Index

Note: Page numbers followed by f indicates figures and t indicates tables.

A

Access control 28, 185

Advanced persistent threats (APTs) 20

Advanced RISC Machine (ARM) 101

Adware 18–19, 59

AES encryption 159

Amazon’s Appstore 9

antimobile malware apps for 178–184, 187t, 193–199

app certification 184–185

application security 174–176

app permissions 174–176

architecture 102f

attack vectors/actors 179t

component permissions 175

context-aware security 185

data encryption 185–186

detection time 193, 195f, 196f

experiment setup 186–193, 191f

insecure data storage 158

libraries component 101

machine learning 108–117

malware application 106–108

malware threats and countermeasures 176–186

metrics 192–193

operating system 168–174

permission mechanism 156

privacy 175–176

process sandbox mechanism 156

rooted process 174

security mechanisms of 156

selective access control 185

signature mechanism 156

signing apps 175

version history 171t, 173

vulnerabilities See Vulnerabilities in Android apps

Android application package (APK) 175–177, 197–199

Android Market 9

Android Runtime (ART) 169–170

Anonymity 235 See also k-anonymity

Antimalware/antiviruses

mobile security 44, 108, 178–184, 187t, 193–199

App containerization 10–11, 11f

Apple’s App Store 9

Application-level threats 2–3, 18–19

Application stores 9–10

App penetration testing 27

App permissions, Android 174–176

ART See Android Runtime (ART)

Asset management 41

Asymmetric cryptosystems 247–248

Attributes 109–110

Android vulnerabilities 159

message, RESTful 229–233

Authentication Header (AH) protocols 57–58

Authorization, Android vulnerabilities 159

B

Bilinear Decision Diffie-Hellman (BDDH) 249

Binary-Coded Decimal coding 209–210

Biometrics 33–34

facial recognition 96–98, 97f

iris recognition 98

technology 95–98

BitDefender 197

Blackberry’s App 9

Bloomberg Businessweek 61

Bluetooth 22, 122, 131

participants’ responses on 75t

Bring your own device (BYOD) 2, 10, 28, 177

remote wiping devices 43

The British Journal for the Philosophy of Science (Puccetti) 6

Broken cryptography 159

Browser exploits 21

C

Chain of trust 36–37

Choose your own device (CYOD) 43

Classes 109–110

Classification models 110–111

Classifier 127–130, 128f

Cloud storage 35–36

Code encryption 34

Common vulnerabilities and exposures (CVE) 155–156, 164

Computational Diffie-Hellman (CDH) 249

Conference facility networks 22

Configuration error, Android vulnerabilities 160

Confusion matrix 111, 111t

Constrained Application Protocol (CoAP) 220–221

piggybacked response 220–221, 221f

security for 224–226

separate response 221, 221f

Containerization 10–11, 11f

Content filtering 45

ContentScope 163

Context-aware security 185

Countermeasures 176–186

Cross-border data theft 45–46

Cross validation 112–113

Cryptography 27

asymmetric 247–248

Java Pairing-Based Cryptography Library 249

pairing-based 248–249

Custody management, in ICOPS 93–94, 94f

Custody reference number (CRN) 93

Cybercrime education programs 79

Cybersecurity 19, 62–63, 65

Cybersecurity and Cyberwar, What Everyone Needs To Know (Singer and Friedman) 18

D

Dalvik virtual machine (DVM) 101, 156, 169

Data confidentiality 27

Data dependence graph (DDGs) 161

Data encryption 35–37, 185–186

Datagram TLS (DTLS) 224

Data mining, privacy-preserving 241, 241f

Data segregation 10

Dataset, machine learning 109

Data stealing 23

insecure, Android vulnerabilities 158

Shanzhai phone 207–209

Data threats, unintentional disclosure of 24

Data validation 27–29

Decision Linear (DL) 249

Decommissioning 29

Denial of service (DoS) threats 20

malware families 138–142, 140t, 142f

performance of LaReDAMoid 134–137, 144–145, 145t

Developer training 27

Device access control 28

Device authentication 28

Device management 26

Differential privacy

Laplace mechanism 242–243

Digital age 48–51

Digital economy 15

Digital evidence

in Shanzhai phone 207–210

timeline analysis of 211–214, 215f

Digital immigrants 67

Digital literacy 67

Digital signature 247–249

Discriminating metrics (DM) 119–120

Distributed denial of service (DDoS) threats 20

Drive-by downloads 21, 107

DroidRanger 114–115

Dynamic analysis-based approaches 162–164

Dynamic behavior analysis 108

E

Electronic eavesdropping 22

Electronic tracking 18–19

Encryption 34–38

Internet security 63–65

internetwork security 57–58, 62–63

Energy consumption measurement testbed 251f

Environmental sensor 27

Equivalent classes 238–239

F

Facial recognition 96–98, 97f

Firewall 107, 184

deleted contents 211

Shanzhai phone 209–210

snapshots in 211, 213–214f

Flasher tools 206

Forensics 47, 205–207

Form analysis 108

Future Shock (Toffler) 6

G

Geographic information systems (GIS) 95

Global Certainty Penalty (GCP) 240–241

Global Identity Foundation 13

Global Privacy Enforcement Network (GPEN) 16

Global recording 238–239

Google Drive 12

Google Protection Levels (GPL) 103

Greedy algorithm 240–241

H

Hotel facility networks 22

Hypertext Transfer Protocol (HTTP) 219–221

RACS 222–224, 223t

I

ICOPS See Interactive Constable on Patrol System (ICOPS)

Identity management

handling 27–28

IDS See Intrusion detection systems (IDS)

IMSI catchers 22

Incognito algorithm 238–239

Information and communications technology (ICT) 85–86

Information management, ICOPS 89

Insecure data storage, in Android apps 158

Insufficient transport layer protection 158

Integrated Development Environment (IDE) 132

Integrity checking 108

Intelligent personal assistants (IPA) 90–91

Interactive Constable on Patrol System (ICOPS) 86–88

biometrics 95–98

capabilities 88f

communications 91–92

custody management 93–94, 94f

information management 89

intelligent personal assistants 90–91

knowledge exchange 89

push-to-talk communications 91–92, 92f

situational awareness 95

Inter-Application Communication (IAC) 162

Intercomponent data flow graph (IDFG) 161

International mobile equipment identifier (IMEI) 74

International Telecommunication Union (ITU) 205

Internet-based threats 19–21

Internet of Things (IoT) 66, 217

environments 233

RESTful protocols See RESTful IoT protocols

INTERNET permission 102

Internet Protocol (IP) 57–58

Internet security 63–65

Internetwork security

definition 57–58

organization 62–63

Inter-Process Communication (IPC) mechanism 170

Intrusion detection systems (IDS) 107, 115–116, 184

Iris recognition 98

J

Jailbreaking 40

Java Pairing-Based Cryptography (JPBC) Library

cryptographic settings 249

experiment results and observations 251–252

testing environment 249–251, 253–254t

Jericho Forum 13

Joint Test Action Group (JTAG) 206–207

K

definition 236–237

example of 238t

freeform generalization 240–241

homogeneous generalization 238–239, 239t

mechanisms 238–241

nonhomogeneous generalization 239–240, 239t

released and external data 237f

Kaspersky Lab app 197

Key bags See Key stores

Key management 38

Knowledge exchange, ICOPS 89

L

Laplace distribution, differential privacy 242–243, 243f

antivirus scanners 144

architecture of 132f

comparison between layer models 137

detection of malware families 138–142, 140t, 142f

detection performance 134–137, 144–145, 145t

interfaces 132–133

limitations 145–149

model validation 136–137

Linux kernel 101

security architecture 170–173

Local storage 35

Location-based social network (LBSN) 235

Location detection 22

Location settings 45

Logical file system 207–209

Long-term evolution (LTE) technology 92

Lost/stolen mobile devices 23

M

Machine learning 108–109

algorithms 115–116

attributes and classes 109–110

classification model 110–112

combinations of permissions 114–115

cross validation 112–113

enhancements 116–117

individual permissions 113–114

lifecycle of 110–111, 111f

permission analysis 113

techniques 115–116

Android 176–186

detection tools 107–108

experiment samples 188t

family 138–142, 140t, 142f

samples detected 197f

techniques 106–107

update attack 106

MAMA method 115–116

Man-in-the-middle (MITM) attack 21, 161–162

MediaTek (MTK)-based Shanzhai phone 206, 209, 211 See also Shanzhai phone

Memory Management Unit (MMU) 173

exploitation 32

security issues 30–31

traveling 32–33

Mobile application management (MAM) 29, 43

Mobile application software developers 8

Mobile Carrier/Network Operator 173

Mobile device end-users 7

Mobile device management (MDM) 7, 28–29

BYOD vs. CYOD 43

device eligibility 42

device registration/user enrolment 42

inventory 41–42

classification 41

database integration 42

device inventory 41

physical tracking 42

lockout screen 42

Mobile forensics 47, 205–207

Mobile Industry Review 59

Mobile security 5–7

antivirus/antimalware 44

app containerization 10–11

application-level threats 2–3, 18–19

application management 43

application stores 9–10

asset management 41

biometrics 33–34

cross-border data theft 45–46

data threats 24

device management 41–43

digital age 48–51

encryption 34–38

global growth in 7

identity management issues 12–13

internet-based threats 19–21

jailbreaking 40

mitigations 30–33

mobile usage controls 45

network level threats 3, 21–22

for organizations 26–29

passphrases 33–34

passwords 33–34

physical threats 3, 23

principles 7–9

implications 15–16

need for 14–15

regulatory retention 46

remote track and wipe 44

security resources 51

software watermarking 11–12

transmission security 44

travel threats 23

user training 40

vulnerabilities 17

web-level threats 3

Mobile usage controls 45

Mobile Web Initiative 19

Mondrian algorithm 238–239

Monitoring settings, mobile device 45

Motorola Moto G 199

Multidimensional global recording 238–239

N

National Institute of Standards and Technology (NIST) 248–249

Network exploits 22

Network level threats 3, 21–22

Nokia’s Ovi Store 9

Nongovernmental organizations (NGOs) 62

Nonvolatile random access memory (NVRAM) 207

call log stored in 210f

data items and files stored in 209, 209f

phone book stored in 210f

SMS stored in 211f

NOR flash memory 208f

O

Older people and technology

contributions 68

findings and discussion 70–78

Situational Crime Prevention Theory 68–69, 78–82, 80t

survey design 69–70

Online-based services 12

Open Handset Alliance (OHA) consortium 168–169

Operating system (OS), Android 167

advantage 168–169

rooted process 174

security architecture 170–173

system framework and architecture 168–170, 169f

vulnerabilities 173

Organizational mobile device security 8

P

Pablo Software Virus scan 198

Pairing-based cryptography 248–249

Passphrases 33–34

Passwords 33–34

Perimeter defense 57

Permission-based Malware Detection System (PMDS) 115–116

Android app 156, 174–176

application 170

background 102–106

coarse-granularity 105

incompetent administrators 105

insufficient documentation 105

limitations of 104–106

machine learning 113–117

risk determination 122, 146t, 150

PermissionWatcher 114–115

Personally identifiable information (PII) 16, 72–73, 173

Phablet 86–87, 89

Phishing 78, 167–168, 176

for Chinese Survey 77t

English survey 77t

participants’ responses on 76t

participants unaware of 75t

understanding 76f

web-level threats 3

Physical threats 3, 23

Piggybacked response, CoAP 220–221, 221f

PII See Personally identifiable information (PII)

Potentially unwanted programs (PUP) 182

Preliminary learning 124–126

Principle of Least Privilege (PLP) 102, 105

Printed circuit board (PCB) 206–207

Android 175–176

differential privacy 241–243

implications 15–16

k-anonymity 236–241, 239t

models 235–236

need for 14–15

organizations 236

Privacy Incorporated: The Business of Trust in the Digital World (Crompton) 15

Privacy-preserving data mining 241, 241f

Push-to-talk communications 92, 92f

Q

Quasi-identifier (QID) 236–240

R

Randomized algorithm 242

Random oracle assumption 249

Regulatory retention 46

Remote APDU Call Secure (RACS)

requests and responses 223t

RESTful 222–224, 223t

security for 224–226

Remote control 107

Remote track and wipe 44

Representational state transfer (REST) 217

architecture style 225f

constraints and principles 218f

foundations 218–220

message signature 227–228

message verification 228–229

security 224, 225–226f

RESTful CoAP Message Authentication (RECMA) 229–231

RESTful IoT protocols 220

CoAP 220–221, 221f

message authentication 229–233

message confidentiality 233, 233f

RACS 222–224, 223t

security for 224–226

RESTful Message Authentication (REMA) scheme 226–229, 227b

RESTful RACS Message Authentication (RERMA) 231–233

Risk for mobile devices 24–26

Rooting 40, 174

S

Sandbox 10–11

Secure software development life cycles (SDLC) 26

of Android apps 156

architecture of Linux kernel 170–173

for CoAP 224–226

context-aware 185

Internet 63–65

internetwork See Internetwork security

mitigations issue 30–31

mobile See Mobile security

representational state transfer 224, 225f

RESTful IoT 224–226

transmission 44

user, specifications See User security specifications

Separate response, CoAP 221, 221f

Session management 27

SHA-256 algorithm 249–250

digital evidence in 207–210

flasher tool 206

flash memory dump 209–210

Joint Test Action Group 206–207

logical file system 207–209

MTK-based 206, 209, 211

NOR flash memory for 208f

operation series 212

physical data storage 207–209

Signature mechanism, Android 156

Signing apps 175

Situational awareness, ICOPS 95

Situational Crime Prevention Theory 68–69, 78–82, 80t

Small-medium enterprises (SMEs) 62–63

breaches growth 58–62

containerization 10

device security 8

recent versions 32

secure passwords 33

transmission security 44

Trojan horse for 7

unauthorized access 23

Social engineering 20–21

Software watermarking 11–12

Spear phishing 61

Spyware 18–19

Static analysis-based methods 163

Supervised learning 110–111

Support Vector Machine algorithms 115–116

System validation, applications for 118

T

containerization 10

remote track and wipe 44

Testing dataset 109

application-level 2–3, 18–19

data threats 24

internet-based threats 19–21

to mobile security 2–3

network level 3, 21–22

physical-level 3, 23

protecting mobile device data 17

travel threats 23

Timeline analysis

of digital evidence 211–214, 215f

on phonebook 212–214

Training dataset 109

Transmission Control Protocol (TCP) 57–58

Transmission security 44

Travel threats 23

Trojan horse 7, 59, 63–64

Two-factor authentication 28

U

Unauthorized access 23

Unintended data leakage, Android 159

Unsupervised learning 110

Usage controls 45

User authentication 27–28

User security specifications

classifier 127–130, 128f

extracted rules 126–127

layers 118–124

preliminary learning 124–126

risk and category definitions 121–123

sampling 117–118

user participation 130–132, 131f

User-supplied pin/passphrase 37

User training 40

V

representation 120t, 124t

Virtual private network (VPN) 38–39

VulHunter 155–158

Vulnerabilities in Android apps 17, 155–156

applications 19

broken cryptography 159

communication 160

configuration error 160

ContentScope 163

discovering 160–163

distribution 157f

dynamic analysis-based approaches 162–164

future directions 164

hybrid approaches 162–163

insecure data storage 158

insufficient transport layer protection 158

poor authorization and authentication 159

security mechanisms of 156

static analysis-based methods 163

taxonomy of 156–157, 157f

unintended data leakage 159

VulHunter 157–158

W

Web-level threats 3

WebView malicious code execution 160

WeChat 235, 236f

participants’ responses on 75t

Z