Enviar búsqueda
Cargar
Security issues vs user awareness in mobile devices a survey
•
1 recomendación
•
551 vistas
IAEME Publication
Seguir
Tecnología
Empresariales
Denunciar
Compartir
Denunciar
Compartir
1 de 9
Descargar ahora
Descargar para leer sin conexión
Recomendados
P01761113118
P01761113118
IOSR Journals
HinDroid
HinDroid
HinDroid
“Design and Detection of Mobile Botnet Attacks”
“Design and Detection of Mobile Botnet Attacks”
iosrjce
The Current State of Cybercrime 2014
The Current State of Cybercrime 2014
EMC
14A81A05B5
14A81A05B5
Chaitanya Ram
Android mobile platform security and malware
Android mobile platform security and malware
eSAT Publishing House
Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?
VISTA InfoSec
20120140504023
20120140504023
IAEME Publication
Recomendados
P01761113118
P01761113118
IOSR Journals
HinDroid
HinDroid
HinDroid
“Design and Detection of Mobile Botnet Attacks”
“Design and Detection of Mobile Botnet Attacks”
iosrjce
The Current State of Cybercrime 2014
The Current State of Cybercrime 2014
EMC
14A81A05B5
14A81A05B5
Chaitanya Ram
Android mobile platform security and malware
Android mobile platform security and malware
eSAT Publishing House
Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?
VISTA InfoSec
20120140504023
20120140504023
IAEME Publication
IRJET- Authentication System in Social Networks
IRJET- Authentication System in Social Networks
IRJET Journal
Two aspect authentication system using secure mobile
Two aspect authentication system using secure mobile
Uvaraj Shan
Panda labs annual-report-2012
Panda labs annual-report-2012
Комсс Файквэе
Report on Mobile security
Report on Mobile security
Kavita Rastogi
New Malicious Attacks on Mobile Banking Applications
New Malicious Attacks on Mobile Banking Applications
DR.P.S.JAGADEESH KUMAR
Comparative Study on Intrusion Detection Systems for Smartphones
Comparative Study on Intrusion Detection Systems for Smartphones
iosrjce
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the Berries
Tyler Shields
RSA Monthly Online Fraud Report - June 2013
RSA Monthly Online Fraud Report - June 2013
EMC
Smart phone and mobile device security
Smart phone and mobile device security
CAS
Using Geographical Location as an Authentication Factor to Enhance mCommerce ...
Using Geographical Location as an Authentication Factor to Enhance mCommerce ...
CSCJournals
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wandera
Anjoum .
2020 cyber threat forcast.
2020 cyber threat forcast.
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
Evidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android Device
IJCSIS Research Publications
Cellcrypt - An Introduction to Secure Mobile Communications
Cellcrypt - An Introduction to Secure Mobile Communications
Paul Parke
IRJET- Phishing Attack based on Visual Cryptography
IRJET- Phishing Attack based on Visual Cryptography
IRJET Journal
F1802024245
F1802024245
IOSR Journals
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014
EMC
Ijiret siri-hp-a-remote-phone-access-for-smartphone-events
Ijiret siri-hp-a-remote-phone-access-for-smartphone-events
IJIR JOURNALS IJIRUSA
Cataleya-Security-Feature_SAWC_April2016page-20-23
Cataleya-Security-Feature_SAWC_April2016page-20-23
Jacqueline Fick
Effect of fluid physical properties on rollover stability in terms of damping...
Effect of fluid physical properties on rollover stability in terms of damping...
IAEME Publication
A modified pso based graph cut algorithm for the selection of optimal regular...
A modified pso based graph cut algorithm for the selection of optimal regular...
IAEME Publication
Corona based energy efficient clustering in wsn 2
Corona based energy efficient clustering in wsn 2
IAEME Publication
Más contenido relacionado
La actualidad más candente
IRJET- Authentication System in Social Networks
IRJET- Authentication System in Social Networks
IRJET Journal
Two aspect authentication system using secure mobile
Two aspect authentication system using secure mobile
Uvaraj Shan
Panda labs annual-report-2012
Panda labs annual-report-2012
Комсс Файквэе
Report on Mobile security
Report on Mobile security
Kavita Rastogi
New Malicious Attacks on Mobile Banking Applications
New Malicious Attacks on Mobile Banking Applications
DR.P.S.JAGADEESH KUMAR
Comparative Study on Intrusion Detection Systems for Smartphones
Comparative Study on Intrusion Detection Systems for Smartphones
iosrjce
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the Berries
Tyler Shields
RSA Monthly Online Fraud Report - June 2013
RSA Monthly Online Fraud Report - June 2013
EMC
Smart phone and mobile device security
Smart phone and mobile device security
CAS
Using Geographical Location as an Authentication Factor to Enhance mCommerce ...
Using Geographical Location as an Authentication Factor to Enhance mCommerce ...
CSCJournals
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wandera
Anjoum .
2020 cyber threat forcast.
2020 cyber threat forcast.
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
Evidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android Device
IJCSIS Research Publications
Cellcrypt - An Introduction to Secure Mobile Communications
Cellcrypt - An Introduction to Secure Mobile Communications
Paul Parke
IRJET- Phishing Attack based on Visual Cryptography
IRJET- Phishing Attack based on Visual Cryptography
IRJET Journal
F1802024245
F1802024245
IOSR Journals
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014
EMC
Ijiret siri-hp-a-remote-phone-access-for-smartphone-events
Ijiret siri-hp-a-remote-phone-access-for-smartphone-events
IJIR JOURNALS IJIRUSA
Cataleya-Security-Feature_SAWC_April2016page-20-23
Cataleya-Security-Feature_SAWC_April2016page-20-23
Jacqueline Fick
La actualidad más candente
(19)
IRJET- Authentication System in Social Networks
IRJET- Authentication System in Social Networks
Two aspect authentication system using secure mobile
Two aspect authentication system using secure mobile
Panda labs annual-report-2012
Panda labs annual-report-2012
Report on Mobile security
Report on Mobile security
New Malicious Attacks on Mobile Banking Applications
New Malicious Attacks on Mobile Banking Applications
Comparative Study on Intrusion Detection Systems for Smartphones
Comparative Study on Intrusion Detection Systems for Smartphones
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the Berries
RSA Monthly Online Fraud Report - June 2013
RSA Monthly Online Fraud Report - June 2013
Smart phone and mobile device security
Smart phone and mobile device security
Using Geographical Location as an Authentication Factor to Enhance mCommerce ...
Using Geographical Location as an Authentication Factor to Enhance mCommerce ...
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wandera
2020 cyber threat forcast.
2020 cyber threat forcast.
Evidence Gathering and Identification of LINE Messenger on Android Device
Evidence Gathering and Identification of LINE Messenger on Android Device
Cellcrypt - An Introduction to Secure Mobile Communications
Cellcrypt - An Introduction to Secure Mobile Communications
IRJET- Phishing Attack based on Visual Cryptography
IRJET- Phishing Attack based on Visual Cryptography
F1802024245
F1802024245
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014
Ijiret siri-hp-a-remote-phone-access-for-smartphone-events
Ijiret siri-hp-a-remote-phone-access-for-smartphone-events
Cataleya-Security-Feature_SAWC_April2016page-20-23
Cataleya-Security-Feature_SAWC_April2016page-20-23
Destacado
Effect of fluid physical properties on rollover stability in terms of damping...
Effect of fluid physical properties on rollover stability in terms of damping...
IAEME Publication
A modified pso based graph cut algorithm for the selection of optimal regular...
A modified pso based graph cut algorithm for the selection of optimal regular...
IAEME Publication
Corona based energy efficient clustering in wsn 2
Corona based energy efficient clustering in wsn 2
IAEME Publication
Biogas –diesel dual fuel engine exhaust gas emissions
Biogas –diesel dual fuel engine exhaust gas emissions
IAEME Publication
Influence of design parameters in weld joint performance
Influence of design parameters in weld joint performance
IAEME Publication
Study on the mechanism of force calculations in flow forming a review
Study on the mechanism of force calculations in flow forming a review
IAEME Publication
Effect of viscous dissipation on mhd flow of a free convection power law flui...
Effect of viscous dissipation on mhd flow of a free convection power law flui...
IAEME Publication
Eye tracking and detection by using fuzzy template matching and parameter bas...
Eye tracking and detection by using fuzzy template matching and parameter bas...
IAEME Publication
A study on users of moodle through sarasin model
A study on users of moodle through sarasin model
IAEME Publication
Securing tesla broadcast protocol with diffie hellman key exchange
Securing tesla broadcast protocol with diffie hellman key exchange
IAEME Publication
Fabrication and characterisation of in situ al-tic composite
Fabrication and characterisation of in situ al-tic composite
IAEME Publication
Design & characterization of high speed power efficient cmos comparator
Design & characterization of high speed power efficient cmos comparator
IAEME Publication
Feasibility of direct pumping for irrigation improvement projects
Feasibility of direct pumping for irrigation improvement projects
IAEME Publication
Study of loop formation process on 1 x1 v bed rib knitting machine
Study of loop formation process on 1 x1 v bed rib knitting machine
IAEME Publication
Tapered circular microstrip antenna with modified ground plane
Tapered circular microstrip antenna with modified ground plane
IAEME Publication
A study on the leadership behavior of bank branch managers ncr, india and i...
A study on the leadership behavior of bank branch managers ncr, india and i...
IAEME Publication
Antología de lírica medieval y tradicional 1ºbach
Antología de lírica medieval y tradicional 1ºbach
Education-MEC-DGA
11 de abril 2014 Obsessão e Má Influenciação
11 de abril 2014 Obsessão e Má Influenciação
Lar Irmã Zarabatana
Ppc filosofia
Ppc filosofia
Benjamim Truolluzch
Informe regional Beijing_cepal
Informe regional Beijing_cepal
Luis Fernando Cantoral Benavides
Destacado
(20)
Effect of fluid physical properties on rollover stability in terms of damping...
Effect of fluid physical properties on rollover stability in terms of damping...
A modified pso based graph cut algorithm for the selection of optimal regular...
A modified pso based graph cut algorithm for the selection of optimal regular...
Corona based energy efficient clustering in wsn 2
Corona based energy efficient clustering in wsn 2
Biogas –diesel dual fuel engine exhaust gas emissions
Biogas –diesel dual fuel engine exhaust gas emissions
Influence of design parameters in weld joint performance
Influence of design parameters in weld joint performance
Study on the mechanism of force calculations in flow forming a review
Study on the mechanism of force calculations in flow forming a review
Effect of viscous dissipation on mhd flow of a free convection power law flui...
Effect of viscous dissipation on mhd flow of a free convection power law flui...
Eye tracking and detection by using fuzzy template matching and parameter bas...
Eye tracking and detection by using fuzzy template matching and parameter bas...
A study on users of moodle through sarasin model
A study on users of moodle through sarasin model
Securing tesla broadcast protocol with diffie hellman key exchange
Securing tesla broadcast protocol with diffie hellman key exchange
Fabrication and characterisation of in situ al-tic composite
Fabrication and characterisation of in situ al-tic composite
Design & characterization of high speed power efficient cmos comparator
Design & characterization of high speed power efficient cmos comparator
Feasibility of direct pumping for irrigation improvement projects
Feasibility of direct pumping for irrigation improvement projects
Study of loop formation process on 1 x1 v bed rib knitting machine
Study of loop formation process on 1 x1 v bed rib knitting machine
Tapered circular microstrip antenna with modified ground plane
Tapered circular microstrip antenna with modified ground plane
A study on the leadership behavior of bank branch managers ncr, india and i...
A study on the leadership behavior of bank branch managers ncr, india and i...
Antología de lírica medieval y tradicional 1ºbach
Antología de lírica medieval y tradicional 1ºbach
11 de abril 2014 Obsessão e Má Influenciação
11 de abril 2014 Obsessão e Má Influenciação
Ppc filosofia
Ppc filosofia
Informe regional Beijing_cepal
Informe regional Beijing_cepal
Similar a Security issues vs user awareness in mobile devices a survey
Mobile cloning
Mobile cloning
VIKASH MEWAL
776 s0005
776 s0005
oscarh1986
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
acijjournal
How to reduce security risks to ensure user confidence in m-payments
How to reduce security risks to ensure user confidence in m-payments
BMI Healthcare
Two aspect authentication system using secure mobile devices
Two aspect authentication system using secure mobile devices
Uvaraj Shan
V4I5201553
V4I5201553
krishan8018
Law and Technology - Mobile Phone Crimes
Law and Technology - Mobile Phone Crimes
MrityunjaySaraswat
CS_UNIT 2(P3).pptx
CS_UNIT 2(P3).pptx
GaytriDhingra1
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
IJNSA Journal
Secure Authentication for Mobile Banking Using Facial Recognition
Secure Authentication for Mobile Banking Using Facial Recognition
IOSR Journals
Ijetr042177
Ijetr042177
Engineering Research Publication
Report
Report
Massimo Salvato
A BRIEF SURVEY OF MOBILE FORENSICS ANALYSIS ON SOCIAL NETWORKING APPLICATION
A BRIEF SURVEY OF MOBILE FORENSICS ANALYSIS ON SOCIAL NETWORKING APPLICATION
Nana Kwame(Emeritus) Gyamfi
Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to Solve
Icomm Technologies
Mobile Payment fraud & risk assessment
Mobile Payment fraud & risk assessment
Stefano Maria De' Rossi
Overcome Security Threats Affecting Mobile Financial Solutions 2020
Overcome Security Threats Affecting Mobile Financial Solutions 2020
Fusion Informatics
Cp3201 mobile security final
Cp3201 mobile security final
FinTech startup in stealth mode
Protocols in Mobile Electronic Commerce
Protocols in Mobile Electronic Commerce
IJERA Editor
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
MEDICI admin
A NEED FOR PEER-TO-PEER STRONG LOCAL AUTHENTICATION PROTOCOL (P2PSLAP) IN MOB...
A NEED FOR PEER-TO-PEER STRONG LOCAL AUTHENTICATION PROTOCOL (P2PSLAP) IN MOB...
IJNSA Journal
Similar a Security issues vs user awareness in mobile devices a survey
(20)
Mobile cloning
Mobile cloning
776 s0005
776 s0005
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
How to reduce security risks to ensure user confidence in m-payments
How to reduce security risks to ensure user confidence in m-payments
Two aspect authentication system using secure mobile devices
Two aspect authentication system using secure mobile devices
V4I5201553
V4I5201553
Law and Technology - Mobile Phone Crimes
Law and Technology - Mobile Phone Crimes
CS_UNIT 2(P3).pptx
CS_UNIT 2(P3).pptx
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
Secure Authentication for Mobile Banking Using Facial Recognition
Secure Authentication for Mobile Banking Using Facial Recognition
Ijetr042177
Ijetr042177
Report
Report
A BRIEF SURVEY OF MOBILE FORENSICS ANALYSIS ON SOCIAL NETWORKING APPLICATION
A BRIEF SURVEY OF MOBILE FORENSICS ANALYSIS ON SOCIAL NETWORKING APPLICATION
Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to Solve
Mobile Payment fraud & risk assessment
Mobile Payment fraud & risk assessment
Overcome Security Threats Affecting Mobile Financial Solutions 2020
Overcome Security Threats Affecting Mobile Financial Solutions 2020
Cp3201 mobile security final
Cp3201 mobile security final
Protocols in Mobile Electronic Commerce
Protocols in Mobile Electronic Commerce
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
A NEED FOR PEER-TO-PEER STRONG LOCAL AUTHENTICATION PROTOCOL (P2PSLAP) IN MOB...
A NEED FOR PEER-TO-PEER STRONG LOCAL AUTHENTICATION PROTOCOL (P2PSLAP) IN MOB...
Más de IAEME Publication
IAEME_Publication_Call_for_Paper_September_2022.pdf
IAEME_Publication_Call_for_Paper_September_2022.pdf
IAEME Publication
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
IAEME Publication
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
IAEME Publication
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
IAEME Publication
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
IAEME Publication
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
IAEME Publication
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
IAEME Publication
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
IAEME Publication
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
IAEME Publication
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
IAEME Publication
GANDHI ON NON-VIOLENT POLICE
GANDHI ON NON-VIOLENT POLICE
IAEME Publication
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
IAEME Publication
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
IAEME Publication
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
IAEME Publication
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
IAEME Publication
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
IAEME Publication
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
IAEME Publication
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
IAEME Publication
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
IAEME Publication
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
IAEME Publication
Más de IAEME Publication
(20)
IAEME_Publication_Call_for_Paper_September_2022.pdf
IAEME_Publication_Call_for_Paper_September_2022.pdf
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
GANDHI ON NON-VIOLENT POLICE
GANDHI ON NON-VIOLENT POLICE
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
Último
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Sinan KOZAK
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
debabhi2
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
Pooja Nehwal
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Katpro Technologies
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
V3cube
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
apidays
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
Último
(20)
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Security issues vs user awareness in mobile devices a survey
1.
International Journal of
Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 4, Issue 3, April (2013), © IAEME 217 SECURITY ISSUES VS USER AWARENESS IN MOBILE DEVICES: A SURVEY Khaja Mizbahuddin Quadry, Research scholar, JNTUK, Kakinada, A.P, India Dr. Mohammed Misbahuddin, Senior Technical Officer, C-DAC, Electronic city, Bangalore Dr.A.Govardhan, Professor of CSE Dept and Director of Evaluation, JNTU, Hyderabad, A.P., India ABSTRACT Mobile devices help modern man stay connected. Mobile phones come handy to serve this purpose; they use a radio link available in a geographical area, to make and receive telephonic calls, without compromising on the mobility. In the most recent years, the mobile phones are not just meant for making calls; they are used for many more purposes. Their penetration rate has increased drastically with a wide range of applications coming into the market every day. The latest ones, the Smart phones, serve an increasing number of activities besides storing sensitive data. This has made the mobile phones a prime target for attacks. The users lose all the important data besides losing a handsome amount with the loss of mobile phones; even messaging has become highly insecure. Hence this paper intends to discuss the results of a survey made online on the possible attacks on mobile devices. The paper also throws light on the case studies of a variety of attacks that have been registered in the world of mobile phones. Keywords: Security issues, Vulnerabilities, attacks, malware 1. INTRODUCTION Mobile phones, [1] otherwise called the cell phones, facilitate making and receiving telephonic calls through a radio link available in a geographical area, while being mobile. The cellular network provided by a mobile phone service provider in any area allows the cell phone access to the public telephone network. In addition to telephony, text messaging, mailing, internet access, short INTERNATIONAL JOURNAL OF ADVANCED RESEARCH IN ENGINEERING AND TECHNOLOGY (IJARET) ISSN 0976 - 6480 (Print) ISSN 0976 - 6499 (Online) Volume 4, Issue 3, April 2013, pp. 217-225 © IAEME: www.iaeme.com/ijaret.asp Journal Impact Factor (2013): 5.8376 (Calculated by GISI) www.jifactor.com IJARET © I A E M E
2.
International Journal of
Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 4, Issue 3, April (2013), © IAEME 218 range wireless communications (I.R, Bluetooth) business applications, gaming and photography are also possible by these modern mobile phones.. Hence, every common man in the modern times finds a trustworthy companion in the form of these mobile phones. They serve as a means to stay connected with family and friends, carry on business transactions, make emergency calls, etc. Records show that rural consumers, earning less than $1000 yearly, make the fastest growing cell phone subscribers world-wide. The expansion of Indian cell phone industry presents a sharp contrast when compared to the other industries. The present day Smart phones are supported with more general computing capabilities. The cell phone industry registered a boost in December 2008. More than 10million new subscribers were reported in comparison to the 8 million in 2007. The overall subscription in the cell phone industry grew by 48% in 2008 with 34 million customers. The past twenty years, from 1990 to 2010, recorded a growth in the worldwide mobile phone subscriptions, from 12.4 million to over 4.6 billion; it penetrated and reached the bottom level of the economic pyramid in the developing economies. An exponential increase in the numbers of users has been recorded ever since the mobile phones were first made available. The end of 2009 saw over 50 mobile operators with 10 million subscribers each and another over 150 mobile operators with at least one million subscribers. The year 2010, has recorded 4.6billion mobile phone subscribers on the whole, a number that is expected to grow more rapidly in the years to come... 2.1 VULNERABILITIES and Security of Mobile Devices With the wide spread use of Mobile phones for a wide range of applications, their security is a matter of serious concern. Mobile phones are nowadays considered to be the very handy authentication medium by many websites [3] and by most of the online businesses. They send an SMS based authentication code for ensuring authentication online; often in clear text involving no codes. As these mobile phones run the risk of being stolen, the fraudster can easily read the text or forward it to another number. This allows a cyber criminal authenticate fraudulently. Vulnerability, [2] though not so common a factor with the desktops, is very serious in case of mobile devices given to their small size and portability; thus being easily stolen or lost. The report presented at Georgia Tech Cyber Security Summit 2011, the Emerging Cyber Threats 2011 talks about the rise of vulnerabilities in case of mobile browsers. The security experts say that the device constraints and tension between usability and security make it difficult to debug issues. As the mobile browsers never get updated as traditional web browsers do, and the users continue using the same operating system and the mobile browser as it was on the date of manufacture, the attackers gain a big advantage. Attackers leverage a logic flaw in the mobile network standards and force mobile phones to send premium rate SMS messages preventing them from receiving messages for long periods of time. Major actions like checking credit or voice mail, calling emergency numbers or customer support and even performing mobile banking are performed by these malicious applications, while typically they figure themselves as menu or application bearing the operators’ name. A majority of cell phones don’t notify for the SIM Toolkit messages; some others wakeup from their sleep mode, but neither they indicate the receipt of any neither message nor do they show any message in the inbox. However, when automated error reports are sent, the users of some branded phones get notified for the message being sent but can’t really see any message. Only the Nokia devices ask for confirmation to send SIM toolkit response. But this option, asking for confirming the SIM service actions, is off by default on the phones configured by the operators. The most recent devices like iphones and the Windows mobile 6.x devices notify the message being sent but offer no way to stop it. However the sender can request for a reply via SMS either directly to the sender’s number or to the operator’s message center. The online banking applications through mobile browsers are also vulnerable to the phishing websites that invite the bank customers to enter their passwords or other credentials.
3.
International Journal of
Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 4, Issue 3, April (2013), © IAEME 219 3 CASE STUDIES We discuss some of the mobile phone attacks reported. 3.1 CASE STUDY: ZEUS TROJAN ATTACKS BANK'S 2-FACTOR AUTHENTICATION Zeus [4], a type of banking Trojan, has been reported to target the mobile phones when the users try to get their handsets upgraded to the two-factor authentication facility. The F-secure antivirus provider researchers informed that the Zeus MitMo attack appears to be similar to the reported in Spain. In both the cases the malware attempted to steal the mTANs (mobile transaction authentication numbers) used by a majority of European banks an enhanced authentication service to their online customers. In this case the financial institutions provide a one-time password through SMS, which in the secondary stage needs pass codes to login to online accounts. The Zeus Mitmo[5] creates a fraudulent field on the web page prompting the users to provide their cell phone numbers and the type of handset they use. As there is no change in the URL or any changes in the header or footer that hints about the untrusted security panel. The users provide the information thinking that they are enhancing their security, least knowing that the notification is fraudulent. Thus activated, the app then monitors your SMS messages and sends the mTANS to the Zeus operator, making it possible to gain access to your bank account as it has got your user name, password and mTAN; combination that would clear your account of cash. 3.2 Case study: Spy Eye banking Trojan: now with SMS hijacking capability Another banking Trojan, the Spy Eye[7] has the capability to reroute the SMSes carrying the one- time passwords sent to victims' cell phones. This feature enables the Trojan to bypass all the protections adopted by the financial institutions. In yet another case, the Spy Eye tried to redirect and trick the victims to reassigning the cell phone number that they have registered with the banks to receive one-time passwords. The fraudulent pages injected into the online banking sessions make a false claim that the users have been assigned a unique telephone number and that they would receive a special SIM card in the mail shortly. Thus injected, Spy Eye allows the fraudsters to receive all the SMS transaction verification codes for the hijacked account via their own telephone network. In this way they divert funds using the SMS confirmation system from the customer's account without acknowledgement or triggering any fraud detection alarms. How the attack works: The malware first gains the access to the login information logs into the account without being detected by the bank or the consumer. With the help of social engineering he obtains the confirmation code originally used to activate the consumer's mobile phone number with the bank. To do this the malware injects a page that is assumed by the consumer that it is from the bank. It says that as a requirement for the new security system unique telephone numbers are being issued to the customers and that they will receive a special SIM card in the mail. The customers are prompted to reregister with the bank using the original confirmation code into the relevant field; of course, the Black Hats are ready to capture it. On getting the code the fraudsters claim for a change in the old phone number with the new one which will be their own number. As soon as this is done, they divert the funds, without alerting the customer or the bank about the fraud. These unauthorized withdrawals or expenditures are noticed only when the customer logs in to his account. This is enough to demonstrate that all out-of-band authentication systems, including SMS-based solutions, are not fool-proof. As the banks have started verifying the transactions and subjecting them to various fraud detection systems, the fraudsters are using a combination of MITB (man in the browser injection) technology and social engineering to buy themselves more time. Once a computer has been identified to be infected with Spy Eye, such attacks can be checked with endpoint security that blocks MITB techniques. Only a layered approach to security can solve the issue otherwise even the most sophisticated OOBA schemes would fail.
4.
International Journal of
Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 4, Issue 3, April (2013), © IAEME 220 3.21 First Spy Eye Attack on Android Mobile Platform Spy Eye [8] is fast spreading in the mobile market, making the Android mobile platform their target. Ever since Man in the Mobile attacks (MitMo/ZitMo) first emerged in late 2010, Spy Eye introduced their own hybrid desktop-mobile attacks (dubbed SPITMO). On the Zeus’ tracks. Trojan: SymbOS/Spitmo The SPITMO Trojan injects fraudulent fields for the user’s mobile phone number and the IMEI of the phone into the bank's webpage, thus directing the user to provide them. The Trojan needs to link up with the developer certificate in order to get installed on the user’s phone. But as the developer’s certificate is tied to the IMEI of the user’s mobile phone, the malware authors request the IMEI along with the phone number on the bank's website. On receiving the new IMEIs, they request an updated certificate with the IMEIs of all the victims in order to sign in and create a new installer. The delay in getting the new certificate from the developer explains why the Spy Eye injected message states it can take up to three days for the certificate to be delivered. The cumbersome cycle which is used to circumvent Symbian's signing in requirement makes the Trojan take up to three days to complete an attack. • Ask the user for their device's IMEI • Generate an appropriate certificate • Release an updated installer Trojan:DriodOS/Spitmo The fraudsters find it unreasonable to wait for three days just to steal a couple of SMSs. The Android OS provides a much more intuitive and modern approach to succeed getting desired treasure. Figure3 has a pictorial overview of how MitMo evolved. The figure shows clearly that before 2011 Blackberry and symbian were affected by Zeus Trojan, but after April 2011 the Spy Eye Android, Blackberry and Symbian. Figure.3 MITMO EVOLUTI (www.pcworld.com/.../spyeye_trojan_targets_online_banking_securit The Trustee reached the following analysis from a Spy Eye compromised machine on July 24th: Stage 1: MITB – web injects module (you know the drill...) When a compromised mobile is used for transacting with the targeted bank, a message prompts a "new" security measure, supposedly being enforced by the bank, which is mandatory in order to use its online banking service thereafter. It seems to be an Android application, fully safe and protecting the phone’s SMS messages from being intercepted (there’s irony for you…) and guards the user against any fraud.
5.
International Journal of
Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 4, Issue 3, April (2013), © IAEME 221 The "set the application" button on clicking, provides further instructions for installing the application: Stage 2: Android (malicious) App installation The user is directed to click on the URL: hxxp://www.androidseguridad.com/simseg.apk. After the installation of the Android application on the compromised device, the application named "System" is not visible. It's not a service, and it’s not listed in any of the current running applications. In order locate the existence of this app, a bit of searching is required: In order to complete the installation, the user is made to dial the number "325000"; the Android malware hijacks this call presenting a malicious activation code that is to be submitted later in to the "bank’s site": Following is the de-complied code snippet found responsible for the "activation code" operation but there is no reference to it in the application package (as of July 24) Stage 3: Android secure application is a Trojan After the successful installation, the Trojan intercepts all incoming SMSs and transfers them to the attacker C&C; the de-compiled code snippet given below creates a string for later use, whenever an SMS is received: “? Sender= [SendeerAddress] &receiver=[ReciverAddress]&text=[MessageBody The above formed string structure will be later be appended, as a query string, with a GET HTTP request, to be sent to the attacker's end. There is a "Settings.xml" file (asset directory) with a configuration, within the app, for the Trojan; "Settings.xml" defines: • The transfer method i.e. SMS or HTTP • The attacker's drop zone URLs Here’s a snippet of the extracts from "Settings.xml": Stage 4: SMS Spy Command & Control Four domain names in the URLs in use were found not registered (yet!): 124ff42.com; 124ffdfsaf.com; and 124sfafsaffa.com.However, Spy Eye - the domain ‘124ffsaf.com’ has been found ‘hopping’ around in different IPs, in several locations, around the world.The snippet from SpyEye’s tracker history record for the domain 124ffsaf.com over a three day period shows as follows:Peeping around the attacker C&C reveals an unprotected (at the moment!) statistics page It’s worth mentioning that the Attacker C&C above was produced the above stated information when the Trojan was tested in action in the lab. The Sender 15555215556 and the Recipient 15555215554 refers to the two Android emulators used in the lab to simulate the attack (the corresponding HTTP traffic is presented above). As indicated in the page, the attack has yet to gain momentum, so consider this a warning. I'm pretty sure this is just the beginning so I’m tempted to say, “To be continued…” SPITMO for Android loses the battle against Trusteer It is hightime that the Organizations acted and installed a desktop browser security solution in the multi layered security profile they have been using. The banks that already offer Trusteer Rapport are automatically protected and are NOT vulnerable to this attack - even if the Trojan is downloaded. This is due to Rapport being supported by a feature to prevent Spy Eye from installing on the customer's PC, thus terminating the attack before it takes hold. Those who are not using Rapport, Trusteer Pinpoint will detect and report the real-time victims, as being infected with this variant of SpyEye, when they attempt to log in to the bank's website. The attack is nullified by restricting the services to these reportedly infected machines, like disabling it to complete transactions. Finally, Trusteer Mobile for Android (either Secure Library or Secure Browser) will detect and block such attacks by preventing any malicious activity.
6.
International Journal of
Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 4, Issue 3, April (2013), © IAEME 222 3.22 SPY EYE BANK TROJAN HIDES ITS FRAUD FOOTPRINT Another nastier version of Spy Eye [9], has been detected with the ability to hide all fraudulent transactions from victims and was found allegedly targeting the major UK banks. This Spy Eye version is a tweak of the Zeus crimeware kit that grabs web-form data within browsers. This new Trojan, doesn’t intercept or divert email messages, rather hides the fraudulent transactions, masks the amount of the transaction, and puts forward a fake balance, ensuring that victims are unaware of anything being amiss on their account. Its work can be briefed as: 1. Spy Eye steals the debit card data by employing a man-in-the-browser attack on an online banking session. 2. The fraud is committed with the debit card data. 3. Thirdly, the Spy Eye initiates a post-transaction attack and hides the fraudulent transactions from the victim, when he logs in to his account the next time Here’s detailed description of how it goes down: Step 1 – Malware Post-Login Attack - Credentials Stolen: a. The victim’s machine is first infected with any Man in the Browser malware (e.g. Zeus, Spy Eye, Carberp), with a suitable configuration. b. The fraudulently configured malware asks the customer for debit card data during the login phase (HTML injection) – e.g. card number, CVV2, month and year of expiry, etc. Step 2 – Fraudster Commits Fraudulent Activity: c., The cybercriminals then create a card-not-present transaction fraud by making a purchase or transferring money over the telephone or the internet using the customer’s debit card details. d. The fraudulent transaction details are immediately fed in to the malware control panel by the fraudster. Step 3 – Malware Post-Transaction Attack with Fraud Hidden from View: Figure 4 MitMo Attack Cycle ( nakedsecurity.sophos.com/.../spyeye-bank-trojan-hides-its-fraud- foot.)
7.
International Journal of
Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 4, Issue 3, April (2013), © IAEME 223 3.32 Case Study: Android Trojan records calls Cyber Criminals [11] have increased the functionality of Android Trojans. Earlier versions of mobile malware strains for Google's mobile platform were able to log the duration and numbers of incoming and outgoing calls. The new malware goes a step ahead by capturing the whole content of conversations before storing them on the SD-slot memory card of infected Android phones. The hackers then upload these conversations to a server, according to the tests carried on the malware by the security researchers at CA in a closed environment On installation, the malware drops a 'configuration' file containing the key information about the remote server and the parameters.’ This as-yet-unnamed malware cannot install by itself. It needs to be installed by the victims who consider it to be a prototype of some sort, a game or a tool that they can use against their spouses to keep track of their activities. The Victims, tricked into installing it, would need to agree to install the application, grant it permissions to record audio, read the state of a phone and prevent it from sleeping. 3.31 NEW Drive-By Android Trojan Attacks Mobile Users Android.Notcompatible [11], an Android Trojan horse program getting installed via a partial drive-by download has been identified as a threat by Symantec. Though Symantec gives Android.Notcompatible its lowest risk level, very Low, the main concern is that it might be copied by other hackers to use the technique in other attacks. Drive-by downloads—the malware that installs itself without the user's knowledge--typically occur when a website is visited. Android.Notcompatible pretends as a genuine system update under the name "com.Security.Update". The images below show the download and installation. Taking the program to be a genuine update by its pretence, the infected users approve installation. After being installed on a phone, Android.Notcompatible monitors all incoming and outgoing data including the personal one, sends its copies to the attacker through a proxy code. Android.Notcompatible spreads via URL redirects injected into the HTML of innocent bystander sites. The users who allow installation from unknown sources are most susceptible. Users who download apps from Google Play are safe from this or any other threat. The following sites have been identified as Android.Notcompatible hosts, by Symantec. (The "http" part of the addresses is bracketed to prevent accidental launches of infected sites.): • [http://]androidbia.info • [http://]androidjea.info • [http://]gaoanalitics.info • [http://]androidonlinefix.info 3.4 Case Study: Scumbags get sneaky with new self-robbery Trojan A particularly sneaky banking Trojan equipped with a self-robbery tricks that traps victims into transferring funds into the accounts controlled by cyber crooks or their partners has been developed by the malware-peddlers[12]. The users of the infected machines, on logging in to the bank site, get a fake message alerting them of a mistaken credit to their account, asking the user to revert the said amount to unfreeze their account. Trojan falsely inflates displayed account balances on infected machines, besides offering a pre-filled online transfer form in order to make the ploy more plausible. All these make the victim trust and transfer the said amount without getting it confirmed from the bank. While previous banking Trojans, like the URL Zone Trojan displayed fake balances on infected machines, this latest strain of malware is an evolution of this line of attack. As the period of time involved in banking fraud increases the risk of the fraud being tracked down, the fraudsters find it safer tricking victims into transferring funds themselves rather than employing money mules to force entry to the compromised accounts. Fraudsters can thus quickly loot accounts, before the compromised accounts are suspended or login credentials changed.
8.
International Journal of
Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 4, Issue 3, April (2013), © IAEME 224 4 CONCLUSIONS This survey concludes that Mobile phones are not secure unless the user is well aware of the risks. They can be attacked and used for various fraudulent purposes, not normally identified by users. This paper explores some vulnerabilities, and explains how they may be exploited. Finally, the case studies expose consequences of attacks on mobile phones by malware. The lack of security awareness [15] among cell phone users and their carelessness are the two prominent risk factors that fall the users prey to the fraudsters. It is extremely important to understand that a smart phone is far more than just a phone and cannot be treated like one of ordinary standards. Unlike the previous generations of cell phones, that were least susceptible to Bluetooth hijacking, the modern smart phones are prone to the same risks as PCs, equipped with Bluetooth or internet features. New attack vectors will increasingly be exploited by fraudsters as online banking services use these devices as second authentication factors given the convergence between PCs and cell phones. Recommendations for a secure mobile banking: • Check rating, user reviews, and comments for each mobile application you download. Avoid low rated, new applications, and bad reviews. • Carefully evaluate the permission requested by Android applications when you install them. Applications that ask for access to text messages and other sensitive information should raise a red flag and further researched before you download it • Have your PC protected with online banking security software such as Trusteer Rapport that can be downloaded from your bank's website. This software rules out the possibility of MitMo attacks by restricting fraudsters from controlling the web channel. • Regularly install updates on your mobile device • Enable access protection measures such as a PIN or password (if possible). Configure the smart phone to automatically lock after a minute or so when being idle. • Before installing or using new smartphone apps or services, check their reputation. Only install applications from trusted sources. • Pay attention to the security permissions requested by every application and service you install. • Keep your operating system and software applications up to date. • Disable features not in use: Bluetooth, infrared or Wi-Fi. • If you have Bluetooth enabled, set your device to be hidden and password-protect it. • Make regular backup copies of your important files. • Encrypt sensitive information whenever possible. • Use call and SMS encryption software. • Whenever possible, do not store sensitive information on the smartphone. Make sure it is not cached locally. • Erase all information from the smartphone once you get rid of it. • In the event your phone is lost or stolen, inform your service provider and give them your device‘s IMEI number to block it. • You can also use remote or automatic deletion of data (after several failed login attempts). • Monitor the smartphone for anomaly detection. • Check your account activity frequently to detect fraud. • Be aware of the risks associated with these devices and use them correctly
9.
International Journal of
Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 4, Issue 3, April (2013), © IAEME 225 REFERENCES [1] http://www.en.wikipedia.org/wiki/Mobile_phone [2]en.wikipedia.org/wiki/Mobile_virus [3]http://www.theregister.co.uk/2011/02/22/zeus_2_factor_authentication_attack/ [4] www.eweek.com/.../Zeus-Trojan-Mobile-Variant-Intercepts-SMS-Pas. [5] www.thinkdigit.com/Mobiles.../ZeuS-Trojan-now-affecting-BlackBer [6] www.networkworld.com/.../zeus-trojan-back-and-targeti... - United States [7]www.theregister.co.uk/2011/10/06/banking_trojan_steals_sms/ [8] www.trusteer.com/.../first-spyeye-attack-android-mobile-platform-no. [9]nakedsecurity.sophos.com/.../spyeye-bank-trojan-hides-its-fraud-foot[ 10]http://www.theregister.co.uk/2011/08/02/android_malware_records_calls/ [11]www.informationweek.com/byte/news/232901415 [12] http://www.theregister.co.uk/2011/07/29/tricky_banking_trojan/] [13] http://www.theregister.co.uk/2011/02/22/oddjob_banking_trojan/ [14]www.informationweek.com/news/security/vulnerabilities/229219049 [15] http://www.scribd.com/doc/57779895/CNCCS-Smart-Phone-Malware [16] K.Sangeetha and Dr.K.Ravikumar, “A Framework for Practical Vulnerabilities of the Tor (The Onion Routing) Anonymity Network”, International Journal of Computer Engineering & Technology (IJCET), Volume 3, Issue 3, 2012, pp. 112 - 120, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375 [16] A.Edwinrobert and Dr.M.Hemalatha, “Behavioral and Performance Analysis Model for Malware Detection Techniques”, International Journal of Computer Engineering & Technology (IJCET), Volume 4, Issue 1, 2013, pp. 141 - 151, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375
Descargar ahora