Potential for Data Loss from Security Protected Smartphones

Inhaltsverzeichnis (Table of Contents)

• Chapter 1
  • Introduction
  • 1.1 Background
  • 1.2 Project objectives
  • 1.3 Methods used
• Chapter 2 Understanding the Antivirus Application
  • 2.1 Introduction
  • 2.2 Components of a conventional or computer Antivirus
  • 2.3 Components of a Smartphone antivirus
  • 2.4 Comparison of computer antivirus and Smartphone antivirus
  • 2.5 Smartphone Security for enterprises
• Chapter 3 An overview of iOS and Android security features
  • 3.1 Introduction
  • 3.2 Security features of Apple iOS
  • 3.3 Security features of Google Android
• Chapter 4 Testing ‘Proof of Concept’ Smartphone malware against antivirus software
  • 4.1 Introduction
  • 4.2 The testing process
    • 4.2.1 Rooting Android for HTC G1
    • 4.2.2 Running the BOT application as root
    • 4.2.3 Testing the Smartphone Antivirus
  • 4.3 Test results
• Chapter 5 Attacks on Smartphones
  • 5.1 Introduction
  • 5.2 Attacks and threats to Smartphone
    • 5.2.1 Malicious Applications such as, Virus, Malware and Trojan
    • 5.2.2 Vulnerabilities
    • 5.2.3 False positive detection
    • 5.2.4 Removable card
    • 5.2.5 Loss of device
    • 5.2.6 Social Engineering
• Chapter 6 Analysis of cloud based security solutions

Zielsetzung und Themenschwerpunkte (Objectives and Key Themes)

This project examines the threats to smartphones and discusses potential protective measures. It explores security solutions and best practices for both individual users and businesses, analyzing possible threats, their sources, likelihood of impact, and corresponding preventative measures. The project aims to provide a comprehensive overview and conclusion.

• The differences and similarities between conventional computer antivirus and smartphone antivirus solutions
• The security features implemented by Apple iOS and Google Android platforms
• The effectiveness of smartphone antivirus software in detecting malicious activity by root applications
• Common attacks on smartphones, including malicious applications, vulnerabilities, false positive detections, removable card vulnerabilities, device loss, and social engineering attacks
• The potential of cloud-based security solutions for enhancing smartphone security

Zusammenfassung der Kapitel (Chapter Summaries)

Chapter 1 provides an overview of the project, outlining the background, objectives, and methods used. It defines key terms such as smartphone, malware, Trojan horse, and root kit, which will be referenced throughout the document.

Chapter 2 delves into the components of antivirus software for both computer and smartphone users, analyzing their differences and similarities. It explores how traditional antivirus features may be applied to enhance smartphone security.

Chapter 3 investigates the security features of Apple iOS and Google Android platforms, focusing on traditional access control, application provenance, encryption, isolation, and permission-based access control. It discusses vulnerabilities and exploits for both operating systems.

Chapter 4 tests a proof-of-concept smartphone malware against trial versions of antivirus software. The chapter describes the rooting process for an HTC G1 Android phone and explains how the malware was run as root. The results demonstrate limitations of antivirus software in detecting kernel-level malicious activity on smartphones.

Chapter 5 comprehensively analyzes attacks on smartphones, detailing various threats, sources, impacts, and potential protective measures. It covers malicious applications, vulnerabilities, false positive detection, removable card vulnerabilities, device loss, and social engineering attacks.

Chapter 6 explores the potential of cloud-based security solutions to enhance smartphone security, highlighting their benefits for both individual users and businesses. It discusses the operation of cloud-based security services and identifies key vendors in the market.

Schlüsselwörter (Keywords)

This project focuses on key topics such as smartphone security, antivirus software, mobile device security, iOS, Android, malware, root kits, Trojan horse, vulnerabilities, cloud security, and social engineering attacks. The discussion includes key terms such as access control, application provenance, encryption, isolation, permission-based access control, false positive detection, and device management.