Securing Mobile Devices: Literature Review

Clint Kautz

Abstract
More people use mobile devices than ever before, making them the new favorite targets for
virus programmers. Because of this, a great deal of research has been devoted to identifying
viruses and improving security measures on mobile devices. This review examines a sample of
the literature on mobile security and the reasons improvements are needed. While much work
has been done to improve security, there is still more that can be done to improve mobile
security.

Introduction
Mobile computing is a global phenomenon, the number of users and devices continue to
increase. It is now estimated that the total number of devices connected via networks has
surpassed the entire world population (Valcke). Mobile devices smartphones, tablets, and
similar devices have a greater susceptibility to malware attack because they are powered on
and wirelessly connected to networks nearly one hundred percent of the time (Ju, Kim and Jeon).
Of course this level of exposure to external networks makes mobile devices prime targets for
cyber criminals whom continually develop new computer viruses to circumvent current security
protocols and exploit security gaps for financial gain. With the rise in the use of mobile
computing, a rise in mobile banking has emerged. These activities are more sensitive to security
risks due to the nature of exchanging financial information, which explains why nearly 60% of
mobile viruses target these activities (Valcke). For these reasons, and the fact that 95% of tested
apps a minimum of one exploitable security flaws, mobile security has become a conscientious
area of research for computer scientists (Valcke). This review will examine the literature on: I.
mobile security threats, II. Current security measures, III. Proposed security enhancements to
mobile platforms and IV. Draw conclusions on the literature and the state of mobile security
research.

I. Mobile Security Threats

The threats to mobile devices increase as more people start using mobile devices to view and
store sensitive information. The primary motivation is to profit from the spread of malicious
programs, but victims of the virus can have their private information stolen, have their location
tracked, experience reduced device battery life and experience reduced device performance
(Wang, Gonzalez and Menezes). In 2012, the number of smartphones shipped outpaced PCs for
the first time (Rose). Hackers have followed this market trend, shifting focus from PCs to
mobile devices, as security company Lookout reports that its software is now detecting twice the
amount of attempted infections every few months (Rose).

There are numerous types of viruses discussed in the literature. Rose describes several
exploits used by mobile phone hackers. A flaw in the Android operating system can allow a
developer to override the back button operation which can be used to create pop-up ads or steal
information from log-in screens. Another common type of virus, known as an upgrade attack,
is a virus embedded in updates to apps that were first released virus free to pass market place
security reviews for publishing. Once the app makes it to the market place, an update with the
malicious code is offered and users devices become infected. A type of virus known as
repackaging takes a popular or trustworthy app, copies it, and republishes under a new name or
as a free app with the same name as a paid app, but include a virus with the new version.
Wang, P, et al. conducted a study on multimedia messaging service (MMS) viruses and how
they spread. A MMS virus scans an infected devices address book and sends messages to those
devices with links to malicious software (Peng, Wu and Wang). These are effective because
users see the message as coming from someone they know and therefore do not suspect any ill
intentions. The research by Peng, Sancheng, et al. also examine MMS viruses in addition to
short message service (SMS) commonly known as text messaging and viruses that can spread
over Bluetooth or Wi-Fi connections. Bluetooth viruses propagates through Bluetooth
connections to other Bluetooth-enabled devices that it can find, Wi-Fi viruses work in a similar
manner (Peng, Wu and Wang). These types of viruses are more sophisticated than app based
viruses, not only in the manner in which they propagate but in the manner they avoid detection as
well.
Infected apps depend on users downloading the app to spread and gain access, and once
discovered they are easy to contain and remove from the market place. The message based
viruses can avoid detection by self-regulating their messaging rate. Network providers monitor
SMS and MMS activity and if a virus messaged as rapidly as possible, the spike in activity
would be easily detected and the virus identified (Wang, Gonzalez and Menezes). Virus
programmers are aware of this and have written their virus to operate in such a way as to avoid
spiking the messaging traffic above the normal threshold (Wang, Gonzalez and Menezes). The
research by Wang, P, et al. and Peng, Sancheng, et al. studies how these viruses spread across the
mobile network and define models for detecting them earlier and thereby limiting the damage
they can cause. The next section will cover current security measures used in mobile devices to
combat the various forms of mobile viruses.
II. Current Security Measures
The current security available on mobile devices is typically some form of software, either in
the operating system (OS) or in a third party anti-virus software. The OSs with the majority of
the market share approach security in very different manners. Android by Google, has the
greatest number of users, iOS by Apple in second, then BlackBerry by RIM, and finally
Windows Phone by Microsoft (Rose). Android is open-source, meaning the source code for the
operating system is available for anyone to see and use. Googles security philosophy is geared
toward user responsibility, while Apples takes onus of security on its devices (Rose). Apples
iOS also consistently tests better than Android on security tests, mainly because the software for

storing credentials on iOS is stronger than that on Android (Rose). In addition apps submitted to
Apples App Store must pass a thorough review process by Apple before publishing, while on
Android anyone can publish an app (Rose). The difference here being, Android has fewer
restrictions and can thereby be customized by users more easily, but Apple offering more security
(Rose).
This does not make iOS immune to infection or even the most secure device, RIMs
BlackBerry remains the most secure mobile device OS available and the favorite for enterprises
around the world (Rose). Unlike Android and iOS that were built for user experience,
BlackBerry was designed with security and encryption as it primary goal (Rose). In fact, a
BlackBerry device never directly connects with internet, all network traffic on BlackBerry is
routed to a BlackBerry Network Operations Center (NOC) were the data is encrypted and
compressed before being sent to the BlackBerry user (Rose). Foreign governments have
attempted to ban BlackBerrys because they are so secure its difficult for those governments to
monitor the activity on the devices (Rose).
Aside from the security measures put in place by the various operating systems, there exists a
variety of software based solutions. However, these solutions are limited because they require a
large amount of computing power and time, and the amount and variety of viruses continues to
expand (Ju, Kim and Jeon). Given the limitations, both in processing power and battery life, of
mobile devices software based security is not as effective as a security measure as they are on
PCs where power is not limited and processing capabilities are much greater (Ju, Kim and Jeon).
These restrictions have led to a need to research additional security options better suited for
mobile devices beyond the current offerings as examined in the next section.
III.

Proposed Security Enhancements

In "Best practices in mobile security", Valcke describes how changes in the configuration of
the protocols devices communicate and verify information can be strengthened to improve
security. He describes the current validations in place as insufficient and cumbersome to users
and proposes implementing an additional layer of authentication that could occur behind the
scenes without users needing to remember lengthy passwords. Another proposal involves
authentication by geo-location to determine if the device attempting to access information, a
bank account for example, is in appropriate region (Valcke). These solutions would be
implemented by the institutions - i.e. banks, insurance companies, etc. - that users access via
mobile networks.
A solution that mobile device manufactures could implement would be improvements to
hardware based security capabilities. Hardware security features that exist on PCs but do not
exist on mobile device for the same reasons that conventional software based solutions do not
exist, mainly limited power supply. Progress in hardware solutions has been made, as Ju,
Hongil, et al. describe how a security chip called a Secure Element (SE) can be added to devices,
but is not optimal and would be more secure if manufactures begin directly bonding them to
mobile devices. An additional security chip is also proposed, a Mobile Trusted Module (MTM),

which is a variant of the Trusted Platform Module (TPM) used in PCs. These work by storing
security information in secure space not accessible by other areas of memory in the device (Ju,
Kim and Jeon). TPM is in the early stages of development and is not commercially available for
any devices. While these hardware solutions are being developed, another approach to security
has been proposed and can be utilized earlier than the hardware solutions.
As mentioned earlier the battery and processing power of mobile devices limits the
effectiveness of software based security solutions. In Highly Secure Mobile Devices Assisted
with Trusted Cloud Computing Environments, Oh, D, et al. propose a Cloud based solution to
supplement the battery and processing limitations of mobile devices. By implementing an
established virus detection algorithm and offloading the heavy processing elements of the
program to servers on the Cloud, Oh, D, et al. were able to perform scans thirteens times faster
while consuming only nine percent of the power needed to perform the same scan entirely on a
mobile device. The drawbacks to this approach are the requirement to send and receive data over
the network as most providers have limitations on the amount of data one can transmit on their
network and the program can only detect the signatures of known viruses, meaning new viruses
will not be prevented until they have been identified.

IV.

Conclusion

There is much that mobile device users can do to limit their risks to malware exposure. By
educating themselves on what to look for and avoiding suspicious content, the spread of viruses
can be greatly constrained. In addition, continued research in identifying viruses earlier,
scanning for viruses via the Cloud, and improvements in mobile security chips will all be
necessary to develop a more secure and reliable mobile world. Current detection models still
take as much as one hundred days to identify MMS outbreaks (Wang, Gonzalez and Menezes).
This leaves great room for improvement for detection strategies. The adoption of cloud based
solutions are the most readily available solution, yet they still rely on known strains so their
effectiveness will be limited. It is most needed that the security chip features found on PCs be
modified for and used in mobile devices to achieve greater security. All of these areas will need
continuous improvements though, as malware programmers will be ever searching for new ways
to exploit the weaknesses of what has rapidly become the favored way to access information.

Works Cited
Ju, Hongil, et al. "Implementation of a hardware security chip for mobile devices." IEEE
Transactions on Consumer Electronics (2015): 500-506. Peer Reviewed Journal.
Oh, D, et al. "Highly Secure Mobile Devices Assisted with Trusted Cloud Computing
Environments." Etri Journal (2015): 348-358. Peer Reviewed Journal.
Peng, Sancheng, et al. "Propagation model of smartphone worms based on semi-Markov process
and social relationship graph." Computers & Security (2014): 92. Peer Reviewed Journal.
Rose, Chris. "Smart Phone, Dumb Security." The Review of Business Information Systems
(2012): 21. The Review of Business Information Systems.
Valcke, Jan. "Best practices in mobile security." Biometric Technology Today (2016): 9-11. Peer
Reviewed Journal.
Wang, P, et al. "Understanding the spread of malicious mobile-phone programs and their damage
potential." International Journal of Information Security 12.5 (2013): 383-392. Peer
Reviewed Journal.