skip to main content
10.1145/1734583.1734595acmconferencesArticle/Chapter ViewAbstractPublication PageshotmobileConference Proceedingsconference-collections
research-article

When mobile is harder than fixed (and vice versa): demystifying security challenges in mobile environments

Published: 22 February 2010 Publication History

Abstract

Sophisticated consumer mobile devices continue to approach the capabilities and extensibility of traditional computing environments. Unfortunately, these new capabilities and applications make mobile devices an enticing target for attackers and malicious software. Due to such threats, the domain of mobile security has been getting a considerable amount of attention. However, current approaches have failed to consider key differences and their practical impact on the security of modern platforms when adopting techniques from non-mobile (or "fixed") environments. To help demystify mobile security and guide future research, we examine the unique challenges of mobile environments ranging from hardware to software to usability, delve in the diverse security models of current mobile platforms, and present our five commandments of mobile security research.

References

[1]
Personal Communications with the Google Android Security Team, 2009.
[2]
L. Cox and P. Chen. Pocket hypervisors: Opportunities and challenges. Proceedings of HotMobile, 2007.
[3]
D. Dagon, T. Martin, and T. Starner. Mobile phones as computing devices: The viruses are coming! IEEE Pervasive Computing, 2004.
[4]
J. Ekberg and M. Kylánpáá. Mobile Trusted Module (MTM)--An Introduction. Nokia Research, 2007.
[5]
S. Furnell. Handheld hazards: The rise of malware on mobile devices. Computer Fraud & Security, 2005.
[6]
T. Garfinkel and M. Rosenblum. When virtual is harder than real: Security challenges in virtual machine based computing environments. In 10th Workshop on Hot Topics in Operating Systems, 2005.
[7]
J. Golic. Cryptanalysis of alleged A5 stream cipher. Lecture Notes in Computer Science, 1233:239--255, 1997.
[8]
C. Mulliner and C. Miller. Fuzzing the phone in your phone. In Proceedings of BlackHat USA 2009, 2009.
[9]
J. Oberheide, E. Cooke, and F. Jahanian. CloudAV: N-Version Antivirus in the Network Cloud. In Proceedings of the 17th USENIX Security Symposium, San Jose, CA, July 2008.
[10]
J. Oberheide, K. Veeraraghavan, E. Cooke, J. Flinn, and F. Jahanian. Virtualized In-Cloud Security Services for Mobile Devices. In Workshop on Virtualization in Mobile Computing (MobiVirt '08), Breckenridge, Colorado, June 2008.
[11]
A. O'Donnell. When malware attacks (anything but windows). IEEE SECURITY & PRIVACY, pages 68--70, 2008.
[12]
Sergio Alvarez. The smart-phone nightmare. http://cansecwest.com/csw09/csw09-alvarez.pdf, 2009.
[13]
R. Sharp, A. Madhavapeddy, R. Want, and T. Pering. Enhancing web browsing security on public terminals using mobile composition. 2008.
[14]
P. Traynor, M. Lin, M. Ongtang, V. Rao, T. Jaeger, T. La Porta, and P. Mcdaniel. On cellular botnets: Measuring the impact of malicious devices on a cellular network core. In Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS), 2009.
[15]
L. van Doorn. Trusted computing challenges. In STC '07: Proceedings of the 2007 ACM workshop on Scalable trusted computing, 2007.
[16]
L. Xie, X. Zhang, A. Chaugule, T. Jaeger, and S. Zhu. Designing System-level Defenses against Cellphone Malware.

Cited By

View all
  • (2023)Secure cloud-based mobile apps: attack taxonomy, requirements, mechanisms, tests and automationInternational Journal of Information Security10.1007/s10207-023-00669-z22:4(833-867)Online publication date: 17-Feb-2023
  • (2021)Business IntelligenceHandbook of Research on Applied AI for International Business and Marketing Applications10.4018/978-1-7998-5077-9.ch011(191-206)Online publication date: 2021
  • (2021)Security-aware job allocation in mobile cloud computing2021 IEEE/ACM 21st International Symposium on Cluster, Cloud and Internet Computing (CCGrid)10.1109/CCGrid51090.2021.00086(713-719)Online publication date: May-2021
  • Show More Cited By

Index Terms

  1. When mobile is harder than fixed (and vice versa): demystifying security challenges in mobile environments

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    HotMobile '10: Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications
    February 2010
    99 pages
    ISBN:9781450300056
    DOI:10.1145/1734583
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 22 February 2010

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. malicious software
    2. mobile devices
    3. security models

    Qualifiers

    • Research-article

    Funding Sources

    Conference

    HotMobile '10
    Sponsor:

    Acceptance Rates

    Overall Acceptance Rate 96 of 345 submissions, 28%

    Upcoming Conference

    HOTMOBILE '25

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)13
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 15 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2023)Secure cloud-based mobile apps: attack taxonomy, requirements, mechanisms, tests and automationInternational Journal of Information Security10.1007/s10207-023-00669-z22:4(833-867)Online publication date: 17-Feb-2023
    • (2021)Business IntelligenceHandbook of Research on Applied AI for International Business and Marketing Applications10.4018/978-1-7998-5077-9.ch011(191-206)Online publication date: 2021
    • (2021)Security-aware job allocation in mobile cloud computing2021 IEEE/ACM 21st International Symposium on Cluster, Cloud and Internet Computing (CCGrid)10.1109/CCGrid51090.2021.00086(713-719)Online publication date: May-2021
    • (2020)Attack and System Modeling Applied to IoT, Cloud, and Mobile EcosystemsACM Computing Surveys10.1145/337612353:2(1-32)Online publication date: 20-Mar-2020
    • (2019)Information Security InnovationCloud Security10.4018/978-1-5225-8176-5.ch012(264-277)Online publication date: 2019
    • (2019)The Trend of Mobile Malwares and Effective Detection TechniquesMultigenerational Online Behavior and Media Use10.4018/978-1-5225-7909-0.ch037(668-682)Online publication date: 2019
    • (2019)A Modified Hierarchical Attribute-Based Encryption Access Control Method for Mobile Cloud ComputingIEEE Transactions on Cloud Computing10.1109/TCC.2015.25133887:2(383-391)Online publication date: 1-Apr-2019
    • (2019)SSEIM: An Efficient Search Scheme over Encrypted Data with Indexing on Mobile Cloud2019 Fifteenth International Conference on Information Processing (ICINPRO)10.1109/ICInPro47689.2019.9092117(1-5)Online publication date: Dec-2019
    • (2019)Mining Mobile Security Concerns and their Solutions2019 16th International Bhurban Conference on Applied Sciences and Technology (IBCAST)10.1109/IBCAST.2019.8667251(640-646)Online publication date: Jan-2019
    • (2019)Identifying Security Risks of Digital Transformation - An Engineering PerspectiveDigital Transformation for a Sustainable Society in the 21st Century10.1007/978-3-030-29374-1_55(677-688)Online publication date: 18-Sep-2019
    • Show More Cited By

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media