In today’s era, where mobile devices have become an integral part of our daily lives, ensuring the security of mobile applications has become increasingly crucial. Mobile penetration testing, a specialized subfield w...In today’s era, where mobile devices have become an integral part of our daily lives, ensuring the security of mobile applications has become increasingly crucial. Mobile penetration testing, a specialized subfield within the realm of cybersecurity, plays a vital role in safeguarding mobile ecosystems against the ever-evolving landscape of threats. The ubiquity of mobile devices has made them a prime target for cybercriminals, and the data and functionality accessed through mobile applications make them valuable assets to protect. Mobile penetration testing is designed to identify vulnerabilities, weaknesses, and potential exploits within mobile applications and the devices themselves. Unlike traditional penetration testing, which often focuses on network and server security, mobile penetration testing zeroes in on the unique challenges posed by mobile platforms. Mobile penetration testing, a specialized field within cybersecurity, is an essential tool in the Cybersecurity specialists’ toolkit to protect mobile ecosystems from emerging threats. This article introduces mobile penetration testing, emphasizing its significance, including comprehensive learning labs for Android and iOS platforms, and highlighting how it distinctly differs from traditional penetration testing methodologies.展开更多
Nowadays,with the significant growth of the mobile market,security issues on the Android Operation System have also become an urgent matter.Trusted execution environment(TEE)technologies are considered an option for s...Nowadays,with the significant growth of the mobile market,security issues on the Android Operation System have also become an urgent matter.Trusted execution environment(TEE)technologies are considered an option for satisfying the inviolable property by taking advantage of hardware security.However,for Android,TEE technologies still contain restrictions and limitations.The first issue is that non-original equipment manufacturer developers have limited access to the functionality of hardware-based TEE.Another issue of hardware-based TEE is the cross-platform problem.Since every mobile device supports different TEE vendors,it becomes an obstacle for developers to migrate their trusted applications to other Android devices.A software-based TEE solution is a potential approach that allows developers to customize,package and deliver the product efficiently.Motivated by that idea,this paper introduces a VTEE model,a software-based TEE solution,on Android devices.This research contributes to the analysis of the feasibility of using a virtualized TEE on Android devices by considering two metrics:computing performance and security.The experiment shows that the VTEE model can host other software-based TEE services and deliver various cryptography TEE functions on theAndroid environment.The security evaluation shows that adding the VTEE model to the existing Android does not addmore security issues to the traditional design.Overall,this paper shows applicable solutions to adjust the balance between computing performance and security.展开更多
As mobile networks become high speed and attain an all-IP structure, more services are possible. This brings about many new security requirements that traditional security programs cannot handle. This paper analyzes s...As mobile networks become high speed and attain an all-IP structure, more services are possible. This brings about many new security requirements that traditional security programs cannot handle. This paper analyzes security threats and the needs of 3G/4G mobile networks, and then proposes a novel protection scheme for them based on their whole structure. In this scheme, a trusted computing environment is constructed on the mobile terminal side by combining software validity verification with access control. At the security management center, security services such as validity verification and integrity check are provided to mobile terminals. In this way, terminals and the network as a whole are secured to a much greater extent. This paper also highlights problems to be addressed in future research and development.展开更多
The article describes the layered model of physical network and information security, and the establishment of the mobile Internet’s security framework based on its network architecture. The mobile Internet has three...The article describes the layered model of physical network and information security, and the establishment of the mobile Internet’s security framework based on its network architecture. The mobile Internet has three parts, i.e. terminal, network and service system, each of which can be studied in four layers of the network and information security, namely, the equipment/environment security layer, the service and application security layer, the information security layer and the information content security layer.展开更多
The dominance of Android in the global mobile market and the open development characteristics of this platform have resulted in a significant increase in malware.These malicious applications have become a serious conc...The dominance of Android in the global mobile market and the open development characteristics of this platform have resulted in a significant increase in malware.These malicious applications have become a serious concern to the security of Android systems.To address this problem,researchers have proposed several machine-learning models to detect and classify Android malware based on analyzing features extracted from Android samples.However,most existing studies have focused on the classification task and overlooked the feature selection process,which is crucial to reduce the training time and maintain or improve the classification results.The current paper proposes a new Android malware detection and classification approach that identifies the most important features to improve classification performance and reduce training time.The proposed approach consists of two main steps.First,a feature selection method based on the Attention mechanism is used to select the most important features.Then,an optimized Light Gradient Boosting Machine(LightGBM)classifier is applied to classify the Android samples and identify the malware.The feature selection method proposed in this paper is to integrate an Attention layer into a multilayer perceptron neural network.The role of the Attention layer is to compute the weighted values of each feature based on its importance for the classification process.Experimental evaluation of the approach has shown that combining the Attention-based technique with an optimized classification algorithm for Android malware detection has improved the accuracy from 98.64%to 98.71%while reducing the training time from 80 to 28 s.展开更多
The security problem of mobile agents is widely being discussed. The problem which protects mobile agents from malicious hosts is difficult to solve, because a host has access to the complete internal state of an agen...The security problem of mobile agents is widely being discussed. The problem which protects mobile agents from malicious hosts is difficult to solve, because a host has access to the complete internal state of an agent. Forward integrity in mobile agents guarantees that offers contained in a mobile agent from previously visited host can not be modified by a malicious host. Itinerary secrecy can prevent mobile agent from being passively attack. This paper proposes a new forward integrity and itinerary secrecy protocol for mobile agent. The protocol can also resist collusion truncation attack.展开更多
With the commercialization of 5th-generation mobile communications(5G)networks,a large-scale internet of things(IoT)environment is being built.Security is becoming increasingly crucial in 5G network environments due t...With the commercialization of 5th-generation mobile communications(5G)networks,a large-scale internet of things(IoT)environment is being built.Security is becoming increasingly crucial in 5G network environments due to the growing risk of various distributed denial of service(DDoS)attacks across vast IoT devices.Recently,research on automated intrusion detection using machine learning(ML)for 5G environments has been actively conducted.However,5G traffic has insufficient data due to privacy protection problems and imbalance problems with significantly fewer attack data.If this data is used to train an ML model,it will likely suffer from generalization errors due to not training enough different features on the attack data.Therefore,this paper aims to study a training method to mitigate the generalization error problem of the ML model that classifies IoT DDoS attacks even under conditions of insufficient and imbalanced 5G traffic.We built a 5G testbed to construct a 5G dataset for training to solve the problem of insufficient data.To solve the imbalance problem,synthetic minority oversampling technique(SMOTE)and generative adversarial network(GAN)-based conditional tabular GAN(CTGAN)of data augmentation were used.The performance of the trained ML models was compared and meaningfully analyzed regarding the generalization error problem.The experimental results showed that CTGAN decreased the accuracy and f1-score compared to the Baseline.Still,regarding the generalization error,the difference between the validation and test results was reduced by at least 1.7 and up to 22.88 times,indicating an improvement in the problem.This result suggests that the ML model training method that utilizes CTGANs to augment attack data for training data in the 5G environment mitigates the generalization error problem.展开更多
Various mobile devices and applications are now used in daily life.These devices require high-speed data processing,low energy consumption,low communication latency,and secure data transmission,especially in 5G and 6G...Various mobile devices and applications are now used in daily life.These devices require high-speed data processing,low energy consumption,low communication latency,and secure data transmission,especially in 5G and 6G mobile networks.High-security cryptography guarantees that essential data can be transmitted securely;however,it increases energy consumption and reduces data processing speed.Therefore,this study proposes a low-energy data encryption(LEDE)algorithm based on the Advanced Encryption Standard(AES)for improving data transmission security and reducing the energy consumption of encryption in Internet-of-Things(IoT)devices.In the proposed LEDE algorithm,the system time parameter is employed to create a dynamic S-Box to replace the static S-Box of AES.Tests indicated that six-round LEDE encryption achieves the same security level as 10-round conventional AES encryption.This reduction in encryption time results in the LEDE algorithm having a 67.4%lower energy consumption and 43.9%shorter encryption time than conventional AES;thus,the proposed LEDE algorithm can improve the performance and the energy consumption of IoT edge devices.展开更多
Our today’s world is becoming digital and mobile. Exploiting the advantages of wireless communication protocols is not only for telecommunication purposes, but also for payments, interaction with intelligent vehicles...Our today’s world is becoming digital and mobile. Exploiting the advantages of wireless communication protocols is not only for telecommunication purposes, but also for payments, interaction with intelligent vehicles, etc. One of the most widespread wireless capabilities is the Bluetooth protocol. Just in 2010, 906 million mobile Bluetooth enabled phones had been sold, and in 2011, there were more than 40 million Bluetooth enabled health and medical devices on the market. Still in 2011, one third of all new vehicles produced worldwide included Bluetooth technology. Security and privacy protection is key in the digital world of today. There are security and privacy risks such as device tracking, communication eavesdropping, etc., which may come from improper Bluetooth implementation with very severe consequences for the users. The objective of this paper is to analyze the usage of Bluetooth in m-commerce and m-payment fields. The steps undertaken in this paper in order to come to a proposal for a secure architecture are the analysis of the state of the art of the relevant specifications, the existing risks and the known vulnerabilities the related known attacks. Therefore, we give first an overview of the general characteristics of Bluetooth technology today, going deeper in the analysis of Bluetooth stack’s layers and the security features offered by the specifications. After this analysis of the specifications, we study how known vulnerabilities have been exploited with a comprehensive list of known attacks, which poses serious threats for the users. With all these elements as background, we conclude the paper proposing a design for Secure Architecture for Bluetooth-Enhanced Mobile “Smart” Commerce Environments.展开更多
Modern mobile devices provide a wide variety of services.Users are able to access these services for many sensitive tasks relating to their everyday lives(e.g.,finance,home,or contacts).However,these services also pro...Modern mobile devices provide a wide variety of services.Users are able to access these services for many sensitive tasks relating to their everyday lives(e.g.,finance,home,or contacts).However,these services also provide new attack surfaces to attackers.Many efforts have been devoted to protecting mobile users from privacy leakage.In this work,we study state-of-the-art techniques for the detection and protection of privacy leakage and discuss the evolving trends of privacy research.展开更多
Activity hijacking is one of the most powerful attacks in Android. Though promising, all the prior activity hijacking attacks suffer from some limitations and have limited attack capabilities. They no longer pose secu...Activity hijacking is one of the most powerful attacks in Android. Though promising, all the prior activity hijacking attacks suffer from some limitations and have limited attack capabilities. They no longer pose security threats in recent Android due to the presence of effective defense mechanisms. In this work, we propose the first automated and adaptive activity hijacking attack, named VenomAttack, enabling a spectrum of customized attacks (e.g., phishing, spoofing, and DoS) on a large scale in recent Android, even the state-of-the-art defense mechanisms are deployed. Specifically, we propose to use hotpatch techniques to identify vulnerable devices and update attack payload without re-installation and re-distribution, hence bypassing offline detection. We present a newly-discovered flaw in Android and a bug in derivatives of Android, each of which allows us to check if a target app is running in the background or not, by which we can determine the right attack timing via a designed transparent activity. We also propose an automated fake activity generation approach, allowing large-scale attacks. Requiring only the common permission INTERNET, we can hijack activities at the right timing without destroying the GUI integrity of the foreground app. We conduct proof-of-concept attacks, showing that VenomAttack poses severe security risks on recent Android versions. The user study demonstrates the effectiveness of VenomAttack in real-world scenarios, achieving a high success rate (95%) without users’ awareness. That would call more attention to the stakeholders like Google.展开更多
文摘In today’s era, where mobile devices have become an integral part of our daily lives, ensuring the security of mobile applications has become increasingly crucial. Mobile penetration testing, a specialized subfield within the realm of cybersecurity, plays a vital role in safeguarding mobile ecosystems against the ever-evolving landscape of threats. The ubiquity of mobile devices has made them a prime target for cybercriminals, and the data and functionality accessed through mobile applications make them valuable assets to protect. Mobile penetration testing is designed to identify vulnerabilities, weaknesses, and potential exploits within mobile applications and the devices themselves. Unlike traditional penetration testing, which often focuses on network and server security, mobile penetration testing zeroes in on the unique challenges posed by mobile platforms. Mobile penetration testing, a specialized field within cybersecurity, is an essential tool in the Cybersecurity specialists’ toolkit to protect mobile ecosystems from emerging threats. This article introduces mobile penetration testing, emphasizing its significance, including comprehensive learning labs for Android and iOS platforms, and highlighting how it distinctly differs from traditional penetration testing methodologies.
基金This work was partly supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea Government(MSIT),(No.2020-0-00952,Development of 5G edge security technology for ensuring 5G+service stability and availability,50%)the Institute of Information and Communications Technology Planning and Evaluation(IITP)grant funded by the MSIT(Ministry of Science and ICT),Korea(No.IITP-2022-2020-0-01602,ITRC(Information Technology Research Center)support program,50%).
文摘Nowadays,with the significant growth of the mobile market,security issues on the Android Operation System have also become an urgent matter.Trusted execution environment(TEE)technologies are considered an option for satisfying the inviolable property by taking advantage of hardware security.However,for Android,TEE technologies still contain restrictions and limitations.The first issue is that non-original equipment manufacturer developers have limited access to the functionality of hardware-based TEE.Another issue of hardware-based TEE is the cross-platform problem.Since every mobile device supports different TEE vendors,it becomes an obstacle for developers to migrate their trusted applications to other Android devices.A software-based TEE solution is a potential approach that allows developers to customize,package and deliver the product efficiently.Motivated by that idea,this paper introduces a VTEE model,a software-based TEE solution,on Android devices.This research contributes to the analysis of the feasibility of using a virtualized TEE on Android devices by considering two metrics:computing performance and security.The experiment shows that the VTEE model can host other software-based TEE services and deliver various cryptography TEE functions on theAndroid environment.The security evaluation shows that adding the VTEE model to the existing Android does not addmore security issues to the traditional design.Overall,this paper shows applicable solutions to adjust the balance between computing performance and security.
基金funded by the National High-Technology Research and Development Program of China"(863"Program)under Grant No.2009AA01Z427
文摘As mobile networks become high speed and attain an all-IP structure, more services are possible. This brings about many new security requirements that traditional security programs cannot handle. This paper analyzes security threats and the needs of 3G/4G mobile networks, and then proposes a novel protection scheme for them based on their whole structure. In this scheme, a trusted computing environment is constructed on the mobile terminal side by combining software validity verification with access control. At the security management center, security services such as validity verification and integrity check are provided to mobile terminals. In this way, terminals and the network as a whole are secured to a much greater extent. This paper also highlights problems to be addressed in future research and development.
基金supported by the National HighTechnology Research and Development Programof China ("863" Program) under Grant No.2008AA01A204
文摘The article describes the layered model of physical network and information security, and the establishment of the mobile Internet’s security framework based on its network architecture. The mobile Internet has three parts, i.e. terminal, network and service system, each of which can be studied in four layers of the network and information security, namely, the equipment/environment security layer, the service and application security layer, the information security layer and the information content security layer.
基金This work was funded by the Deanship of Graduate Studies and Scientific Research at Jouf University under Grant No.(DGSSR-2023-02-02178).
文摘The dominance of Android in the global mobile market and the open development characteristics of this platform have resulted in a significant increase in malware.These malicious applications have become a serious concern to the security of Android systems.To address this problem,researchers have proposed several machine-learning models to detect and classify Android malware based on analyzing features extracted from Android samples.However,most existing studies have focused on the classification task and overlooked the feature selection process,which is crucial to reduce the training time and maintain or improve the classification results.The current paper proposes a new Android malware detection and classification approach that identifies the most important features to improve classification performance and reduce training time.The proposed approach consists of two main steps.First,a feature selection method based on the Attention mechanism is used to select the most important features.Then,an optimized Light Gradient Boosting Machine(LightGBM)classifier is applied to classify the Android samples and identify the malware.The feature selection method proposed in this paper is to integrate an Attention layer into a multilayer perceptron neural network.The role of the Attention layer is to compute the weighted values of each feature based on its importance for the classification process.Experimental evaluation of the approach has shown that combining the Attention-based technique with an optimized classification algorithm for Android malware detection has improved the accuracy from 98.64%to 98.71%while reducing the training time from 80 to 28 s.
基金Supported by the National Natural Science Foun-dation of China (60373087 ,60473023 ,90104005)
文摘The security problem of mobile agents is widely being discussed. The problem which protects mobile agents from malicious hosts is difficult to solve, because a host has access to the complete internal state of an agent. Forward integrity in mobile agents guarantees that offers contained in a mobile agent from previously visited host can not be modified by a malicious host. Itinerary secrecy can prevent mobile agent from being passively attack. This paper proposes a new forward integrity and itinerary secrecy protocol for mobile agent. The protocol can also resist collusion truncation attack.
基金This work was supported by Institute of Information&communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.2021-0-00796Research on Foundational Technologies for 6GAutonomous Security-by-Design toGuarantee Constant Quality of Security).
文摘With the commercialization of 5th-generation mobile communications(5G)networks,a large-scale internet of things(IoT)environment is being built.Security is becoming increasingly crucial in 5G network environments due to the growing risk of various distributed denial of service(DDoS)attacks across vast IoT devices.Recently,research on automated intrusion detection using machine learning(ML)for 5G environments has been actively conducted.However,5G traffic has insufficient data due to privacy protection problems and imbalance problems with significantly fewer attack data.If this data is used to train an ML model,it will likely suffer from generalization errors due to not training enough different features on the attack data.Therefore,this paper aims to study a training method to mitigate the generalization error problem of the ML model that classifies IoT DDoS attacks even under conditions of insufficient and imbalanced 5G traffic.We built a 5G testbed to construct a 5G dataset for training to solve the problem of insufficient data.To solve the imbalance problem,synthetic minority oversampling technique(SMOTE)and generative adversarial network(GAN)-based conditional tabular GAN(CTGAN)of data augmentation were used.The performance of the trained ML models was compared and meaningfully analyzed regarding the generalization error problem.The experimental results showed that CTGAN decreased the accuracy and f1-score compared to the Baseline.Still,regarding the generalization error,the difference between the validation and test results was reduced by at least 1.7 and up to 22.88 times,indicating an improvement in the problem.This result suggests that the ML model training method that utilizes CTGANs to augment attack data for training data in the 5G environment mitigates the generalization error problem.
基金This work was supported by the National Science and Technology Council,Taiwan,under Project NSTC 112-2221-E-029-015.
文摘Various mobile devices and applications are now used in daily life.These devices require high-speed data processing,low energy consumption,low communication latency,and secure data transmission,especially in 5G and 6G mobile networks.High-security cryptography guarantees that essential data can be transmitted securely;however,it increases energy consumption and reduces data processing speed.Therefore,this study proposes a low-energy data encryption(LEDE)algorithm based on the Advanced Encryption Standard(AES)for improving data transmission security and reducing the energy consumption of encryption in Internet-of-Things(IoT)devices.In the proposed LEDE algorithm,the system time parameter is employed to create a dynamic S-Box to replace the static S-Box of AES.Tests indicated that six-round LEDE encryption achieves the same security level as 10-round conventional AES encryption.This reduction in encryption time results in the LEDE algorithm having a 67.4%lower energy consumption and 43.9%shorter encryption time than conventional AES;thus,the proposed LEDE algorithm can improve the performance and the energy consumption of IoT edge devices.
文摘Our today’s world is becoming digital and mobile. Exploiting the advantages of wireless communication protocols is not only for telecommunication purposes, but also for payments, interaction with intelligent vehicles, etc. One of the most widespread wireless capabilities is the Bluetooth protocol. Just in 2010, 906 million mobile Bluetooth enabled phones had been sold, and in 2011, there were more than 40 million Bluetooth enabled health and medical devices on the market. Still in 2011, one third of all new vehicles produced worldwide included Bluetooth technology. Security and privacy protection is key in the digital world of today. There are security and privacy risks such as device tracking, communication eavesdropping, etc., which may come from improper Bluetooth implementation with very severe consequences for the users. The objective of this paper is to analyze the usage of Bluetooth in m-commerce and m-payment fields. The steps undertaken in this paper in order to come to a proposal for a secure architecture are the analysis of the state of the art of the relevant specifications, the existing risks and the known vulnerabilities the related known attacks. Therefore, we give first an overview of the general characteristics of Bluetooth technology today, going deeper in the analysis of Bluetooth stack’s layers and the security features offered by the specifications. After this analysis of the specifications, we study how known vulnerabilities have been exploited with a comprehensive list of known attacks, which poses serious threats for the users. With all these elements as background, we conclude the paper proposing a design for Secure Architecture for Bluetooth-Enhanced Mobile “Smart” Commerce Environments.
基金This work is supported by the Science and Technology Commission of Shanghai Municipality(No.15511103003)the National Natural Science Foundation of China(No.61602121)the Open Project of Beijing Key Laboratory of IoT Information Security Technology(No.J6V0011104)。
文摘Modern mobile devices provide a wide variety of services.Users are able to access these services for many sensitive tasks relating to their everyday lives(e.g.,finance,home,or contacts).However,these services also provide new attack surfaces to attackers.Many efforts have been devoted to protecting mobile users from privacy leakage.In this work,we study state-of-the-art techniques for the detection and protection of privacy leakage and discuss the evolving trends of privacy research.
基金supported by the National Natural Science Foundation of China (Grant Nos. 62072309 and 6171101225).
文摘Activity hijacking is one of the most powerful attacks in Android. Though promising, all the prior activity hijacking attacks suffer from some limitations and have limited attack capabilities. They no longer pose security threats in recent Android due to the presence of effective defense mechanisms. In this work, we propose the first automated and adaptive activity hijacking attack, named VenomAttack, enabling a spectrum of customized attacks (e.g., phishing, spoofing, and DoS) on a large scale in recent Android, even the state-of-the-art defense mechanisms are deployed. Specifically, we propose to use hotpatch techniques to identify vulnerable devices and update attack payload without re-installation and re-distribution, hence bypassing offline detection. We present a newly-discovered flaw in Android and a bug in derivatives of Android, each of which allows us to check if a target app is running in the background or not, by which we can determine the right attack timing via a designed transparent activity. We also propose an automated fake activity generation approach, allowing large-scale attacks. Requiring only the common permission INTERNET, we can hijack activities at the right timing without destroying the GUI integrity of the foreground app. We conduct proof-of-concept attacks, showing that VenomAttack poses severe security risks on recent Android versions. The user study demonstrates the effectiveness of VenomAttack in real-world scenarios, achieving a high success rate (95%) without users’ awareness. That would call more attention to the stakeholders like Google.