Emerging Threats on Mobile Security

Abstract:
The popularization of smart phones with the developing technology has aroused great
concern about the topic of mobile devices security among numerous people. Unconsciously,
mobile devices have turned out to be striking aim for vicious attacks as the result of some
important advantages in not only hardware but also operating systems. Nowadays, the mobile
platforms such as Android, iOS or Symbian are increasingly imitating conventional operating
systems for PCs. Thus, the problems in enhancing smart-phone security are more likely to be
described as to solve those present problems in PC platforms. By inserting some vicious
content, smartphones will be easily infected with harmful worms, Trojan horses or some
other more terrible virus which can destroy users defense and damage their security or even
get complete manipulation over the device. Such vicious contents are widely spread because
of the advanced development in mobile network which offer smart-phones with capacitance
of available Internet connection via 3G networks or Wi-Fi. Furthermore, the developments in
smartphone characters indicate new kinds of security concerns. By destroying mobile OS,
vicious applications can get permission for voice-recording devices, cameras, SMS messages
and even location information. Such security loops horribly damage users privacy. Later we
are going to present an analysis over nowadays mobile platform threats and discuss some
topics about threat reduction mechanisms.

I.

Introduction:

Recently the extending mobile device market is getting more and more attractive for
vicious criticizes. As for a recent security investigation, the number of possible vicious
exploits attacks ends to enlarge in 2011. This tendency can be count for two key reasons: the
lasting increasing user basis and the development of smart-a phone technology. The
dimension of mobile device market is apparently visible since the latest reports which shows
there will be approximately 5.3 billion mobile phones in the world by the end of 2010.
Despite vicious comments towards mobile phones have never disappeared over the last
several years, the limitation in both hardware and operating systems have attracted the attacks
not only their scales but influences. Accordingly, the approval of smart-phone technology
which offer with much more computing power and has been proved to be a critical point in
the development of vicious exploits for mobile devices. The prediction points out that the
market take up of smart phones in the US could take up more than 50% of the whole mobile
device market by the end of 2011. As the developed countries are all in similar situation, a

vital increase in the number smart-phone users is anticipated the next several years which
result in making the platform into an attractive aim for vicious attacks. Moreover, the smart
phones are getting tendency to imitate PCs both in their abilities and the way and style people
use them. Smart-phone mobile platforms such as the android, iOS, Blackberry OS, Symbian
or Windows Mobile are all getting to resemble PC operating systems. Also the normal vicious
attacks for PCs such as worms as well as attack vectors are getting more and more common
to the mobile platforms. Since the present mobile platforms are always inserted not only on
smart-phones but also tablets or other appliances in which the same security issues still
remain. We will soon come to those devices with a mobile platform. In spite of being ample
in the basic features, mobile platforms can be developed by applying numerous applications
as the same as it is for PC operating systems. Since applications can be easily obtained from
the third party providers who offer an opportunity for vicious exploits. Excluding using
computing power supplied by mobile devices, the commenters are beginning to aim at the
data. This is resulting from the fact that the smart phones are turning out to be storage places
for personal information with the long time use of all kinds of social networking applications,
personal organizers or some e-mail clients. Here we are going to talk about an attackercentric threat for mobile platforms. The threat model stresses three significant factors of
mobile device security: attacker's goals, attack vectors and mobile malware. At first, we
define by the motivation for attacking mobile platforms in order to analyze the attackers
interests and coherent aims. The attack aims pay attention to the motivations showed by
modern mobile platforms and devices. Secondly, the model absorbs the attack vectors in
order to show possible points for vicious contents on mobile devices. At last, the model
regards threat types available to mobile platforms if the attack vectors are appropriately
adopted. AS long as we have considered the mobile applications to be the most efficient
method for vicious attacks and thus we analyze the security model by two widely adopted
platforms: the Android is by the Google and the iOS is by Apple. The Android isolates each
applications in case of the situation they interfering with each other or the operating system
while the iOS applicate screened for vicious intentions by code reviewers, thus allowing
implementation of simpler security mechanisms. To explain how Androids permission based
security model could be breached, we present a typical mobile application.

II.

Related Work

Nowadays, it is common to use mobile devices on communications, internet access and

information sharing by downloading applications in the mobile phone. This makes the mobile
security become important when users download the applications. In addition, mobile devices
can access personal information and have to be protected. Mobile management supports most
of the mobile device platforms available today including iOS (iPhone) and Android (many
flavors across many semi-proprietary handset operating systems) [1] (Micro Focus, 2015).
Therefore, security professionals assist on analyzing and comparing the security controls of
various mobile device platforms to prevent potential threats on mobile devices.
No matter what kind of platform are using from users, potential threats also exist on
mobile devices. In this project, we will discuss the details of mechanism and malicious
threats on Android and IOS platforms. Hereunder are some related works of malicious threats
from those platforms.
A. Android Platform
The Android platform is Google Inc.'s open and free software stack that includes an
operating system, middleware and also key applications for use on mobile devices, including
smartphones [2](Quin Street Inc., 2015). This is a mobile software application that developed
for using on mobile devices. Android applications are available in Google Play Store (known
as Android Market) and can run on Android tablets, smartphones and other devices.
A major security hole in Google Play Store was discovered by researchers previously
and caused millions of users at risk. Hackers can steal users personal information from
applications software such as Amazon and Facebook by using secret keys (i.e. usernames and
passwords) stored in their software. The Columbia Engineering Team found thousands of
secret keys in android apps that could be used to steal user data [3] (Associated Newspapers
Ltd, 2014). Although this was fixed and secret keys were removed after findings come out,
Android operating system still contains other vulnerabilities that are not exposed yet.
B. IOS Platform
IOS is Apple's proprietary mobile operating system (OS) for its handheld devices, such
as the iPhone, iPad and iPod Touch. The operating system is based on the Macintosh OSX [4]
(Tech Target, 2015). Unlike Android platform, applications in iOS platform have to be
approved by Apple. An application must be signed by Apple in Software Development Kit
(SDK) agreement for doing basic testing and other analysis. However, this cannot prevent the
potential threats from using iOS operating system.

According to Apple's security advisory for iOS 7.1.1, some of the Web Kit flaws could
allow attackers to execute arbitrary code when users visit maliciously crafted websites [5](L.
Constantin, 2014). iOS users faced security threats for more than three weeks with the same
vulnerabilities that were fixed before by Apple. Web Kit is an open source HTML rendering
engine which is used by Apple and Google Chrome, but Apple fixed the security issues for a
longer time.
To analyze various threats of above platforms, we have to understand the potential
threats on mobile devices first. Then, we will describe the mechanism of both platforms and
analyze the malicious threats on each platform.

III.

Potential Threat on Mobile Device

Nowadays, the smart phones play a very important role in peoples daily life and people
transfer almost every kinds of information on it. This attracts the hackers attention to attack
the smart phone and the hacker will try to crack the platform down and get useful information
by all means.
1) Attack Motivation
Hackers attack the mobile platform for many reasons, but most of them is about the
collecting data, device abuse.
2) Collecting Data
Now it is a big data time, all business just hiding in the big data. While person
information is one of the most important data. Many attack is aiming at accessing the user
private data and savings on the phone. The private data including, but not limited to personal
address book, personal notebook, personal pictures, email, personal preferences, saving
accounts, and other usernames and passwords and so on. There are also some business secrets
and national confidential data may on the mobile. Once the hacker gets the one password, the
hacker can hit many other libraries using the same password to get more data. Some hackers
may just sell all the information to other groups or blackmail the owner to get more money.
3) Device Abuse
Smart phone has become a powerful compute equipment, especially after the
combination of these devices and wireless networks. Once the phone is infected by the
malware and be controlled by the hackers, it can be said that the phones owner is the hacker.
The phone can be an indirect tool to attack other phones. The attacker can easily remove all

the data, make phone calls, record any conversations for the hacker. Sometimes the attacker
can also reduce the ability of the battery by running lots of background process or just disable
the service by the phone to make the phone useless.

Potential Threat
With the advanced development of the Mobile Internet, mobile devices are facing a
number of security threats. There are some security threats at different levels for mobile
devices. That mainly contains three levels of security threats: hardware, operating system,
application.
1.

Software Threat

1) Operating System
The main security threats in mobile operating system include operating system
vulnerabilities, the misuse of the API, the back doors of operating system, etc. Different
system versions have different vulnerabilities.
As a kind of software for the operating system of mobile devices, there are inevitably
known or unknown system vulnerabilities, and there are also risks on misusing the API and
the development kits. Attackers can use these system vulnerabilities to launch a remote attack
on mobile devices, resulting in destroying the mobile device, malicious charges, stealing
users information, accessing to the control permission of mobile devices.
The vendors of mobile operating system with its technical advantages, there may also
exist to retain the back doors of the system, collect user information and other acts.
According to the press, the mobile operating system has the threat of collecting user location
information and Wi-Fi location information, which details the user's GPS position, operator
information, MAC address and the corresponding time stamp information.
2) Application
Application software level security threats mainly come from the vulnerabilities of their
own application and security threats caused by malicious applications.
The vulnerabilities of the application software include the vulnerabilities in the client
program, the vulnerabilities in communication of the application software, the authentication
mechanism and the vulnerabilities in the process, etc.
Security threats caused by a variety of malicious programs, may lead to user information
leakage, malicious consumption of memory, malicious charges for Trojans, tapping calls,

virus intrusion and other security risks. At the same time, the mobile application store as a
dissemination and promotion channel of various applications, there are also some potential
security threats. Every mobile application store has their own audit standards on the
exhibition of applications. Due to lack of unified security standards for exhibiting
applications, some of the application stores do not have the security testing capabilities of
applications. In this case, the application software that has security threats will be spread
through the mobile application store without a strict security audit. For example, Apple's APP
Store has a strict content audit for applications, while some Android application stores
basically do not any audit and after developers uploading for a few times the application store
can exhibit the application.
2.

Hardware Threat

1) Bluetooth Threat
Bluetooth is used for short distance data exchange between two devices under certain
protocols. But the Bluetooth itself has its own vulnerabilities which can be used by the
hackers. One common approach to hacking Bluetooth devices is to employ malformed
objects, which are legal files exchanged between BT devices that contain invalid information,
thus causing unexpected results. When a Bluetooth device receives a malformed object, such
as a vCard or vCalendar file, the device may become unstable or fail completely. [6](Dennis
Browning) There are also other viruses that use the Bluetooth vulnerabilities to hack the other
nearby phone. Meanwhile, the distance limitation of the Bluetooth also becomes not that
strict which helps expanding the attack scope.
2) Speaker, Microphones and Cameras Threat
Our ears dont hear ultrasonic sound, but speakers on our phones can produce those
inaudible frequencies that can be exploited to exfiltrate data. A mobile device would first
have to be infected with a Trojan, like from a tainted app, but even if the device is locked
down so that data cant be stolen over the network, covert sound-based attacks could still
steal the data [7] (Darlene Storm, 2013). Alipay developed a new sound payment approach
which uses the microphone and speaker to make sound and receive sound to complete the
transaction. But the new sound can be record to complete malicious payment. While about
the camera, it can be used to collecting the inner view of the organization or collecting any
other pictures under the control of the malware.
3) Personal Hotspot

When people travel or have limit network access number, there may be someone share
his personal hotspot to provide others the Internet accessing. The personal hotspot not only
share the Internet but also parts of his own information. The traffic between the hotspot and
the use could also be intercepted and modified because of the low encryption. On the hand, it
is also an access for the hacker to get in the inner and secure network.
3.

Internet Environment
With the development of wireless network technology and the improvement of network

speed, wireless network is covering more and more public places, such as schools, airports,
shopping malls, restaurants and so on. On one hand the wireless network brings the free
accessing to the Internet at any time, on the other hand, the wireless network also means a
potential threat as network environment. As the free public Wi-Fi hotspots are increasing, the
user's mobile devices are exposed more and more data in Wi-Fi. During the transmission of
personal data in the network environment, if there are no appropriate security measures taken,
the transmission of the data maybe an attack chance for the hacker. The hacker may hack in
the router because of the simple login password or the owners forgetting shut down all kinds
of management ports. Once the hacker get access to the router, the router can be
implementation of the in-the-middle-attack, any mobile data transmitted by the hotspot may
be intercepted, modified, interfered. This may cause user sensitive information leakage or
iOS of property. An attacker can also Disguised as a Wi-Fi hotspot; the attacker can get the
users confidential certification secretly when the device access the hotspots.

IV.

Android OS Security Architecture & Malicious Threat

[8] Android OS is an open source platform and application environment for mobile
device. It was designed to be truly open as a modern mobile platform with using advanced
software and hardware. Android OS is developed by using Linux based structure. For
consider the security, android framework divided in various levels of the android software
stack. For the assumption of each component, the components below are properly secured.
Except a small amount of code should be running as root and all the code would be restricted
by application sandbox above the Linux Kernel. Linux Kernel uses unique UID and GID for
the application at installation and the sharing can occur through component interactions. A
middleware Dalvik VM a core component in Android OS but it is not a security boundary and
no security manager. Android OS is a multi-user Linux operating system and each application
normally runs as a different user. For the communication between applications, it may share

same Linux user ID for accessing files from each other and also sharing Linux process and
Dalvik VM.
[9] Android OS is a multi-process system. In Android OS system, the application will
run in its own process. The Linux tools and features facilities the security between systems
and applications at the process level. For example, application will assign user ID and Group
ID. More granular security features through the "Permission" mechanism to restrict the
operation of certain specific processes. The per-URI permissions can access special
permission to obtain specific information on restrictions. Therefore, the general application is
not accessible between each other, but android OS provide a permission mechanism for
secure access between application data and functionality.

Android OS architecture diagram

Android application can be downloaded in different app store such as Google, Amazon,
or other underground. About the permissions of the application, it would be granted on user
installation. Android application market is a public and self-signed for launching the

application. [10] For the open market, a bad or non-secure application may launch on the
open market. If user download and install it, it may cause a security issue on their mobile
device. Google Play is one of the digital distribution platforms for android application
market. Most of Android OS devices are preinstalled Google Play. Google Play is a source of
potential security risks. A lot of the apps in Google Play may contain malware, backdoor or
other security issue. When users download and install apps from Google Play to their android
device, most of the users may not pay attention to the policy agreement for the permissions
right of an app. User usually just click the accept button for accepting the permission when
installation the apps.
[11] Last years, researchers have discovered a crucial security problem in official
Android app store Google Play. The researchers made a large-scale measurement of the huge
marketplace and using their own developed tool Play Drone to bypass the Google security. It
is successfully download Google Play apps and recover the sources of the apps and there are
thousands of secret keys found in android apps. In view of this, hacker could steal the source
code with adding backdoor or worm into the banking application and then republic to Google
Play. User uses the malicious application that they may iOSs the login id and password.
Hacker may use the user information for some illegal action.
[12] In Android OS, user can use some tools to unlock the root (is called Root) function
of their mobile device. After rooted the Android OS, it can freely download the paid apps in
unofficial Apps Store. The action of the root that mean gaining the root access to the device
for other applications. In the rooted device, malware can easily breach the mobile security
and worms, viruses, spyware and Trojans can infect the rooted Android OS. The rooted
Android device may also cause the official OS update failure due to the software
modification. The android OS updates may include some security issue fixing or upgrade the
performance. It will make the device in unsecure status while the android OS update failure.

V.

Apple IOS Security Architecture & Malicious Threat

Apple IOS is a closed platform for mobile device developed by Apple Inc. In Apple IOS
architecture, the highest level of IOS acts as an agency between the users created application
and underlying hardware. Application does not talk to the underlying hardware directly.
Oppositely, application communities with the hardware using a set of well-defined system
interfaces. The application can easily write on devices with different hardware capabilities.

[13] The implementation of IOS technologies can be viewed as a set of layers. Apple IOS
also contains a kernel that its based on Mach kernel like Mac OSX.

Apple IOS architecture diagram

[14] For the security, it is divided into Device security, Data security, Network security
and App security.

Device security

Prevent unauthorized use of device

Data security

Protect data at rest; device may be iOSt or stolen

Network security

Networking protocols and encryption of data in transmission

App security

Secure platform foundation

For the runtime protection, Apple iOS use kernel shielded from the user application and
the application can communicate with iOS APIs only.
[15] Apple iOS also use independent sandbox for preventing the application access to
other application data such as access to files, preferences, network and other resources. Apple
iOS application can only read files created by the system for the reform process in the file. It

cannot access to other places or region known as the sandbox. So, all non-code files should
be saved in this, such as images, icons, sound, image, property lists and text files.
1.

Each application has its own memory space

2.

The application cannot brake the constrict of his access to the content of other storage

space
3.

The application requests permission to detecting the data, if do not meet the conditions,

then the requests will not be allowed.

By understanding this figure only from the surface sandbox is a security system. All
actions of the application must be performed by the system which is the core content is
sandbox executes the permissions for limitation of the application.

Apple IOS architecture diagram

For the applications of Apple IOS (the mobile device without Jailbreaking), it only can
be downloaded in Apps Store. All the applications must be signed using Apple-issued
certificate Application before launched to Apps Store. The application would be verified by

Apple when users submitted their application to Apple. Apple act as an Anti-virus for
scanning the vulnerability in user developed applications. A Code Signing requires apps to be
downloaded from the Apple app store and publishers must be identified and verified by
apple.
Generally, Apple IOS is safer than other mobile operation system such as Android OS
and Windows Mobile. [16] In September 2015, news noted that some applications were
developed by using an unofficial XCode compiler. Some developers of Apple apps via third
party channels to download an unofficial XCode (is called XCodeGhost) compiler which the
XCodeGhost embedded some hidden malicious code. Through its software compiled a small
Trojan lurking among the iPhone device by the back door. [17] On the other hand, receiving
text message, apps notification may be another threat in Apple IOS. In early this year, a
software bug was found in Apple IOS. Apple IOS is crashed and is rebooted by a special
SMS message. When the specific string of characters is received in the Messages app then the
Apple IOS will crash with rebooted. Apple IOS user would endure this threat until Apple
launched the new IOS version with fixed this security issue.
In-additional, Apple IOS user could jailbreak their iPhone device that similar to the
rooting of Android device. Likewise, user hopes to use the paid apps freely for having more
functionality and efficacy. It also faces same security issue of Android device in Apple IOS
device. Although a high security issue on jailbroke IOS mobile device, the
providers/developers of jailbreak tools have a quick fix for the above mentioned software
bugs in IOS.

VI.

Discussion

By using different platform on mobile devices, the protection of personal information

are depends on the security of mobile operating system. Even though users are using the
applications with high security, hackers can also attack the devices in different ways.
For the mechanism of Android and IOS operating system, they are both using sandbox
principle. Every application cannot access the files in system from other applications and
operates separately. For IOS platform, it mainly runs as non-privileged user called mobile.
For Android platform, Android applications are mainly run in Dalvik Virtual Machine (DVM)
and restrict the rights to run the applications in this platform. The differences of Android and
IOS mechanism are the control of access rights, access of the core operating system and the
verification to download applications in operating system.

An application needs to be tested and verified by Apple before launches in App Store
and it will have a certificate to protect the application against malware in it. However, in
Android platform, it will not verify the application before launches in Google Play Store.
This is less secure than App Store but much more applications can be found and downloaded
in it. To control the risks and malicious threats in both platforms, users can apply some skills
when install the applications in their mobile devices. If the contact and other personal
information are needed to access in that application, users can decide whether install the
application or not.
As Android platform is open in mobile devices and it is free to let developers for placing
their applications, we may consider it as a more threatening system. Nevertheless, IOS
platform contains more vulnerabilities than Android. According to the research performed in
2014, at the time this article was written, the amount of vulnerabilities in all IOS versions had
reached the number of 359 and only 37 in Android [18](T. Mahlaeva, 2014). This may due to
the increase of potential targets for attacks in IOS operating system.
Various malicious threats are occurred in both operating systems and we cannot avoid
the threats in each system. Hackers can access and get users information by attacking any
weakness found in applications. Also, they can get the information if users iOS their mobile
devices. Therefore, mobile devices management for handling mobile security and solving
malicious threats is important. We cannot decide which platform needs to pay more attention
and prefer not to use. To install an application, users have to view the full list of access
permission before install in their mobile devices and know the risks by using that. There is no
answer on which platform Android or iOS is the most secure platform for users.
Both Android and iOS platforms are powerful on mechanisms and provide the protection
from the attacks by hackers. They have pros and cons of operating system security. Indeed,
those platforms pay attention on malicious threats in the security of operating system and
quickly to fix the issues.

VII.

Conclusion

With rapid growing of mobile technology, it is a trend on developing social networks

with using smartphones and malicious attacks are increased in operating system. As security
is critical on mobile devices, the protection of personal information is a main concern by
users. By using mobile devices and download the applications, there may have risks on
communications and information sharing. To use a smartphone, users have to understand the

risks and potential threats in that operating system. Also, they have to raise their concerns on
mobile security. User behaviors are very important to protect their personal data and they
have to aware of the mobile security. For different purposes on using mobile devices, the
risks of security are needed to be considered for users.
Apart from malicious threats in mobile devices, users can protect their information by
identifying the risks. This is not only about the mobile security, but also the data processing
and transmission in smartphones e.g. upload their personal data in iCloud. The risks and
threats are never ended on using mobile devices and we can control the risks for different
approaches. There is no ultimate solution to solve the risks and we have to be careful when
using the mobile devices.

REFERENCES
[1] Micro Focus. (2015). Mobile Device Platforms. Available from:
https://www.novell.com/products/zenworks/mobile-management/features/mobile-platforms.html
[2] QuinStreet Inc. (2015). Android platform. Available from:
http://www.webopedia.com/TERM/A/Android_platform.html
[3] Associated Newspapers Ltd. (June 20, 2014). Researchers reveal massive security hole in Google app
store that puts millions at risk: 'secret keys' discovered that can reveal user's private information.
Available from: http://www.dailymail.co.uk/sciencetech/article-2664100/Researchers-reveal-massivesecurity-hole-Google-s-app-store-puts-millions-risk-secret-keys-discovered.html
[4] TechTarget. (2015). iOS definition. Available from:
http://searchmobilecomputing.techtarget.com/definition/iOS
[5] L. Constantin. (April 24, 2014). Computerworld, Inc. Apple users were left at risk by 3-week delay
between OS X and iOS patches. Available from:
http://www.computerworld.com/article/2488601/malware-vulnerabilities/apple-users-were-left-at-riskby-3-week-delay-between-os-x-and-ios-patches.html
[6] Dennis Browning, 2013, Bluetooth Hacking: A Case Study. Available from:
http://www.garykessler.net/library/bluetooth_hacking_browning_kessler.pdf
[7] Darlene Storm, 2014. Available from: http://www.computerworld.com/article/2598704/mobilesecurity/new-attacks-secretly-use-smartphone-cameras--speakers-and-microphones.html
[8] Available from: http://www.infoworld.com/article/2609338/android/a-clear-eyed-guide-to-android-sactual-security-risks.html
[9] Available from: http://www.dotblogs.com.tw/cheng/archive/2014/01/28/142415.aspx
[10] Available from: http://www.bullguard.com/zh-tw/bullguard-security-center/mobile-security/mobilethreats/android-rooting-risks.aspx
[11] Available from: http://www.sciencedaily.com/releases/2014/06/140618163920.htm
[12] Available from: https://www.search4roots.com/what-are-the-security-risks-of-rooting-android/
[13] Available from:
https://developer.apple.com/library/ios/documentation/Miscellaneous/Conceptual/iPhoneOSTechOverv
iew/Introduction/Introduction.html
[14] Available from: http://www.techotopia.com/index.php/IOS_6_Architecture_and_SDK_Frameworks
[15] Available from: http://www.macworld.com/article/2148362/how-inter-app-communication-on-ioscould-benefit-users.html
[15] Available from: http://chinese.engadget.com/2015/09/18/malware-xcodeghost-leads-to-china-iOScrisis/
[17] Available from: http://www.express.co.uk/life-style/science-technology/580211/iPhone-MessagesiMessage-Bug-Text-Reboot-Crash

[18] T. Mahlaeva. (2014). Built-in Android and iOS security mechanisms: Looking at their effectiveness.
Available from: http://www.mobilemarketer.com/cms/opinion/columns/18649.html