Study to Improve Security for IoT Smart Device Controller: Drawbacks and Countermeasures

Security and Communication Networks ◽

10.1155/2018/4296934 ◽

2018 ◽

Vol 2018 ◽

pp. 1-14 ◽

Cited By ~ 4

Author(s):

Xin Su ◽

Ziyu Wang ◽

Xiaofeng Liu ◽

Chang Choi ◽

Dongmin Choi

Keyword(s):

Mobile Devices ◽

Private Information ◽

Smart Device ◽

Security Threats ◽

Security Mechanism ◽

Mobile Environment ◽

Emerging Issues ◽

Fully Connected

Including mobile environment, conventional security mechanisms have been adapted to satisfy the needs of users. However, the device environment-IoT-based number of connected devices is quite different to the previous traditional desktop PC- or mobile-based environment. Based on the IoT, different kinds of smart and mobile devices are fully connected automatically via device controller, such as smartphone. Therefore, controller must be secure compared to conventional security mechanism. According to the existing security threats, these are quite different from the previous ones. Thus, the countermeasures applied should be changed. However, the smart device-based authentication techniques that have been proposed to date are not adequate in terms of usability and security. From the viewpoint of usability, the environment is based on mobility, and thus devices are designed and developed to enhance their owners’ efficiency. Thus, in all applications, there is a need to consider usability, even when the application is a security mechanism. Typically, mobility is emphasized over security. However, considering that the major characteristic of a device controller is deeply related to its owner’s private information, a security technique that is robust to all kinds of attacks is mandatory. In this paper, we focus on security. First, in terms of security achievement, we investigate and categorize conventional attacks and emerging issues and then analyze conventional and existing countermeasures, respectively. Finally, as countermeasure concepts, we propose several representative methods.

Download Full-text

Detecting Colluding Inter-App Communication in Mobile Environment

Applied Sciences ◽

10.3390/app10238351 ◽

2020 ◽

Vol 10 (23) ◽

pp. 8351

Author(s):

Rosangela Casolare ◽

Fabio Martinelli ◽

Francesco Mercaldo ◽

Antonella Santone

Keyword(s):

Model Checking ◽

Mobile Devices ◽

Private Information ◽

End Users ◽

Home Automation ◽

Mobile Environment ◽

Data Support ◽

Bank Transfer ◽

Android Applications

The increase in computing capabilities of mobile devices has, in the last few years, made possible a plethora of complex operations performed from smartphones and tablets end users, for instance, from a bank transfer to the full management of home automation. Clearly, in this context, the detection of malicious applications is a critical and challenging task, especially considering that the user is often totally unaware of the behavior of the applications installed on their device. In this paper, we propose a method to detect inter-app communication i.e., a colluding communication between different applications with data support to silently exfiltrate sensitive and private information. We based the proposed method on model checking, by representing Android applications in terms of automata and by proposing a set of logic properties to reduce the number of comparisons and a set of logic properties automatically generated for detecting colluding applications. We evaluated the proposed method on a set of 1092 Android applications, including different colluding attacks, by obtaining an accuracy of 1, showing the effectiveness of the proposed method.

Download Full-text

A Rhythm-Based Authentication Scheme for Smart Media Devices

The Scientific World JOURNAL ◽

10.1155/2014/781014 ◽

2014 ◽

Vol 2014 ◽

pp. 1-9 ◽

Cited By ~ 4

Author(s):

Jae Dong Lee ◽

Young-Sik Jeong ◽

Jong Hyuk Park

Keyword(s):

Ubiquitous Computing ◽

Private Information ◽

High Efficiency ◽

Smart Devices ◽

Smart Device ◽

Security Threats ◽

Important Data ◽

Security Issues ◽

Range Of Functions ◽

Smart Media

In recent years, ubiquitous computing has been rapidly emerged in our lives and extensive studies have been conducted in a variety of areas related to smart devices, such as tablets, smartphones, smart TVs, smart refrigerators, and smart media devices, as a measure for realizing the ubiquitous computing. In particular, smartphones have significantly evolved from the traditional feature phones. Increasingly higher-end smartphone models that can perform a range of functions are now available. Smart devices have become widely popular since they provide high efficiency and great convenience for not only private daily activities but also business endeavors. Rapid advancements have been achieved in smart device technologies to improve the end users’ convenience. Consequently, many people increasingly rely on smart devices to store their valuable and important data. With this increasing dependence, an important aspect that must be addressed is security issues. Leaking of private information or sensitive business data due to loss or theft of smart devices could result in exorbitant damage. To mitigate these security threats, basic embedded locking features are provided in smart devices. However, these locking features are vulnerable. In this paper, an original security-locking scheme using a rhythm-based locking system (RLS) is proposed to overcome the existing security problems of smart devices. RLS is a user-authenticated system that addresses vulnerability issues in the existing locking features and provides secure confidentiality in addition to convenience.

Download Full-text

Mobile Security

Mobile Technology Consumption ◽

10.4018/978-1-61350-150-4.ch013 ◽

2013 ◽

pp. 200-213

Author(s):

Barbara L. Ciaramitaro ◽

Velislav Pavlov

Keyword(s):

Mobile Devices ◽

Text Messaging ◽

Credit Card ◽

Social Engineering ◽

Security Threats ◽

Security Threat ◽

Mobile Environment ◽

Malicious Software ◽

Personal Credit ◽

Cyber Criminals

Over the past few years, cyber criminals have expanded their focus from desktop PCs to mobile devices such as smart phones, PDAs, and tablet computers. Unfortunately, even though many mobile devices approach personal computers in functionality, most mobile users are not aware of the degree of security threats in the mobile environment. “As mobile Internet usage continues its rapid growth, cyber criminals are expected to pay more attention to this sector” (Siciliano, 2010, p. 1). There are several security threats related to mobile devices. The most common security threat associated with mobile devices is their propensity to become lost, stolen, or misplaced. Social Engineering is a method used by cybercriminals to trick users into providing personal or financial information, or downloading malicious software. One common social engineering attack against mobile devices involves attempts to collect personal, credit card, and banking information from users. Malware is short for malicious software and refers to a collection of malevolent software tools designed to attack the pillars of information security: confidentiality, integrity, availability, and authentication. Although malicious software and security attacks can occur in a number of ways such as SMS text messaging, the primary mode of infection is through the download of mobile applications such as games. Unfortunately, all mobile devices and all mobile operating systems are subject to mobile malware attacks. As a result, malware has become a prevalent threat to mobile devices.

Download Full-text

Immersive Mobile Telepresence Systems: A Systematic Literature Review

Journal of Mobile Multimedia ◽

10.13052/jmm1550-4646.1535 ◽

2020 ◽

Author(s):

Rodrigo Luis de Souza da Silva ◽

Lohan Rodrigues Narcizo Ferreira ◽

Lidiane Teixeira Pereira

Keyword(s):

Literature Review ◽

Mobile Devices ◽

Systematic Literature Review ◽

Communication Media ◽

Mobile Environment ◽

Remote Collaboration ◽

Research Opportunities ◽

Internet Connection

Telepresence can be defined as a system that provides remote collaboration between people in different locations, creating the feeling that both users share in fact the environment. The advances in communication, media and internet, has made possible the popularization of these systems. Smartphones have become increasingly powerful in processing, less expensive and more widespread. A single device combines various sensors, one or more cameras and internet connection, thus a potential hardware for telepresence applications. The main objective of this paper is to present a Systematic Literature Review to identify the main characteristics of immersive telepresence systems designed for mobile environment and to analyze research opportunities that can be further exploited or optimized. This research revealed that the development of immersive telepresence systems for mobile devices has increased in recent years, but is not yet widespread.

Download Full-text

The problem of user security in Wi-Fi networks

Informacionno-technologicheskij vestnik ◽

10.21499/2409-1650-2020-26-4-89-95 ◽

2020 ◽

pp. 89-95

Author(s):

Г.С. Мокану

Keyword(s):

Mobile Devices ◽

Computer Networks ◽

Security Threats ◽

Wireless Internet ◽

Unauthorized Access ◽

Network Protection ◽

Access To Data ◽

Almost All ◽

User Security

Угрозы информационной безопасности в компьютерных сетях стали одной из основных проблем для владельцев ПК. При этом особое распространение этих угроз коснулось сетей WI-FI, в которых происходит как несанкционированный доступ к данным, так и только снижение уровня защиты сети. Практически все современные мобильные устройства (смартфоны, планшеты, ноутбуки и нетбуки) имеют возможность подключения к беспроводному Интернету или, точнее, к сети WI-FI, эта функция теперь является стандартной для этих устройств. nformation security threats in computer networks have become one of the main problems for PC owners. At the same time, a particular spread of these threats affected WI-FI networks, in which both unauthorized access to data and only a decrease in the level of network protection occur. Almost all modern mobile devices (smartphones, tablets, laptops and netbooks) have the ability to connect to the wireless Internet or, more precisely, to the WI-FI network, this function is now standard for these devices.

Download Full-text

Development and Mitigation of Android Malware

Advances in Digital Crime, Forensics, and Cyber Terrorism - Handbook of Research on Digital Crime, Cyberspace Security, and Information Assurance ◽

10.4018/978-1-4666-6324-4.ch004 ◽

2015 ◽

pp. 51-66

Author(s):

Vanessa N. Cooper ◽

Hossain Shahriar ◽

Hisham M. Haddad

Keyword(s):

Service Provider ◽

Private Information ◽

Mobile Applications ◽

Security Threats ◽

Severe Damage ◽

Android Malware ◽

The Impact

As mobile applications are being developed at a faster pace, the security aspect of user information is being neglected. A compromised smartphone can inflict severe damage to both users and the cellular service provider. Malware on a smartphone can make the phone partially or fully unusable, cause unwanted billing, steal private information, or infect every name in a user's phonebook. A solid understanding of the characteristics of malware is the beginning step to prevent much of the unwanted consequences. This chapter is intended to provide an overview of security threats posed by Android malware. In particular, the authors focus on the characteristics commonly found in malware applications and understand the code level features that allow us to detect the malicious signatures. The authors also discuss some common defense techniques to mitigate the impact of malware applications.

Download Full-text

Exploring M-Commerce and Social Media

Research Paradigms and Contemporary Perspectives on Human-Technology Interaction - Advances in Human and Social Aspects of Technology ◽

10.4018/978-1-5225-1868-6.ch001 ◽

2017 ◽

pp. 1-21 ◽

Cited By ~ 1

Author(s):

Panagiota Papadopoulou

Keyword(s):

Social Media ◽

Mobile Devices ◽

Mobile Phones ◽

Mobile Environment ◽

Commercial Activity ◽

Business Opportunities ◽

Negative Effect ◽

Similarities And Differences ◽

Use Of Social Media ◽

Mobile Context

The proliferation of mobile phones and tablets shape a new arena for online commercial activity with unprecedented opportunities and challenges. In this omnipresent mobile environment, understanding consumer behavior constitutes a challenge for m-commerce vendors, as they seek to understand factors that affect it, positively and negatively, and to integrate social media in their mobile strategy and across mobile devices. This paper presents an exploratory qualitative research examining separately mobile phones and tablets and the use of social media, in the context of m-commerce. The results of our qualitative analysis show important factors for m-commerce and social media adoption and use, highlighting the similarities and differences between mobile phones and tablets. Our qualitative results also reveal factors having a negative effect to m-commerce, for both mobile devices. Business opportunities enabled by social media for m-commerce and how these can be leveraged in this promising multiple-device mobile context are also discussed.

Download Full-text

The Influence of Technical and Social Factors in Mitigating Threats in a BYOD-Enabled Environment

International Journal of Information Systems in the Service Sector ◽

10.4018/ijisss.2021010101 ◽

2021 ◽

Vol 13 (1) ◽

pp. 1-30

Author(s):

Lizzy Oluwatoyin Ofusori ◽

Prabhakar Rontala Subramaniam

Keyword(s):

Mobile Devices ◽

Social Factors ◽

Bring Your Own Device ◽

Security Threats ◽

Security Measures ◽

Banking Institutions ◽

Social Threats

As the adoption of bring your own device (BYOD) phenomenon by businesses and other sectors continues to grow. Employees find it desirable to use their personally owned mobile devices for work without the need to differentiate between their carrier services and their organizations' network. However, this practice makes such businesses vulnerable to various security threats. Nigeria banking institutions, like other businesses globally, have adopted the BYOD phenomenon. However, BYOD trend constitutes heterogeneity, and there is large diversity in mobile devices, hence the risk of corporate data being exposed to threats increases. Thus, this paper investigates the influence of technical and social threats as it relates to BYOD phenomenon in the banking institutions. Data was collected from the employees of four banks in Nigeria that supported BYOD trend. The study found out that there are some security threats that are integrated, and the existing security measures are not sufficient to mitigate those threats. Hence, this study has presented an integrated solution to curb these threats.

Download Full-text

An Efficient Information Services-Centric Framework for Commuter

International Journal of Information Systems in the Service Sector ◽

10.4018/jisss.2012010102 ◽

2012 ◽

Vol 4 (1) ◽

pp. 22-39

Author(s):

Wee Siong Ng ◽

Justin Cheng ◽

XianJun Wang ◽

Sivakumar Viswanathan

Keyword(s):

Mobile Devices ◽

Traffic Congestion ◽

Traffic Management ◽

Spatial Information ◽

Urban Environments ◽

Mobile Environment ◽

Real Time Traffic ◽

Efficient Information ◽

Matching Mechanism ◽

Information Consumers

One of the major objectives of Advanced Traffic Management Systems (ATMS) is to reduce traffic congestion in urban environments by improving the efficiency of utilization of existing transport infrastructures. Many creative and efficient technologies have been developed over the years. Although commuters, especially drivers, take a critical part in containing traffic congestion problems, they are playing a passive role in the traffic-management ecosystem. Considerably, this is due to the information asymmetry between ATMS decision makers and commuters; what is missing is a matching mechanism to create a bridge between information providers and information consumers in the mobile environment. The authors’ solution provides an efficient services-centric framework for delivering pertinent information to commuters. Probe vehicles are used to estimate the real-time traffic flow and disseminate this information effectively to users’ mobile devices. A 2-level indexing scheme is designed to effectively index the grid cells which contain the spatial information and a location-aware mobile application and back-end services are also implemented. Processed information is disseminated to users’ mobile devices through wireless means and presented in a user friendly interface. Experimental results show that this system is scalable and responsive.

Download Full-text

Data Broadcasting in a Mobile Environment

Wireless Information Highways ◽

10.4018/978-1-59140-568-9.ch004 ◽

2011 ◽

pp. 96-154 ◽

Cited By ~ 5

Author(s):

A.R. Hurson ◽

Y. Jiao

Keyword(s):

Wireless Communication ◽

Mobile Devices ◽

High Performance ◽

Data Access ◽

Data Retrieval ◽

Mobile Environment ◽

Retrieval Method ◽

Shared Data ◽

Communication Techniques ◽

Public Data

The advances in mobile devices and wireless communication techniques have enabled anywhere, anytime data access. Data being accessed can be categorized into three classes: private data, shared data, and public data. Private and shared data are usually accessed through on-demand-based approaches, while public data can be most effectively disseminated using broadcasting. In the mobile computing environment, the characteristics of mobile devices and limitations of wireless communication technology pose challenges on broadcasting strategy as well as data-retrieval method designs. Major research issues include indexing scheme, broadcasting over single and parallel channels, data distribution and replication strategy, conflict resolution, and data retrieval method. In this chapter, we investigate solutions proposed for these issues. High performance and low power consumption are the two main objectives of the proposed schemes. Comprehensive simulation results are used to demonstrate the effectiveness of each solution and compare different approaches.

Download Full-text