Introduction Our Topic: Mobile Security Why is mobile security important?

Slides:



Advertisements
Similar presentations
Surfing the net: Ways to protect yourself. Internet Safety Look into safeguarding programs or options your online service provider might offer. Look into.
Advertisements

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Windows XP Tutorial Securing Windows. Introduction This presentation will guide you through basic security principles for Windows XP.
Unit 1 Living in the Digital WorldChapter 2 Which devices should we take? This presentation will cover the following topic: Which devices should we take?
Black, White, Grey Hat Hackers Not all hackers are bad…which one’s which?
Protection from Internet Theft By James Seegars. What Is Hacking? Definition – A)To change or alter(Computer Program) – B) To gain access to (a computer.
Breaking Trust On The Internet
INTERNET SAFETY.
Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.
INTERNET SAFETY FOR STUDENTS
What you don’t know CAN hurt you!
UT Wing Civil Air Patrol. Objective Identify network and cyber vulnerabilities and mitigations Social Media/Metadata/Exfil data MITM Attacks Malware Social.
Using internet and cell phones safely
Safe IT – Protect your computer and Family from unwanted programs viruses and websites.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Opening a bank account.
Basics: Getting Started Uploading and Sharing Videos on YouTube. Basics: Getting Started Uploading and Sharing Videos on YouTube. 1.
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
By Paul Capers.  A cell phone is a portable telephone that does not use a wired connection. It connects to a wireless carrier network using radio waves.
Instant Messaging Security Flaws By: Shadow404 Southern Poly University.
Threats to I.T Internet security By Cameron Mundy.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Stop the Creepers and Cyberbullies! 5 Easy Ways to keep yourself safer online!
Cyber Crimes.
Viruses.
1 Kids on the Web. Child’s play? September, 2008.
Staying Safe Online Keep your Information Secure.
You, Me & Technology. Overview Technology –Our relationship with technology Threats –What, Who, When, Where, Why & How Protection –What we can do to protect.
Reliability & Desirability of Data
App Rights or wrongs ? A look at smartphone apps or: why RTFM* is not just important for geeks and “computer types” * = Read The F+*#ing (or “Fine”) Manual.
Chloe Miles IMPROVING PRODUCTIVITY USING IT. Menu Using Word Advantages Disadvantages Conclusion E-Safety Social Media Dangers of Social Media Sites Staying.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Cyber Security Anchorage School District – 7 th grade Internet Safety.
Protecting Your Personal Information November 15, 2013.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Tim Reid Malvern Parish C.E Primary School Internet Safety.
By Demi Gardiner 8P Who’s been on your computer??
ADV. NETWORK SECURITY CODY WATSON What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protections of External Resources.
3.05 Protect Your Computer and Information Unit 3 Internet Basics.
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Kamran Didcote.
Computer security By Isabelle Cooper.
Topic 5: Basic Security.
Convenience product security Collin Busch. What is a convenience product? A convenience product is a device or application that makes your life easier.
MobileSecurity Vulnerability Assessment Tools for the Enterprise Mobile Security Vulnerability Assessment Tools for the Enterprise Integrating Mobile/BYOD.
TRENDS IN COMPUTING By Sally Allen 9M4 Candidate number:4031 Wildern School
S - Stay Safe don’t give out your personal information like your address or your house number and your location. Never give your personal information.
Computer Security By Duncan Hall.
INTRODUCTION & QUESTIONS.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
Computer Crime: Identity Theft, Misuse of Personal Information, and How to Protect Yourself (Tawny Walsh, Irina Lohina, Renair Jackson, Jahmele Betterson,
Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.
Windows Administration How to protect your computer.
Digital Security Jesline James! 9cc. Contents  The CREATORS!!!! =] The CREATORS!!!! =]  What is Digital Security? What is Digital Security?  How does.
Safer Internet Day. What do you use the Internet for? watching TV shows watching online videos playing gamestalking to friends homeworkfinding out things.
Adware and Browser Hijacker – Symptoms and Preventions /killmalware /u/2/b/ /alexwaston14/viru s-removal/ /channel/UC90JNmv0 nAvomcLim5bUmnA.
Introduction Skip Intro Connect you to next durga. Just buzzer by saying “help me”. We will connect you to the next durga near to you. Next.
By: Jasmin Smith  ability to control what information one reveals about one’s self over the Internet.
STOP. THINK. CONNECT. Online Safety Quiz. Round 1: Safety and Security.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Android and IOS Permissions Why are they here and what do they want from me?
Computer Security Keeping you and your computer safe in the digital world.
Outline of this module By the end of this module, you will be able to: Understand the benefits that internet banking provides; Name the different dangers.
Facebook privacy policy
As modern children, we have a huge number of electronic devices available to us. We might use computers, tablets, mobile phones or games consoles; for.
IT Security  .
Home Internet Vulnerabilities
IP Addresses & Ports IP Addresses – identify a device on a network
Presentation transcript:

Introduction Our Topic: Mobile Security Why is mobile security important?

Research Questions 1. Why aren't current mobile security systems effective at preventing mobile attacks? 2. What is the most effective form of attack vector for todays attackers? 3. What can be gained from attacking a mobile phone? Do hackers attack phones for the same reason they attack computers? 4. Why is mobile security important for the future? 5. What kinds of security standards or methods will best prevent future attacks?

Current Risk Communication I Phone o Action Based  An app uses location user will then be asked to allow or disallow G Phone o Permission Based  Lists set of permissions that application is granted

Problems with Risk Communications Current methods do not take context into account o Context is related to a file  The context will contain the history of a file and what other applications have access as well.  Very important because helps prevent cover channel attacks o Leaves system vulnerable  especially cover channel attacks

Why Our Framework? Our framework combines the two most common frameworks (I Phone & G Phone). Our framework takes context into account. We feel the context will allow us to be able to protect users from cover channel attacks.

History of Considerations We observed different mobile security systems and found… Pre-download – there is very little straightforward intervention o In Andriod – a list of permissions is present but the user may not understand that o Interventions – Systems try and predict attacks to directly as opposed to providing users with information (similar to computer antivirus) o Theoretical solutions suggest any file modified by a permission should be stopped.

What is Considered Dangerous? Risky permissions for possibly fraudulent application Most Dangerous – permission to send through o Phone calls, Internet(WiFi), MMS, bluetooth, and Medial Danger – access to view personal info o Contacts list, incoming calls, texts, ect Dangerous Enough – access to location or files o Camera, voice, global search, and GPS access

Why Intervene at Download Permission to use a sending vector the internet, MMS, bluetooth, or Inform the user of the possibility of personal information compromise without consent or action In other security systems o It is not explicitly specified what can go wrong by accepting these permissions o The permissions are generalized into allow accept format

Why Intervene Otherwise Sending Files Files accessed by a sending vector without user direction are potentially compromising o Many actions can modify files, but that doesn’t directly hurt user User Sends Compromised Files Files modified using permissions can contain personal information We don’t want users to develop bad habits. o Similar to very long terms of service files o Inform the user to make better decisions

Attack Scenario You are hanging out on the Android Marketplace

You find this cool application called PingDroid

This screen comes up before you install it

Intervention This is the first place where we want to intervene. Instead of listing permissions we might want to say… “Hey, are you sure you want to download an application that can take your location and photographs and send them over the internet?”

You say, well ok maybe I still want this. The application is running for a while and you forget about it.

Later, you pick up your phone to notice it has a message for you.

Intervention – Your phone stopped PingDroid “PingDroid may be sending a picture along with your location to anyone on the internet”

What Happens Next? You, the user, have just found your application acting in a way that may be malicious If you decide that is what the application is supposed to do, allow the app to continue If not, you may stop the app from compromising your information The only way our security system intervenes again is if another kind of information is compromised or the sending location changes (IP address)

Attacking Scenario 2 This scenario could be used by several applications. Ezimbra is a photo editing application that has the ability to post photos on the internet.

Attack Scenario 3 People use more and more passwords and "secure" accounts with growth of technology Bank accounts, accounts, eBay/Amazon, etc. Palm attempts to help keep these accounts organized, but at what cost?

Attack Scenario 3 How does SplashID work? Where are the security issues? How can these issues be averted?

Attack Method 4 Our system would inform the user of the level of risk involved with the actions being preformed by the application This could be done prior to the user installing the update or after the update tries to run malicious code

Future Work Developing a system that uses past cases to exploit malicious actions Final Goal = Software designed to alert user of adverse actions

Research Question Answers 1.Obviously, new attacks and applications are produced daily. Security that tries to stop attacks in the background have not been successful There is no way to predict how an application will attack you, but you can predict the attack vector If the security system doesn’t accurately assess a malicious situation, no action is taken

2. Most simply, Web applications account for 41% of all financial and 52% of all tech pathway attacks There are more common vectors of attack, but they are direct (such as bluetooth hacking). These attacks can be easily prevented and are not hidden. They are not the most controversial. Source: s&mid=B4771C6F22F34E4CA3FFFDA61E0EA2C5&tier=4&id=8C626442A70740CFB6A62EC3C7A339E8&SiteID =87D3DA363DA24D189035C60D0D8A s&mid=B4771C6F22F34E4CA3FFFDA61E0EA2C5&tier=4&id=8C626442A70740CFB6A62EC3C7A339E8&SiteID =87D3DA363DA24D189035C60D0D8A4775

3. Your Personal information. Contact information Financial information Location Photographs Personal data Compromising information

4. In the future, nearly everyone will have a cell phone. In 2009, there were 4.6 billion cell phone subscriptions. That number will increase in With the growing popularity of smart phones, the cellular network will have a huge market to take advantage of.

5. We have seen so many different kinds of attack with new attacks happening each day. If there are new attacks that work, then the current security systems aren’t working. The users informed decision and intuition should be much better for prevention than a system that may take no action

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.