Mobile Security Problems and Defensive Methods
Mobile Security Problems and Defensive Methods
Volume 7, Issue 2, February – 2022 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Mobile Security Problems and Defensive Methods
Balaji Sarvepalli
Northwest Missouri State University,
Maryville MO 64468, USA
Abstract:- Mobile gadgets has became an integral part III. MOBILE ATTACKS
of daily lives. In comparison to desktop computers,
mobile devices have grown exponentially in recent years. According to the Open Web Application Security,
As mobile devices become more common, attackers have insecure data storage and communications are two of the
more opportunities to steal sensitive data or carry out most significant mobile risks.
various forms of assaults on them. We investigated many
sorts of security concerns associated with mobile devices A. Secure Storage Data
and mobile applications. In this research paper, various Many applications save data in text format, while 89.4
defensive measures for preventing these security threats percentage of mobile applications employ weak techniques.
in mobile devices were discussed. A user’s mobile phone is stolen or misplaced, the person
who finds it has access to all of the device’s personal and
I. INTRODUCTION sensitive information another method of obtaining. The
purpose of using data from mobile devices is to convince the
Every aspect of human existence has an application for user to download a malware-infected app.
mobile devices. Mobile phones can be used for the online
bankings and sending files via e-mail, text messages, etc.
Through social media, we can communicate with long
distance people. Generally, the GSM surveillance has the 6
billion different mobile connections and 3.8 billion internet
users worldwide in 2018.
The various different operating systems are Android
and iOS. Android operating systems come in a variety of
favors, including Nougat, Lollipop, and Marshmallow. In
the meantime, there are several iOS versions and only 11
percent of Android users have the most recent version of
Android, compared to 86 percent of iOS users.
According to the Open Web Application Security,
secure data storing and secure communication threats are
serious challenges in the devices, according to their top risks
list. In this research paper, described the various important
security problems and with the protective methods.
II. RELATED WORK
Khana et al. learn various challenges related to mobile
user safety, cell phone threats, mobile risk. The various
types of cell phone problems, the application problems and Fig. 1: SSL Weak Communication
internet searching problems. The Trojan is most important
financial-related threats to the cell phone problems. The B. Protective Communications
main security measures for data secure is fingerprint The majority of communication in a client-server
security. The most measures require involvement in all approach takes place in the devices. Mobile apps act the
stages in different mobile devices. clients, communicate with the server to store various types
of the user information. Developer must set up encrypted
Agassi told that checking device problem issues does
connectionbetween the mobile app and the server. Due to
not have a perfect solution. It is the biggest problem in
the implementation of sniffing software, an attackers can
mobile device security are applying appropriate safety plans,
including present security and securing data on devices. To now easily sniff communication in between the device and
the public WiFi hotspot. If connections are not secure, the
secure important documents and stored files, companies
required to use a safe location for devices and to secure attackers steal sensitive information from the users. If the
developer uses a bad SSL (Secure socket layer) for their app
application, secure policies must be separate of the devices
and applications used on them. server communications, an attackers use MITM and
phishing attacks.
IJISRT22FEB299 www.ijisrt.com 1050
Volume 7, Issue 2, February – 2022 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
IV. DEFENSIVE METHODS
Different entities must implement different mobile
security procedures at different phases to protect sensitive
data of users. when over various channels for our examples,
we’ll use Android mobile devices, but the same approaches
apply to iOS devices as well. Figure 3 depicts how Android
application.apk files reach the end user. Those applications
for mobile devices. Because apk files may be decompiled by
anyone to obtain the source code, mobile application hosting
providers and users can access and edit the source code.
Developers will have the mobile application hosting
providers like mobile device operating system
manufacturers, and mobile phone must all work together to
protect mobile devices from security attacks.
Fig. 2: Communication Technologies
C. Malware Attack
Malware software installs without the user understanding
in the mobile device. Attacks can be spread via internet
insecure applications. Malware has the ability to broadcast
text to contact list are to unauthorized users, as well as
transfer sensitive information to attackers. Attackers can
give complete control of the mobile device.
Spyware attacksSpyware’s primary goal is to steal a Fig. 3: Developer and user APK Files
user’s sensitive or personal information and spread it
without the user’s knowledge.
A. Security Measures by Developer
Trojan These dangerous programs are put into Secure Coding Security should be a top priority for
trustworthy executable files, and the Trojan is activated developers, and security measures should be implemented at
when the user runs them. Trojans can steal data, disable every level of the mobile app developmentprocess. Using
various functions of mobile devices, and allow an attacker to strong cryptographic methods with long keys and values are
install more software. updated Secure socket layer safe interaction between the
mobile app and some of the security practices.
WormMobile Worm works similar to a computer
worm in that it duplicates and spreads the additional B. Security Measures by User
devices.The Worm can despise by messages and other forms Installing Unknown Applications In trying to make
of applications requiring user’s interaction. programs public, trusted app hosting companies such as
Google Play Store or Apple App Store extensively scan
D. Cross Siti Attacks them for dangerous malware. As a result, there will be
Crosssite scripting attacks are the most dangerous types relatively few security concerns when downloading
of online application threats. Many developers use HTML programs from these marketplaces.
and JavaScript to create hybrid mobile apps, but insecure
coding can result in CSS attacks on mobile devices.These Application update and OS Mobile Phone application
defects can be used by attackers to manipulate behavior must update their apps whenever a new version of the
mobile devices. Share is a popular activity on the devices, software is released by the developer. Occasionally,
and the attackers can reputable website liable to share developers will provide to fix a security flaw in their
malicious program links. application. Operating system are more crucial than
application updates.
IJISRT22FEB299 www.ijisrt.com 1051
Volume 7, Issue 2, February – 2022 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
C. Security Measures They recommend applications to assign security scores
Android developers regard Play Store to be a reliable to mobile apps based on the security measures they
hosting source for Android application, while Apple App implement.Table.1 shows the example,the mobile
Store is a rusted hosting service for iOS apps. The application stores assigns the scores to application and have
application stores must monitor application on the devices the higher value in these application in search and
and, if any security issues arise, must ban programs quickly. recommend, developers be compelled and to be includes
Currently, virus checks are performed on mobile apps before perfect security features in the application.
they are made public on the Google Play Store and the
Apple App Store.
Secure Problems Conditions Scores
Secure the Data Storage There will be no Security, Strong and weak 0.1
Secure communication No Security, Strong and weak 0,1
Malware No 1
Other problems No 1
Table 1: Secure problems and score tables
V. CONCLUSION https://doiorg.ezproxy.nwmissouri.edu/10.1007/s00779
-017-1098-x
Mobile device applications are developing at an [6.] Olalere, M., Abdullah, M.T., Mahmod, R., Abdullah,
unsustainable rate, managing security in these devices is A.: A review of bring your own device on security
becoming increasingly difficult. We looked at common issues. Sage Open 5(2), 2158244015580372 (2015)
mobile security issues like data storage security, [7.] Pawlick, J., Colbert, E., Zhu, Q.: A game-theoretic
communication security,cross-site scripting, and malware taxonomy and survey of defensive deception for
problem. This research paper we analyzed and presented a cybersecurity and privacy. ACM Comput. Surv. 52(4)
few defensive strategies that developers, mobile users, and (Aug 2019). https://doi.org/10.1145/3337772,
app hosting providers should use to prevent issues in the https://doiorg.ezproxy.nwmissouri.edu/10.1145/33377
mobile phones. It recommended scoring system for the 72
applications in the devices.It upgrades applications to secure [8.] Shrestha, P., Saxena, N.: An offensive and defensive
required in their applications, because it compares exposition of wearable computing. ACM Comput.
applications. They have the option of selecting an Surv. 50(6) (Nov 2017).
application with a more security rating, so that we can https://doi.org/10.1145/3133837, https://doi-
secure the mobiles phones. org.ezproxy.nwmissouri.edu/10.1145/3133837
[9.] Singh, V.V., Wang, J.: Nano/micromotors for
REFERENCES security/defense applications. a review. Nanoscale
[1.] Al-Qurishi, M., Al-Rakhami, M., Alamri, A., 7(46), 19377–19389 (2015)
Alrubaian, M., Rahman, S.M.M., Hossain, M.S.: Sybil [10.] Sun, L., Dou, Y., Yang, C., Wang, J., Yu, P.S., He, L.,
defense techniques in online social networks: a survey. Li, B.: Adversarial attack and defense on graph data: A
IEEE Access 5, 1200–1219 (2017) survey. arXiv preprint arXiv:1812.10528 (2018)
[2.] Bagga, P., Hans, R.: Mobile agents system security: A
systematic survey. ACM Comput. Surv. 50(5) (Sep
2017). https://doi.org/10.1145/3095797,
https://doiorg.ezproxy.nwmissouri.edu/10.1145/30957
97
[3.] Balaji, S., Julie, E.G., Robinson, Y.H., Kumar, R.,
Thong, P.H., et al.: Design of a security-aware routing
scheme in mobile ad-hoc network using repeated game
model. Computer Standards & Interfaces 66, 103358
(2019).
[4.] Garba, A.B., Armarego, J., Murray, D., Kenworthy,
W.: Review of the information security and privacy
challenges in bring your own device (byod)
environments. Journal of Information privacy and
security 11(1), 38–54 (2015)
[5.] Lee, S., Lee, S., Kang, T., Kwon, M., Lee, N., Kim, H.:
Resiliency of mobile os security for secure personal
ubiquitous computing. Personal Ubiquitous Comput.
22(1), 23–34 (Feb 2018).
https://doi.org/10.1007/s00779-017-1098-x,
