Rooting Android for HTC G1
In real world, applications other than the operating system components and kernel don’t have root access to the Smartphone operating system, unless vulnerability is exploited. This part of the chapter refers two YouTube videos [39] [40] to get root access on the mobile phone. The references of the rooting process and the files used in the rooting process are mentioned in the references section. A brief overview of the rooting process is as follows-
a. The details of the HTC G1 Android before rooting are- Firm ware version: 1.6, Base band version: 62.50s.20.17u_2.22.19.261, Kernel version: 2.6.29-00479-g3c7df37 andriod-build@apa26#19, Build number: DRC92
b. Downgrade firmware to version 1.0: Download the RC7 [41] ROM for UK which is the official 1.0 Android ROM for G1. Extract the ‘DREAIMG.NBH’ file, copy it to the root of the SD card and turn off the phone. Boot the phone in recovery mode by pressing the Power + Home keys. The phone displays a triangle with exclamation mark, press ‘Alt + L’. Reset the phone to factory settings, to do this select ‘Wipe data/factory reset option’ by following the on screen instructions. Power-off the phone by plugging out the battery. Plug in the battery and press the Power + camera button which brings up the boot loader screen. The boot loader automatically checks for the ‘DREAIMG.NBH’ file and starts loading it. Follow the instructions to update the image to the phone. To reboot the phone, press the menu, call and power keys all at the same time.
Summary of Chapters
Chapter 1: Provides a background on the evolution of smartphones and identifies the critical need for robust security measures as these devices handle sensitive enterprise and personal data.
Chapter 2: Compares the components of traditional computer antivirus software with typical smartphone antivirus, highlighting that mobile versions currently focus more on device loss and antitheft rather than malware detection.
Chapter 3: Analyzes the security architectures of iOS and Android, focusing on access control, digital signing, encryption, sandboxing, and permission-based models.
Chapter 4: Details the testing methodology using a proof-of-concept malware on a rooted HTC G1 to evaluate whether existing mobile antivirus applications can detect malicious root-level activities.
Chapter 5: Discusses various smartphone-specific threats including malicious applications, vulnerabilities, and social engineering, while suggesting defensive measures for users and enterprises.
Chapter 6: Explores cloud-based security solutions as a means to offload heavy processing requirements from mobile devices and provide unified protection.
Chapter 7: Concludes the study by summarizing findings, noting that current smartphone antivirus fails to detect kernel-level threats, and suggests future research areas.
Keywords
Smartphone Security, Antivirus, Android, iOS, Malware, Root Access, Proof of Concept, Sandboxing, Encryption, Enterprise Mobility Management, Social Engineering, Cloud Security, Threat Protection, Vulnerability, Mobile Device Management
Frequently Asked Questions
What is the core focus of this research?
The research examines the adequacy of mobile security measures by testing whether technologies typically used in the PC world, specifically antivirus solutions, can effectively secure smartphones against modern threats.
What are the primary themes discussed?
The study covers comparative analysis of security architectures (Android/iOS), mobile threat landscapes, proof-of-concept malware testing, enterprise-level mobile management, and cloud security implementations.
What is the primary goal or research question?
The goal is to determine if current smartphone antivirus solutions are capable of detecting kernel-level malicious activity and to suggest how they might be improved.
Which scientific methods are applied?
The project employs a mix of technical evaluation, comparative analysis of software features, and practical empirical testing using a proof-of-concept malware on a rooted Android device.
What is covered in the main section?
The main sections provide a deep dive into smartphone security architecture, a step-by-step methodology for testing mobile malware, and an analysis of how current enterprise security tools can be applied to mobile platforms.
Which keywords characterize this work?
Key terms include Smartphone Security, Android, iOS, Malware, Root Access, Sandboxing, Enterprise Mobility Management, and Cloud Security.
Why did the author use an HTC G1 for testing?
The HTC G1 was selected primarily due to its cost-effectiveness as a device with available root access, which was required to simulate advanced malware behavior.
Does the author conclude that mobile antivirus is effective against root-level threats?
No, the author concludes that current smartphone antivirus software operates at the application layer and generally fails to detect kernel-level root kits or advanced malicious activities.
What is the author's suggestion regarding "Application Auditing"?
The author suggests that smartphones should implement a more transparent "Application Auditing" feature, allowing users to easily monitor the activity and permissions of installed apps to prevent identity theft and unexpected charges.
- Quote paper
- Vikas Rajole (Author), 2011, Potential for Data Loss from Security Protected Smartphones, Munich, GRIN Verlag, https://www.grin.com/document/214409
