Article Preview
TopIntroduction
The prediction and trend from the surveys conducted by Microsoft with customers show that by 2014 mobile internet should take over desktop internet usage (Richmond, 2011). The Pew Research Center Internet and American Life project shows that 55 percent of mobile end-users nowadays go online mostly through their mobile devices (Smith, 2012). Mobile Commerce Daily survey shows that 51.1 percent of mobile users check their email using only a mobile device. Users that conduct web-surfing exclusively through smartphone are around 45.3 percent. Also 25.4 percent of consumers conduct e-commerce using their phones. Regarding social networking the survey shows that 42.3 percent of users connect to Facebook and 14.8 percent use Twitter only from their mobile devices (Tode). As the Smartphone industry continues to grow, so does the concern of possible malicious attacks and privacy in communication. Statistics show that there are over 1.08 billion Smartphone users in the world today and 91.4 million of them are the U.S (“GO-Gulf,” 2012).
The market share of the smartphone platforms in 2011 were divided as detailed in Figure 1. Android had the largest market share than any other platform with 46.9 percent and Symbian the lowest one with 1.5 percent. Since the market share of the Symbian platform is too low compared to the other ones it was excluded. This study included four platforms: Iphone, Android, Windows, and Blackberry.
Figure 1. The market share of the five platforms used by smartphone users in 2011
We conducted the experiments and analyzed the privacy attacks that the smartphone’ users are exposed. We used Wireshark, a network protocol analysis tool, to collect and process the data (“Riverbed Technology,” 2012). Wireshark allows one to capture information in packets transmitted over a wireless network. We analyzed the data captured and provided results of our discoveries concerning vulnerable information. Several papers list the possible security attacks that the network and user might face when accessing the internet through laptop and PCs, but our aim is to present the security threats in wireless cellular network and smartphones.
The main contribution in this paper is to identify the possible security and privacy attacks in the four most used smartphone platforms through experimental studies. The benefit of this study is to raise awareness among smartphone users of the potential threats that they are exposed by accessing web-applications especially through apps installed in their platforms. After identifying the relevant security attacks, we also propose some appropriate countermeasures and their estimated cost in the wireless cellular network. The benefit of identifying these possible attacks is to prevent attackers from invading the user and network security.
The remainder of this paper is organized as follows. First we describe the architecture of a wireless cellular network, by detailing all the components of the network. Afterwards a section that details the message flow of a query done by an end user through smartphone up to server response. Followed by our experiment setup and what equipment is involved, time frame and the application accessed. We next detail the data captured with Wireshark and all possible statistics that are helpful for our analysis. The data captured has been classified and analyzed based on four important protocols as HTTP, TCP, UDP, and SSL. Next we describe of the performance analysis in all four platforms by analyzing the Input/Output (IO) graphs and the response time for NotARP (Address Resolution Protocol), HTTP, TCP, and UDP packets. Afterwards a detail of several security attacks in a wireless cellular network and the proposed countermeasures. Finally, we then present the conclusion of this research.