Theoretical Analysis and Experimental Study: Monitoring Data Privacy in Smartphone Communications

Theoretical Analysis and Experimental Study: Monitoring Data Privacy in Smartphone Communications

Eralda Caushaj (CSE, Oakland University, Rochester, MI, USA), Huirong Fu (CSE, Oakland University, Rochester, MI, USA), Ishwar Sethi (CSE, Oakland University, Rochester, MI, USA), Haissam Badih (CSE, Oakland University, Rochester, MI, USA), Dion Watson (DET, Grambling State University, Grambling, LA, USA), Ye Zhu (ECE, Cleveland State University, Rochester, MI, USA) and Supeng Leng (SCIE, University of Electronic Science and Technology of China, Chenghua, Chendu, Sichuan, China)
DOI: 10.4018/jitn.2013040106
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

The importance of wireless cellular communication in our daily lives has grown considerably in the last decade. The smartphones are widely used nowadays, besides voice communication; the authors routinely use them to access the internet, conduct monetary transactions, send text messages and query a lot of useful information regarding the location of specific places of interest. The use of smartphones in their day-to-day communication raises many unresolved security and privacy issues. In this paper they identify relevant security attacks in Wireless Cellular Network. The authors conduct experiments in four different platforms such as Iphone, Android, Windows and Blackberry. The packets captured through Wireshark for approximately 24 minutes, giving them a lot of information regarding security and privacy issues involving the users. A lot of useful apps installed and used by the end-users have serious issues in terms of privacy and the information exposed. Which is the better platform comparing all four and what exactly do they expose from the user’s information? What are the threats and countermeasures that the users should be aware of? The aim of the authors’ paper is to give answers to the above questions based on the data captured by conducting real-life scenarios.
Article Preview

Introduction

The prediction and trend from the surveys conducted by Microsoft with customers show that by 2014 mobile internet should take over desktop internet usage (Richmond, 2011). The Pew Research Center Internet and American Life project shows that 55 percent of mobile end-users nowadays go online mostly through their mobile devices (Smith, 2012). Mobile Commerce Daily survey shows that 51.1 percent of mobile users check their email using only a mobile device. Users that conduct web-surfing exclusively through smartphone are around 45.3 percent. Also 25.4 percent of consumers conduct e-commerce using their phones. Regarding social networking the survey shows that 42.3 percent of users connect to Facebook and 14.8 percent use Twitter only from their mobile devices (Tode). As the Smartphone industry continues to grow, so does the concern of possible malicious attacks and privacy in communication. Statistics show that there are over 1.08 billion Smartphone users in the world today and 91.4 million of them are the U.S (“GO-Gulf,” 2012).

The market share of the smartphone platforms in 2011 were divided as detailed in Figure 1. Android had the largest market share than any other platform with 46.9 percent and Symbian the lowest one with 1.5 percent. Since the market share of the Symbian platform is too low compared to the other ones it was excluded. This study included four platforms: Iphone, Android, Windows, and Blackberry.

Figure 1.

The market share of the five platforms used by smartphone users in 2011

We conducted the experiments and analyzed the privacy attacks that the smartphone’ users are exposed. We used Wireshark, a network protocol analysis tool, to collect and process the data (“Riverbed Technology,” 2012). Wireshark allows one to capture information in packets transmitted over a wireless network. We analyzed the data captured and provided results of our discoveries concerning vulnerable information. Several papers list the possible security attacks that the network and user might face when accessing the internet through laptop and PCs, but our aim is to present the security threats in wireless cellular network and smartphones.

The main contribution in this paper is to identify the possible security and privacy attacks in the four most used smartphone platforms through experimental studies. The benefit of this study is to raise awareness among smartphone users of the potential threats that they are exposed by accessing web-applications especially through apps installed in their platforms. After identifying the relevant security attacks, we also propose some appropriate countermeasures and their estimated cost in the wireless cellular network. The benefit of identifying these possible attacks is to prevent attackers from invading the user and network security.

The remainder of this paper is organized as follows. First we describe the architecture of a wireless cellular network, by detailing all the components of the network. Afterwards a section that details the message flow of a query done by an end user through smartphone up to server response. Followed by our experiment setup and what equipment is involved, time frame and the application accessed. We next detail the data captured with Wireshark and all possible statistics that are helpful for our analysis. The data captured has been classified and analyzed based on four important protocols as HTTP, TCP, UDP, and SSL. Next we describe of the performance analysis in all four platforms by analyzing the Input/Output (IO) graphs and the response time for NotARP (Address Resolution Protocol), HTTP, TCP, and UDP packets. Afterwards a detail of several security attacks in a wireless cellular network and the proposed countermeasures. Finally, we then present the conclusion of this research.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 10: 4 Issues (2018): 1 Released, 3 Forthcoming
Volume 9: 4 Issues (2017)
Volume 8: 4 Issues (2016)
Volume 7: 4 Issues (2015)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing