A Survey of Security and Privacy Protection in Mobile Devices

A Survey of Security and Privacy Protection in Mobile Devices

Brian Krupp (Cleveland State University, USA), Wenbing Zhao (Department of Electrical and Computer Engineering, Cleveland State University, USA) and Nigamanth Sridhar (Cleveland State University, USA)
Copyright: © 2015 |Pages: 10
DOI: 10.4018/978-1-4666-5888-2.ch414

Chapter Preview



Intrusion Detection and Prevention

Several methods have been proposed to protect mobile devices that have been used on traditional computing platforms. A common system to implement is an Intrusion Detection System (IDS). Two common methods to detect intrusions are signature based and anomaly based. A signature based IDS checks for a sequence of bytes within executable code that has been identified as malware from a signature provider. An anomaly based IDS checks for events and activity on the system to see if there is an anomaly from how a system is expected to operate. An IDS does not prevent intrusions but an Intrusion Prevention System (IPS) can. Preventing an intrusion from occurring is a challenge because a decision needs to be made real time if the operation to occur is valid or if it is part of an intrusion. This decision however should not affect the system from operating normally as the verification of the operation is typically blocking, meaning that future operations will not continue until verification is completed. This verification process prevents both a valid or intrusion based operation from occurring until the current operation being analyzed is verified to not be a threat. If this verification process is not completed fast enough, it may affect user experience or the system from operating to expected levels. This makes intrusion prevention systems less ideal for mobile systems as they are limited in computing power and need to make a decision immediately to prevent a poor user experience which has contributed to their fast adoption.

Key Terms in this Chapter

Proxy Server: A server that receives and forwards application requests such as web requests from a client to a destination. A proxy server enables the inspection of web traffic.

Intrusion Prevention System (IPS): A system that performs intrusion detection like functions however is able to prevent an intrusion activity.

Intrusion Detection System (IDS): A system that detects intrusion on a device through several methods including malware signature, system anomalies, and heuristic scanning.

Cloud Computing: A computing paradigm that offers computing as a utility to a consumer.

Encryption: A method for securing data at rest or in transit by modifying the data using generated keys and later decrypting it using the same or pair key.

Address Space Layout Randomization (ASLR): A method for randomizing the location of executable code and libraries in memory to help protect against exploitation of executable code through methods such as return oriented programming.

Advanced Encryption Standard (AES): A common standard for performing encryption with varying key sizes such as 128 bit and 256 bit.

Complete Chapter List

Search this Book: