A survey on security for mobile devices

IEEE Communications Surveys and Tutorials

Volumn 15, Issue 1, 2013, Pages 446-471

  La Polla, Mariantonietta ^a   Martinelli, Fabio ^a   Sgandurra, Daniele ^a  

^a CNR   (Italy)

Author keywords

Intrusion Detection; Mobile Malware; Mobile Security; Trusted Mobile

Indexed keywords

MALWARE WRITERS; MOBILE MALWARE; MOBILE SECURITY; MOBILE SERVICE; PAPER SURVEYS; RESEARCH FIELDS; SECURITY SOLUTIONS; STATE OF THE ART; TRUSTED MOBILE; UBIQUITOUS SERVICE;

COMPUTER CRIME; GLOBAL SYSTEM FOR MOBILE COMMUNICATIONS; INTRUSION DETECTION; RESEARCH; SURVEYS; TELECOMMUNICATION SYSTEMS;

MOBILE DEVICES;

EID: 84873712223     PISSN: None     EISSN: 1553877X     Source Type: Journal    
DOI: 10.1109/SURV.2012.013012.00028     Document Type: Article

References (165)

1. M. Kotadia, "Major smartphone worm by 2007," Gartner Study, June 2005.
2. Gartner Research, "Gartner Says Worldwide Mobile Phone Sales Grew 35 Percent in Third Quarter 2010; Smartphone Sales Increased 96 Percent," 2010. [Online]. Available: http://www.gartner.com/it/ page.jsp?id=1466313
3. IMS Research, "Global Smartphones Sales Will Top 420 Million Devices in 2011, Taking 28 Percent of all Handsets, According to IMS Research," July 2011. [Online]. Available: http://imsresearch.com/ press-release/Global Smartphones Sales Will Top 420 Million Devices in 2011 Taking 28 Percent of all Handsets According to IMS Research
4. Q. Yan, Y. Li, T. Li, and R. Deng, "Insights into Malware: Detection and Prevention on Mobile Phones," in Security Technology, D. ́Slzak, T.-h. Kim, W.-C. Fang, and K. P. Arnett, Eds. Springer Berlin Heidelberg, 2009, vol. 58, ch. 30, pp. 242-249.
5. S. Coorporation, "Symantec Internet Security Threat Report Volume XVI," Whitepaper, vol. 16, Apr 2011.
6. Kasperksy Lab, "Popular Porn Sites Distribute a New Trojan Targeting Android Smartphones," 2010. [Online]. Available: http: //www.kaspersky.com/news?id=207576175
7. C. Papathanasiou and N. J. Percoco, "This is not the droid you're looking for..." in DEFCON 18, July 2010.
8. J. Bickford, R. O'Hare, A. Baliga, V. Ganapathy, and L. Iftode, "Rootkits on smart phones: attacks, implications and opportunities," in Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications, ser. HotMobile '10. New York, NY, USA: ACM, 2010, pp. 49-54.
9. D. Damopoulos, G. Kambourakis, and S. Gritzalis, "iSAM: An iPhone Stealth Airborne Malware," in Future Challenges in Security and Privacy for Academia and Industry, ser. IFIP Advances in Information and Communication Technology, J. Camenisch, S. Fischer- H?ubner, Y. Murayama, A. Portmann, and C. Rieder, Eds. Springer Boston, 2011, vol. 354, ch. 2, pp. 17-28.
10. A. Gostev, "Mobile malware evolution: An overview," Kaspersky Labs Report on Mobile Viruses, 2006.
11. M. Hypponen, "Malware Goes Mobile," Scientific American, vol. 295, no. 5, pp. 46-53, 2006.
12. G. Lawton, "Is It Finally Time to Worry about Mobile Malware?" Computer, vol. 41, pp. 12-14, May 2008.
13. M. Hypponen, "Mobile Security Review September 2010," F-Secure Labs, HelsinkiFinland, Tech. Rep., September 2010.
14. A.-D. Schmidt and S. Albayrak, "Malicious Software for Smartphones," Technische Universit?at Berlin - DAI-Labor, Tech. Rep. TUBDAI 02/08-01, February 2008, http://www.dai-labor.de.
15. A. P. Felt, M. Finifter, E. Chin, S. Hanna, and D. Wagner, "Survey of Mobile Malware in the Wild," 2011. [Online]. Available: http://www.eecs.berkeley.edu/~afelt/malware.html
16. N. Leavitt, "Mobile Phones: The Next Frontier for Hackers?" Computer, vol. 38, pp. 20-23, April 2005. (Pubitemid 40608419)
17. F-Secure, "Liberty (Palm)," Aug 2000. [Online]. Available: http: //www.f-secure.com/v-descs/lib palm.shtml
18. "Bluetooth-Worm:SymbOS/Cabir," Jun 2004. [Online]. Available: http://www.f-secure.com/v-descs/ cabir.shtml
19. McAfee Labs, "Mobile Security Report 2009," 2009. [Online]. Available: http://www.mcafee. com/us/resources/reports/ rp-mobile-security-2009. pdf
20. S. T?oyssy and M. Helenius, "About malicious software in smartphones," Journal in Computer Virology, vol. 2, no. 2, pp. 109-119, 2006. (Pubitemid 44644384)
21. S. Viveros, "The economic impact of malicious code in wireless mobile networks," in 3G Mobile Communication Technologies, 2003. 3G 2003. 4th International Conference on (Conf. Publ. No. 494), Jun 2003, pp. 1-6.
22. K. Dunham, Mobile malware attacks and defense. Syngress, 2008.
23. N. Leavitt, "Malicious Code Moves to Mobile Devices," Computer, vol. 33, pp. 16-19, December 2000.
24. McAfee Labs, "2011 Threats Predictions," 2010. [Online]. Available: http://www.mcafee.com/ us/resources/reports/ rp-threat-predictions- 2011.pdf
25. D. Barroso, "ZeuS Mitmo: Man-in-the-mobile," Semptember 2010. [Online]. Available: http:// securityblog.s21sec.com/2010/ 09/zeus-mitmo-man-in- mobile-i.html
26. A. Gostev, "Kaspersky Security Bulletin. Malware Evolution 2010," Feb 2011. [Online]. Available: http: //www.securelist.com/en/ analysis/204792161/Kas- persky Security Bulletin Malware Evolution 2010
27. Cisco, "Cisco 2010 Annual Security Report," Jan 2011. [Online]. Available: http://www.cisco.com/ en/US/prod/collateral/ vpndevc/security annual report 2010.pdf
28. PandaLabs, "Annual Report," 2011. [Online]. Available: http://press.pandasecurity.com/wp-content/uploads/2010/ 05/ PandaLabs-Annual- Report-2010.pdf
29. Google Mobile Blog, "An Update on Android Market Security," March 2011. [Online]. Available: http://googlemobile.blogspot.com/ 2011/03/update-on-an- droid-market-security.html
30. Sophos, "Security Threat Report," 2010. [Online]. Available: http://www.sophos.com/sophos/docs/eng/ papers/ sophos-security-threat-report- jan-2010-wpna.pdf
31. Juniper Networks Global Threat Center, "Malicious Mobile Threats Report 2010/2011," 2011. [Online]. Available: http://www.juniper.net/ us/en/local/pdf/whitepapers/2000415-en.pdf
32. Trend Micro, "The Future of Threats and Threat Technologies. How the Landscape Is Changing," 2011. [Online]. Available: http:// us.trendmicro.com/imperia/md/content/ us/trendwatch/ researchandanalysis/trend micro 2010 future threat report final.pdf
33. R. Leszczyna, I. N. Fovino, and M. Masera, "MAISim: mobile agent malware simulator," in Proceedings of the 1st international conference on Simulation tools and techniques for communications, networks and systems & workshops, ser. Simutools '08. ICST, Brussels, Belgium, Belgium: ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering), 2008, pp. 35:1-35:6.
34. G. Hogben and M. Dekker, "Smartphones: Information security risks, opportunities and recommendations for users," European Network and Information Security Agency, 710 01 Heraklion - Crete - Greece, Tech. Rep., December 2010.
35. P. M. Milligan and D. Hutcheson, "Business risks and security assessment for mobile devices," in MCBE'07: Proceedings of the 8th Conference on 8th WSEAS Int. Conference on Mathematics and Computers in Business and Economics. Stevens Point, Wisconsin, USA: World Scientific and Engineering Academy and Society (WSEAS), 2007, pp. 189-193.
36. A. P. Felt, M. Finifter, E. Chin, S. Hanna, and D. Wagner, "A survey of mobile malware in the wild," in Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, ser. SPSM '11. New York, NY, USA: ACM, 2011, pp. 3-14. [Online]. Available: http://doi.acm.org/10.1145/ 2046614.2046618
37. R. A. Botha, S. M. Furnell, and N. L. Clarke, "From desktop to mobile: Examining the security experience," Computers & Security, vol. 28, no. 3-4, pp. 130-137, 2009. [Online]. Available: http://www.sciencedirect. com/science/article/B6V8G- 4TYJTT6-1/2/ 335760cc014d6e724fd8d188942025e6
38. C. R. Mulliner, "Security of Smart Phones," Master's thesis, University of California, Santa Barbara, 2006.
39. G. Portokalidis, P. Homburg, N. FitzRoy-Dale, K. Anagnostakis, and H. Bos, "Protecting smart phones by means of execution replication," Vrije Universiteit Amsterdam, Tech. Rep., 2009.
40. M. Becher, F. C. Freiling, J. Hoffmann, T. Holz, S. Uellenbeck, and C.Wolf, "Mobile Security Catching Up? Revealing the Nuts and Bolts of the Security of Mobile Devices," in Proceedings IEEE Security and Privacy, May 2011.
41. J. Oberheide, K. Veeraraghavan, E. Cooke, J. Flinn, and F. Jahanian, "Virtualized in-cloud security services for mobile devices," in Proceedings of the First Workshop on Virtualization in Mobile Computing, ser. MobiVirt '08. New York, NY, USA: ACM, 2008, pp. 31-35.
42. J. Oberheide and F. Jahanian, "When mobile is harder than fixed (and vice versa): demystifying security challenges in mobile environments," in Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications, ser. HotMobile '10. New York, NY, USA: ACM, 2010, pp. 43-48.
43. M. Becher and F. C. Freiling, "Towards dynamic malware analysis to increase mobile device security," in Proc. of SICHERHEIT, 2008.
44. A. Makhlouf and N. Boudriga, "Intrusion and anomaly detection in wireless networks," in Handbook of Research on Wireless Security, Y. Zhan, J. Zheng, and M. Ma, Eds. Information Science Publishing, 2008.
45. K. Haataja, "Security threats and countermeasures in Bluetoothenabled systems," Ph.D. dissertation, Department of Computer Science, University of Kuopio, 2009.
46. Y. L. Ho and S.-H. Heng, "Mobile and ubiquitous malware," in MoMM '09: Proceedings of the 7th International Conference on Advances in Mobile Computing and Multimedia. NewYork,NY, USA: ACM, 2009, pp. 559-563.
47. A. Bose, X. Hu, K. G. Shin, and T. Park, "Behavioral detection of malware on mobile handsets," in MobiSys '08: Proceeding of the 6th international conference on Mobile systems, applications, and services. New York, NY, USA: ACM, 2008, pp. 225-238.
48. A.-D. Schmidt, F. Peters, F. Lamour, C. Scheel, S. A. Ç amtepe, and S. Albayrak, "Monitoring smartphones for anomaly detection," Mob. Netw. Appl., vol. 14, no. 1, pp. 92-106, 2009.
49. L. Xie, X. Zhang, J.-P. Seifert, and S. Zhu, "pBMDS: a behaviorbased malware detection system for cellphone devices," in Proceedings of the Third ACM Conference on Wireless Network Security, WISEC 2010, Hoboken, New Jersey, USA, March 22-24, 2010. ACM, 2010, pp. 37-48.
50. M. Becher and F. C. Freiling, "Towards Dynamic Malware Analysis to Increase Mobile Device Security," in Sicherheit 2008: Sicherheit, Schutz und Zuverl?assigkeit. Konferenzband der 4. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft f?ur Informatik e.V. (GI), 2.- 4. April 2008 im Saarbr?ucker Schloss, ser. LNI, vol. 128. GI, 2008, pp. 423-433.
51. P. Traynor, M. Lin, M. Ongtang, V. Rao, T. Jaeger, P. McDaniel, and T. La Porta, "On cellular botnets: measuring the impact of malicious devices on a cellular network core," in CCS '09: Proceedings of the 16th ACM conference on Computer and communications security. New York, NY, USA: ACM, 2009, pp. 223-234.
52. W. Enck, P. Traynor, P. McDaniel, and T. La Porta, "Exploiting open functionality in SMS-capable cellular networks," in Proceedings of the 12th ACM conference on Computer and communications security, ser. CCS '05. New York, NY, USA: ACM, 2005, pp. 393-404. (Pubitemid 44022022)
53. V. Bocan and V. Cretu, "Security and Denial of Service Threats in GSM Networks," Periodica Politechnica, Transactions on Automatic Control and Computer Science, vol. 49, no. 63, 2004.
54. C. Xenakis, "Malicious actions against the GPRS technology," Journal in Computer Virology, vol. 2, no. 2, pp. 121-133, 2006. (Pubitemid 44632012)
55. J. R. Rao, P. Rohatgi, H. Scherzer, and S. Tinguely, "Partitioning Attacks: Or How to Rapidly Clone Some GSM Cards," in Proceedings of the 2002 IEEE Symposium on Security and Privacy. Washington, DC, USA: IEEE Computer Society, 2002, pp. 31-.
56. G. Kambourakis, C. Kolias, S. Gritzalis, and J. H. Park, "DoS attacks exploiting signaling in UMTS and IMS," Computer Communications, vol. 34, no. 3, pp. 226-235, 2011.
57. A. Bose and K. G. Shin, "Proactive security for mobile messaging networks," in WiSe '06: Proceedings of the 5th ACM workshop on Wireless security. New York, NY, USA: ACM, 2006, pp. 95-104. (Pubitemid 46634306)
58. Z. Zhu, G. Cao, S. Zhu, S. Ranjan, and A. Nucci, "A Social Network Based Patching Scheme for Worm Containment in Cellular Networks," in INFOCOM 2009. 28th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies, 19-25 April 2009, Rio de Janeiro, Brazil, 2009, pp. 1476-1484.
59. A. Bose and K. G. Shin, "On Mobile Viruses Exploiting Messaging and Bluetooth Services," in Securecomm and Workshops, 2006, Sept 2006, pp. 1-10.
60. U. Meyer and S. Wetzel, "A man-in-the-middle attack on UMTS," in Proceedings of the 3rd ACM workshop on Wireless security, ser. WiSe '04. New York, NY, USA: ACM, 2004, pp. 90-97. (Pubitemid 40062799)
61. M. Khan, A. Ahmed, and A. R. Cheema, "Vulnerabilities of UMTS Access Domain Security Architecture," in Proceedings of the 2008 Ninth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing. Washington, DC, USA: IEEE Computer Society, 2008, pp. 350-355.
62. C. Guo, H. J. Wang, and W. Zhu, "Smart-phone attacks and defenses," in HotNets III. Citeseer, 2004.
63. J. W. Mickens and B. D. Noble, "Modeling epidemic spreading in mobile environments," in WiSe '05: Proceedings of the 4th ACM workshop on Wireless security. New York, NY, USA: ACM, 2005, pp. 77-86. (Pubitemid 44447320)
64. C. Rhodes and M. Nekovee, "The opportunistic transmission of wireless worms between mobile devices," Physica A: Statistical Mechanics and its Applications, vol. 387, no. 27, pp. 6837-6844, 2008. [Online]. Available: http://www.science- direct.com/science/ article/pii/S0378437108007772
65. C. Fleizach, M. Liljenstam, P. Johansson, G. M. Voelker, and A. Mehes, "Can you infect me now?: malware propagation in mobile phone networks," in WORM '07: Proceedings of the 2007 ACM workshop on Recurring malcode. New York, NY, USA: ACM, 2007, pp. 61-68.
66. G. Yan, H. D. Flores, L. Cuellar, N. Hengartner, S. Eidenbenz, and V. Vu, "Bluetooth worm propagation: mobility pattern matters!" in ASIACCS '07: Proceedings of the 2nd ACM symposium on Information, computer and communications security. New York, NY, USA: ACM, 2007, pp. 32-44. (Pubitemid 47479225)
67. G. Yan and S. Eidenbenz, "Bluetooth Worms: Models, Dynamics, and Defense Implications," in ACSAC '06: Proceedings of the 22nd Annual Computer Security Applications Conference. Washington, DC, USA: IEEE Computer Society, 2006, pp. 245-256. (Pubitemid 351232919)
68. Y. Bulygin, "Epidemics of Mobile Worms," Performance, Computing, and Communications Conference, 2002. 21st IEEE International, vol. 0, pp. 475-478, 2007. (Pubitemid 350139332)
69. J. W. Mickens and B. D. Noble, "Analytical Models for Epidemics in Mobile Networks," in WIMOB '07: Proceedings of the Third IEEE International Conference on Wireless and Mobile Computing, Networking and Communications. Washington, DC, USA: IEEE Computer Society, 2007, p. 77.
70. G. Yan and S. Eidenbenz, "Modeling Propagation Dynamics of Bluetooth Worms (Extended Version)," IEEE Transactions on Mobile Computing, vol. 8, pp. 353-368, 2009.
71. J. Su, K. K. W. Chan, A. G. Miklas, K. Po, A. Akhavan, S. Saroiu, E. de Lara, and A. Goel, "A preliminary investigation of worm infections in a bluetooth environment," in WORM '06: Proceedings of the 4th ACM workshop on Recurring malcode. NewYork,NY, USA: ACM, 2006, pp. 9-16. (Pubitemid 47117518)
72. M. Becher, F. C. Freiling, and B. Leider, "On the Effort to Create Smartphone Worms in Windows Mobile," in Information Assurance and Security Workshop, 2007. IAW '07. IEEE SMC, june 2007, pp. 199-206.
73. A. Lelli, "A Smart Worm for a Smartphone WinCE.PmCryptic.A," 2009. [Online]. Available: http://www.symantec.com/connect/blogs/ smart-worm- smartphone-wincepmcryptica
74. A. R. Flø and A. Jøsang, "Consequences of botnets spreading to mobile devices," in 14th Nordic Conference on Secure IT Systems, 2009, pp. 37-43.
75. K. Singh, S. Sangal, N. Jain, P. Traynor, and W. Lee, "Evaluating Bluetooth as a medium for botnet command and control," in Proceedings of the 7th international conference on Detection of intrusions and malware, and vulnerability assessment, ser. DIMVA'10. Berlin, Heidelberg: Springer-Verlag, 2010, pp. 61-80.
76. K. G. S. Yuanyuan Zeng, Xin Hu, "How to Construct a Mobile Botnet?" in The 40th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2010), 2010.
77. C. Mulliner and J.-P. Seifert, "Rise of the iBots: Owning a telco network," in Malicious and Unwanted Software (MALWARE), 2010 5th International Conference on, Oct 2010, pp. 71-80.
78. P. A. Porras, H. Sa?idi, and V. Yegneswaran, "An Analysis of the iKee.B iPhone Botnet," in Security and Privacy in Mobile Information and Communication Systems - Second International ICST Conference, MobiSec 2010, Catania, Sicily, Italy, May 27-28, 2010, Revised Selected Papers, ser. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, A. U. Schmidt, G. Russello, A. Lioy, N. R. Prasad, and S. Lian, Eds., vol. 47. Springer, 2010, pp. 141-152.
79. A. Apvrille, "Symbian Worm Yxes: Towards Mobile Botnets?" in The 19th EICAR Annual Conference, May 2010, pp. 31-54.
80. M. Ballano, "Android Threats Getting Steamy," Feb 2011. [Online]. Available: http://www.symantec. com/connect/blogs/ android-threats-getting-steamy
81. M. Becher, "Security of Smartphones at the Dawn of their Ubiquitousness," Ph.D. dissertation, Universit?at Mannheim, 2009.
82. Techie Buzz, "Android Data Theft Vulnerability Detailed," 2011. [Online]. Available: http://techie-buzz.com/mobile-news/ android-data-theft- vulnerability-detailed.html
83. L. Whitney, "Apple sued over privacy in iPhone, iPad apps," 2011. [Online]. Available: http://news.cnet.com/8301-13579\ 3-20026677-37.html
84. N. Seriot, "iPhone Privacy," Black Hat DC, 2010. [Online]. Available: http://seriot.ch/resources/talks papers/iPhonePrivacy.pdf
85. S. Bhatt, R. Sion, and B. Carbunar, "A personal mobile DRM manager for smartphones," Computers & Security, vol. 28, no. 6, pp. 327-340, 2009.
86. R. P. Minch, "Privacy Issues in Location-Aware Mobile Devices," in Proceedings of the Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS'04) - Track 5 - Volume 5. Washington, DC, USA: IEEE Computer Society, 2004, pp. 50 127.2-.
87. W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth, "TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones," in Proceedings of the 9th USENIX conference on Operating systems design and implementation, ser. OSDI'10. Berkeley, CA, USA: USENIX Association, 2010, pp. 1-6.
88. M. Egele, C. Kruegel, E. Kirda, and G. Vigna, "PiOS: Detecting Privacy Leaks in iOS Applications," in Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2011.
89. S. Whitehead, J. Mailley, I. Storer, J. McCardle, G. Torrens, and G. Farrell, "IN SAFE HANDS: A Review of Mobile Phone Antitheft Designs," European Journal on Criminal Policy and Research, vol. 14, pp. 39-60, 2008.
90. A. Portnoy, "Pwn2Own 2010," 2010. [Online]. Available: http: //dvlabs.tippingpoint.com/blog/2010/ 02/15/pwn2own-2010
91. L. Cai, S. Machiraju, and H. Chen, "Defending against sensor-sniffing attacks on mobile phones," in Proceedings of the 1st ACM workshop on Networking, systems, and applications for mobile handhelds, ser. MobiHeld '09. New York, NY, USA: ACM, 2009, pp. 31-36.
92. N. Xu, F. Zhang, Y. Luo, W. Jia, D. Xuan, and J. Teng, "Stealthy video capturer: a new video-based spyware in 3G smartphones," in Proceedings of the second ACM conference on Wireless network security, ser. WiSec '09. New York, NY, USA: ACM, 2009, pp. 69-78.
93. R. Schlegel, K. Zhang, X. Zhou, M. Intwala, A. Kapadia, and X. Wang, "Soundminer: A Stealthy and Context-Aware Sound Trojan for Smartphones," in Proceedings of the 18th Annual Network & Distributed System Security Symposium (NDSS), Feb. 2011.
94. W. Enck, M. Ongtang, and P. McDaniel, "On lightweight mobile phone application certification," in CCS '09: Proceedings of the 16th ACM conference on Computer and communications security. New York, NY, USA: ACM, 2009, pp. 235-245.
95. M. Ongtang, S. McLaughlin, W. Enck, and P. McDaniel, "Semantically Rich Application-Centric Security in Android," in Computer Security Applications Conference, 2009. ACSAC '09. Annual, dec. 2009, pp. 340-349.
96. E. Naone, "SMS of Death Could Crash Many Mobile Phones," 2011. [Online]. Available: http://www. technologyreview.com/printer friendly article.aspx?id =27021
97. H. Kim, J. Smith, and K. G. Shin, "Detecting energy-greedy anomalies and mobile malware variants," in MobiSys '08: Proceeding of the 6th international conference on Mobile systems, applications, and services. New York, NY, USA: ACM, 2008, pp. 239-252.
98. L. Liu, X. Zhang, G. Yan, and S. Chen, "Exploitation and threat analysis of open mobile devices," in Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems, ser. ANCS '09. New York, NY, USA: ACM, 2009, pp. 20-29.
99. R. Racic, D. Ma, and H. Chen, "Exploiting MMS Vulnerabilities to Stealthily Exhaust Mobile Phone's Battery," in Securecomm and Workshops, 2006, aug. 2006, pp. 1-10.
100. D. Johnston and J. Walker, "Overview of IEEE 802.16 security," Security Privacy, IEEE, vol. 2, no. 3, pp. 40-48, may-june 2004.
101. T. Engel, "Remote SMS/MMS Denial of Service - Curse Of Silence for Nokia S60 phones," Dec 2008. [Online]. Available: http://berlin.ccc.de/ ~tobias/cursesms.txt
102. C. Mulliner and C. Miller, "Injecting SMS messages into smart phones for security analysis," in WOOT'09: Proceedings of the 3rd USENIX conference on Offensive technologies. Berkeley,CA,USA: USENIX Association, 2009, pp. 5-5.
103. McAfee, "WaveSecure," 2011. [Online]. Available: https://www. wavesecure.com/
104. Norton, "Norton Mobile Security Lite," 2011. [Online]. Available: http://us.norton.com/mobile-security/
105. IIT-CNR, "iCareMobile," 2011. [Online]. Available: http: //icaremobile.iit.cnr.it/
106. BullGuard Ltd, "BullGuard Mobile Security 10," 2011. [Online]. Available: http://www.bullguard.com
107. Kaspersky Lab ZAO, "Kaspersky Mobile Security 9," 2011. [Online]. Available: http://www.kaspersky.com/kaspersky mobile security
108. ESET, "ESET Mobile Security," 2011. [Online]. Available: http: //www.eset.com/us/home/products/mobile-security/
109. Lookout, "Lookout Mobile Security," 2011. [Online]. Available: https://www.mylookout.com
110. C. Xenakis and L. Merakos, "Vulnerabilities and Possible Attacks Against the GPRS Backbone Network," in Critical Information Infrastructures Security, ser. Lecture Notes in Computer Science, J. Lopez, Ed. Springer Berlin / Heidelberg, 2006, vol. 4347, pp. 262-272.
111. B. Sun, Y. Xiao, and K. Wu, "Intrusion Detection in Cellular Mobile Networks," in Wireless Network Security, ser. Signals and Communication Technology, Y. Xiao, X. S. Shen, and D.-Z. Du, Eds. Springer US, 2007, pp. 183-210.
112. G. W. Chow and A. Jones, "A Framework for Anomaly Detection in OKL4-Linux Based Smartphones," in Australian Information Security Management Conference, 2008.
113. A. Shabtai, U. Kanonov, and Y. Elovici, "Intrusion detection for mobile devices using the knowledge-based, temporal abstraction method," J. Syst. Softw., vol. 83, no. 8, pp. 1524-1537, 2010.
114. D. Damopoulos, S. A. Menesidou, G. Kambourakis, M. Papadaki, N. Clarke, and S. Gritzalis, "Evaluation of anomaly-based IDS for mobile devices using machine learning classifiers," Security and Communication Networks, vol. 5, no. 1, pp. 3-14, 2012. [Online]. Available: http://dx.doi.org/10.1002/sec.341
115. A. Shabtai, U. Kanonov, Y. Elovici, C. Glezer, and Y. Weiss, ""Andromaly": a behavioral malware detection framework for android devices," Journal of Intelligent Information Systems, pp. 1-30, 2011, 10.1007/s10844-010-0148-x. [Online]. Available: http://dx.doi.org/10.1007/ s10844-010-0148-x
116. I. Burguera, U. Zurutuza, and S. Nadjm-Tehrani, "Crowdroid: behavior-based malware detection system for Android," in Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, ser. SPSM '11. New York, NY, USA: ACM, 2011, pp. 15-26. [Online]. Available: http://doi.acm.org/10.1145/2046614.2046619
117. G. A. Jacoby, R. Marchany, and N. J. D. IV, "How Mobile Host Batteries Can Improve Network Security," IEEE Security and Privacy, vol. 4, pp. 40-49, 2006.
118. L. Liu, G. Yan, X. Zhang, and S. Chen, "VirusMeter: Preventing Your Cellphone from Spies," in RAID '09: Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection. Berlin, Heidelberg: Springer-Verlag, 2009, pp. 244-264.
119. Q. Yan, R. H. Deng, Y. Li, and T. Li, "On the Potential of Limitationoriented Malware Detection and Prevention Techniques on Mobile Phones," International Journal of Security and Its Applications (IJSIA), vol. 4(1), pp. 21-30, Jan 2010.
120. D. Venugopal, G. Hu, and N. Roman, "Intelligent virus detection on mobile devices," in PST '06: Proceedings of the 2006 International Conference on Privacy, Security and Trust. New York, NY, USA: ACM, 2006, pp. 1-4.
121. L. Xie, H. Song, T. Jaeger, and S. Zhu, "A systematic approach for cell-phone worm containment," in WWW '08: Proceeding of the 17th international conference on World Wide Web. NewYork,USA: ACM, 2008, pp. 1083-1084.
122. L. Xie, X. Zhang, A. Chaugule, T. Jaeger, and S. Zhu, "Designing System-Level Defenses against Cellphone Malware," in SRDS '09: Proceedings of the 2009 28th IEEE International Symposium on Reliable Distributed Systems. Washington, DC, USA: IEEE Computer Society, 2009, pp. 83-90.
123. G. Zyba, G. M. Voelker, M. Liljenstam, A. M'ehes, and P. Johansson, "Defending Mobile Phones from Proximity Malware," in INFOCOM 2009. 28th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies, 19-25 April 2009, Rio de Janeiro, Brazil. IEEE, 2009, pp. 1503-1511.
124. C. Bauckhage, T. Alpcan, and A.-D. Schmidt, "A Probabilistic Diffusion Scheme for Anomaly Detection on Smartphones," in Proceedings of the Fourth International Workshop in Information Security Theory and Practice 2010 (WISTP'10), ser. Lecture Notes in Computer Science. Springer, 2010, pp. 31-46.
125. D. R. Ellis, J. G. Aiken, K. S. Attwood, and S. D. Tenaglia, "A behavioral approach to worm detection," in WORM '04: Proceedings of the 2004 ACM workshop on Rapid malcode. NewYork,NY, USA: ACM, 2004, pp. 43-53. (Pubitemid 40371959)
126. A. Castrucci, F. Martinelli, P. Mori, and F. Roperti, "Enhancing Java ME Security Support with Resource Usage Monitoring," in Information and Communications Security, 10th International Conference, ICICS 2008, Birmingham, UK, October 20-22, 2008, Proceedings, ser. Lecture Notes in Computer Science, L. Chen, M. D. Ryan, and G. Wang, Eds., vol. 5308. Springer, 2008, pp. 256-266.
127. N. Dragoni, F. Massacci, K. Naliuka, and I. Siahaan, "Securityby- Contract: Toward a Semantics for Digital Signatures on Mobile Code," in Public Key Infrastructure, 4th European PKI Workshop: Theory and Practice, EuroPKI 2007, Palma de Mallorca, Spain, June 28-30, 2007, Proceedings, ser. Lecture Notes in Computer Science, vol. 4582. Springer, 2007, pp. 297-312.
128. N. Dragoni, F. Martinelli, F. Massacci, P. Mori, C. Schaefer, T. Walter, and E. Vetillard, "Security-by-Contract (SxC) for Software and Services of Mobile Systems," in At your service: Service Engineering in the Information Society Technologies Program. MIT press, 2008.
129. G. Costa, N. Dragoni, A. Lazouski, F. Martinelli, F. Massacci, and I. Matteucci, "Extending Security-by-Contract with Quantitative Trust on Mobile Devices," Complex, Intelligent and Software Intensive Systems, International Conference, vol. 0, pp. 872-877, 2010.
130. J. Cheng, S. H. Wong, H. Yang, and S. Lu, "SmartSiren: virus detection and alert for smartphones," in MobiSys '07: Proceedings of the 5th international conference on Mobile systems, applications and services. New York, NY, USA: ACM, 2007, pp. 258-271. (Pubitemid 47620930)
131. E. V. Ruitenbeek, T. Courtney, W. H. Sanders, and F. Stevens, "Quantifying the Effectiveness of Mobile Phone Virus Response Mechanisms," in DSN '07: Proceedings of the 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. Washington, DC, USA: IEEE Computer Society, 2007, pp. 790-800.
132. M. Miettinen and P. Halonen, "Host-Based Intrusion Detection for Advanced Mobile Devices," in AINA '06: Proceedings of the 20th International Conference on Advanced Information Networking and Applications. Washington, DC, USA: IEEE Computer Society, 2006, pp. 72-76. (Pubitemid 44761304)
133. C. Mulliner, G. Vigna, D. Dagon, and W. Lee, "Using Labeling to Prevent Cross-Service Attacks Against Smart Phones," in Proceedings of the Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), ser. LNCS, vol. 4064. Berlin, Germany: Springer, July 2006, pp. 91-108. (Pubitemid 44124004)
134. M. Becher and R. Hund, "Kernel-Level Interception and Applications on Mobile Devices," Department for Mathematics and Computer Science, University of Mannheim, Tech. Rep. TR-2008-003, 2009.
135. A.-D. Schmidt, J. H. Clausen, S. A. Camtepe, and S. Albayrak, "Detecting Symbian OS Malware through Static Function Call Analysis," in Proceedings of the 4th IEEE International Conference on Malicious and Unwanted Software (Malware 2009). IEEE, 2009, pp. 15-22.
136. A.-D. Schmidt, R. Bye, H.-G. Schmidt, J. H. Clausen, O. Kiraz, K. A. Y?uksel, S. A. Ç amtepe, and S. Albayrak, "Static Analysis of Executables for Collaborative Malware Detection on Android," in Proceedings of IEEE International Conference on Communications, ICC 2009, Dresden, Germany, 14-18 June 2009. IEEE, 2009, pp. 1-5.
137. T. Isohara, K. Takemori, and I. Sasase, "Anomaly Detection on Mobile Phone Based Operational Behavior," IPSJ Digital Courier, vol. 4, no. 0, pp. 9-17, 2008.
138. S. Zahid, M. Shahzad, S. Khayam, and M. Farooq, "Keystroke-Based User Identification on Smart Phones," in Recent Advances in Intrusion Detection, ser. Lecture Notes in Computer Science, E. Kirda, S. Jha, and D. Balzarotti, Eds. Springer Berlin / Heidelberg, 2009, vol. 5758, pp. 224-243.
139. T. S. Yap and H. T. Ewe, "A Mobile Phone Malicious Software Detection Model with Behavior Checker," in Web and Communication Technologies and Internet-Related Social Issues - HSI 2005, 3rd International Conference on Human.Society@Internet, Tokyo, Japan, July 27-29, 2005, Proceedings, ser. Lecture Notes in Computer Science, vol. 3597. Springer, 2005, pp. 57-65. (Pubitemid 41435937)
140. C. Mulliner and G. Vigna, "Vulnerability Analysis of MMS User Agents," in Computer Security Applications Conference, 2006. ACSAC '06. 22nd Annual, dec. 2006, pp. 77-88.
141. G. Yan, S. Eidenbenz, and E. Galli, "SMS-Watchdog: Profiling Social Behaviors of SMS Users for Anomaly Detection," in RAID '09: Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection. Berlin, Heidelberg: Springer-Verlag, 2009, pp. 202-223.
142. D. S. Troy Vennon, "Threat Analysis of the Android Market," SMobile Systems, Tech. Rep., June 2010.
143. S. M. Habib, C. Jacob, and T. Olovsson, "An Analysis of the Robustness and Stability of the Network Stack in Symbian-based Smartphones," Journal of Networks, vol. 4, no. 10, pp. 968-975, 2009.
144. T. Badura and M. Becher, "Testing the Symbian OS Platform Security Architecture," in Advanced Information Networking and Applications, 2009. AINA '09. International Conference on, may 2009, pp. 838- 844.
145. J. de Haas, "Symbian phone Security," 2005. [Online]. Available: http://www.blackhat.com/ presentations/bh-europe-05/ BH EU 05-deHaas.pdf
146. A.-D. Schmidt, H.-G. Schmidt, J. Clausen, K. A. Yksel, O. Kiraz, A. Camtepe, and S. Albayrak, "Enhancing Security of Linuxbased Android Devices," in Proceedings of 15th International Linux Kongress. Lehmann, Oct 2008.
147. A.-D. Schmidt, H.-G. Schmidt, L. Batyuk, J. H. Clausen, S. A. Camtepe, S. Albayrak, and C. Yildizli, "Smartphone Malware Evolution Revisited: Android Next Target?" in Proceedings of the 4th IEEE International Conference on Malicious and Unwanted Software (Malware 2009). IEEE, 2009, pp. 1-7.
148. A.-D. Schmidt, R. Bye, H.-G. Schmidt, K. A. Yksel, O. Kiraz, J. Clausen, K. Raddatz, A. Camtepe, and S. Albayrak, "Monitoring Android for Collaborative Anomaly Detection: A First Architectural Draft," Technische Universit?at Berlin - DAI-Labor, Tech. Rep. TUB-DAI 08/08-02, Aug 2008. [Online]. Available: http://www. dai-labor.de/fileadmin/files/publications/080 8-02 DAI TechReport Monitoring Android.pdf
149. W. Enck, M. Ongtang, and P. McDaniel, "Understanding Android Security," IEEE Security and Privacy, vol. 7, pp. 50-57, January 2009.
150. A. Shabtai, Y. Fledel, U. Kanonov, Y. Elovici, S. Dolev, and C. Glezer, "Google Android: A Comprehensive Security Assessment," IEEE Security and Privacy, vol. 8, pp. 35-44, 2010.
151. A. Shabtai, Y. Fledel, and Y. Elovici, "Securing Android-Powered Mobile Devices Using SELinux," IEEE Security and Privacy, vol. 8, pp. 36-44, May 2010.
152. W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri, "A study of Android application security," in Proceedings of the 20th USENIX conference on Security, ser. SEC'11. Berkeley, CA, USA: USENIX Association, 2011, pp. 21-21. [Online]. Available: http://dl.acm.org/citation.cfm?id=2028067.2028088
153. S. Dai, Y. Liu, T. Wang, T. Wei, and W. Zou, "Behavior-Based Malware Detection on Mobile Phone," in Wireless Communications Networking and Mobile Computing (WiCOM), 2010 6th International Conference on, Sept 2010, pp. 1-4.
154. Y. Ikebe, T. Nakayama, M. Katagiri, S. Kawasaki, H. Abe, T. Shinagawa, and K. Kato, "Efficient Anomaly Detection System for Mobile Handsets," in SECURWARE '08: Proceedings of the 2008 Second International Conference on Emerging Security Information, Systems and Technologies. Washington, DC, USA: IEEE Computer Society, 2008, pp. 154-160.
155. D. Reisinger, "Android, iPhone Security: 10 Ways to Avoid Personal Data Theft," 2011. [Online]. Available: http://tinyurl.com/239npbj
156. X. Zhang, O. Aciiçmez, and J.-P. Seifert, "A trusted mobile phone reference architecture via secure kernel," in STC '07: Proceedings of the 2007 ACM workshop on Scalable trusted computing. NewYork, NY, USA: ACM, 2007, pp. 7-14.
157. D. Muthukumaran, A. Sawani, J. Schiffman, B. M. Jung, and T. Jaeger, "Measuring integrity on mobile phone systems," in SACMAT '08: Proceedings of the 13th ACM symposium on Access control models and technologies. New York, NY, USA: ACM, 2008, pp. 155-164.
158. X. Zhang, O. Aciiçmez, and J.-P. Seifert, "Building Efficient Integrity Measurement and Attestation for Mobile Phone Platforms," in Security and Privacy in Mobile Information and Communication Systems, First International ICST Conference, MobiSec 2009, Turin, Italy, June 3-5, 2009, Revised Selected Papers, ser. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol. 17. Springer, 2009, pp. 71-82.
159. Trusted Computing Group, "TCG TPM Main Part 1 Design Principles Specification Version 1.2, revision 62," Oct 2003.
160. "TCG Mobile Reference Architecture Specification Version 1.0, Revision 1," Jun 2007.
161. R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn, "Design and implementation of a TCG-based integrity measurement architecture," in Proceedings of the 13th conference on USENIX Security Symposium - Volume 13, ser. SSYM'04. Berkeley, CA, USA: USENIX Association, 2004, pp. 16-16.
162. T. Jaeger, R. Sailer, and U. Shankar, "PRIMA: policy-reduced integrity measurement architecture," in SACMAT '06: Proceedings of the eleventh ACM symposium on Access control models and technologies. New York, NY, USA: ACM, 2006, pp. 19-28. (Pubitemid 44300738)
163. A. U. Schmidt, N. Kuntze, and M. Kasper, "On the Deployment of Mobile Trusted Modules," in Wireless Communications and Network ing Conference, 2008. WCNC 2008. IEEE, mar. 2008, pp. 3169-3174.
164. J. Grossschadl, T. Vejda, and D. Page, "Reassessing the TCG specifications for trusted computing in mobile and embedded systems," in Proceedings of the 2008 IEEE International Workshop on Hardware- Oriented Security and Trust. Washington, DC, USA: IEEE Computer Society, 2008, pp. 84-90.
165. O. Aciiçmez, A. Latifi, J.-P. Seifert, and X. Zhang, "A Trusted Mobile Phone Prototype," in Consumer Communications and Networking Conference, 2008. CCNC 2008. 5th IEEE, jan. 2008, pp. 1208-1209.