• Title/Summary/Keyword: Mobile Security Threats

Search Result 151, Processing Time 0.027 seconds

A Study on the Mobile Application Security Threats and Vulnerability Analysis Cases

  • Kim, Hee Wan
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.12 no.4
    • /
    • pp.180-187
    • /
    • 2020
  • Security threats are increasing with interest due to the mass spread of smart devices, and vulnerabilities in developed applications are being exposed while mobile malicious codes are spreading. The government and companies provide various applications for the public, and for reliability and security of applications, security checks are required during application development. In this paper, among the security threats that can occur in the mobile service environment, we set up the vulnerability analysis items to respond to security threats when developing Android-based applications. Based on the set analysis items, vulnerability analysis was performed by examining three applications of public institutions and private companies currently operating as mobile applications. As a result of application security checks used by three public institutions and companies, authority management and open module stability management were well managed. However, it was confirmed that many security vulnerabilities were found in input value verification, outside transmit data management, and data management. It is believed that it will contribute to improving the safety of mobile applications through the case of vulnerability analysis for Android application security.

A Security Reference Model for the Construction of Mobile Banking Services based on Smart Phones

  • Shin, Yong-Nyuo;Shin, Woo-Chang
    • International Journal of Fuzzy Logic and Intelligent Systems
    • /
    • v.11 no.4
    • /
    • pp.229-237
    • /
    • 2011
  • As smart phones have become widely adopted, they have brought about changes in individual lifestyles, as well as significant changes in the industry. As the mobile technology of smart phones has become associated with all areas of industry, it is not only accelerating innovation in other industries such as shopping, healthcare service, education, and finance, but is also creating new markets and business opportunities. The preparation of thorough security measures for smart phones is increasing in demand. While offering excellent mobility and convenience, smart phones can be exposed to a range of violation threats. In particular, it is necessary to make efforts to develop a security system that can preemptively cope with potential security threats in the banking service area, which requires a high level of reliability. This paper suggests a security reference model that is considered for the smart phone-based joint mobile banking development project being undertaken by the Bank of Korea in 2010. The purpose of this study is to make a security reference model for a reliable smart phone-based mobile financial service, by recognizing the specific security threats directed toward smart phones, and providing countermeasures to these security threats. The proposed mobile banking security reference model is useful in improving system security by systematically analyzing information security threats to the mobile financial service, and by presenting the guideline for the preparation of countermeasures.

A Study on the Analysis of Security Requirements through Literature Review of Threat Factors of 5G Mobile Communication

  • DongGyun Chu;Jinho Yoo
    • Journal of Information Processing Systems
    • /
    • v.20 no.1
    • /
    • pp.38-52
    • /
    • 2024
  • The 5G is the 5th generation mobile network that provides enhanced mobile broadband, ultra-reliable & low latency communications, and massive machine-type communications. New services can be provided through multi-access edge computing, network function virtualization, and network slicing, which are key technologies in 5G mobile communication. However, these new technologies provide new attack paths and threats. In this paper, we analyzed the overall threats of 5G mobile communication through a literature review. First, defines 5G mobile communication, analyzes its features and technology architecture, and summarizes possible security issues. Addition, it presents security threats from the perspective of user devices, radio access network, multi-access edge computing, and core networks that constitute 5G mobile communication. After that, security requirements for threat factors were derived through literature analysis. The purpose of this study is to conduct a fundamental analysis to examine and assess the overall threat factors associated with 5G mobile communication. Through this, it will be possible to protect the information and assets of individuals and organizations that use 5G mobile communication technology, respond to various threat situations, and increase the overall level of 5G security.

The study on a threat countermeasure of mobile cloud services (모바일 클라우드 서비스의 보안위협 대응 방안 연구)

  • Jang, Eun-Young;Kim, Hyung-Jong;Park, Choon-Sik;Kim, Joo-Young;Lee, Jae-Il
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.1
    • /
    • pp.177-186
    • /
    • 2011
  • Mobile services which are applied PC performance and mobile characteristics are increased with spread of the smartphone. Recently, mobile cloud service is getting the spotlight as a solution of mobile service problems that mobile device is lack of memory, computing power and storage and mobile services are subordinate to a particular mobile device platform. However, mobile cloud service has more potential security threats by the threat inheritance of mobile service, wireless network and cloud computing service. Therefore, security threats of mobile cloud service has to be removed in order to deploy secure mobile cloud services and user and manager should be able to respond appropriately in the event of threat. In this paper, We define mobile cloud service threats by threat analysis of mobile device, wireless network and cloud computing and we propose mobile cloud service countermeasures in order to respond mobile cloud service threats and threat scenarios in order to respond and predict to potential mobile cloud service threats.

Analysis of Security Threats from Increased Usage of Mobile App Services (모바일 앱 서비스 이용 증가로 인한 보안 위협 분석)

  • Choi, Heesik;Cho, Yanghyun
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.14 no.1
    • /
    • pp.45-55
    • /
    • 2018
  • Recently, because the arrival of the fourth industrial revolution era, many information and telecommunication services have grown rapidly in the mobile business market. So, companies are based Mobile Apps on user customized services and expanding their services. From the standpoint of the business, to generate revenue, the company needs to maintain the existing current computer environment and develop Mobile Apps to offer convenience in various areas such as finance, admiration, e-commerce and sales support. However, as the number of users increase due to expansion of various Mobile services, security threats that are related to Mobile Apps are increasing and its damage is also increasing. Due to the rapid technological transformation of Mobile devices using the Internet, the level of security threats to Smartphones are rising and getting more advance, so this thesis is structured as follows. In Chapter 2, it will look at the overall trends of Mobile Apps as related research. In Chapter 3, it will discuss various security concerns that related to the latest Mobile Apps and learn about the threatening factors. In Chapter 4, it will compare and analyze the threatening factors. Then it will find and suggest the possible plan. In Chapter 5, it will end with conclusion. Finally, to protect mobile devices from security threats, the environment of operating system which manages the resources and data of Apps needs to be protected. Also, it is important that users to have awareness and check activation FinTech technology security in the process of simple payment with fingerprint or IC card.

Security Threats in the Mobile Cloud Service Environment (모바일 클라우드 서비스 환경에서의 보안위협에 관한 연구)

  • Han, Jung-Soo
    • Journal of Digital Convergence
    • /
    • v.12 no.5
    • /
    • pp.263-269
    • /
    • 2014
  • Mobile Cloud Service will provide cloud services through mobile devices. Because storage space constraints and computing process performance limitations of mobile devices, this service will process in the cloud environment after moving works and data that have to process in mobile terminal. The obstacles of mobile cloud service activity will have concerned high about the reliability service, data security, and the confidentiality security. In particular, in convergence of mobile services and cloud services, each threats are expected to be generated complicatedly. In this paper, we define the type of mobile cloud services as well as security threats that can occur in mobile cloud. Also we suggest security countermeasures in mobile app. and enterprises countermeasures. We suggest verification of mobile applications for user information protection about security countermeasures in mobile app. Also we describe the cloud providers responsibility and user responsibility about enterprises countermeasures.

Security Threats Analysis for Network-based Mobile IPv6 (네트워크 기반 Mobile IPv6 보안 취약점 분석)

  • Kim, Hyun-Gon;Seo, Jae-Hyeon;Oh, Byeong-Kyun;Ahn, Tae-Nam;Kim, Jin-Hyung
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.44 no.10
    • /
    • pp.137-147
    • /
    • 2007
  • In the host-based Mobile IPv6, a mobile node is responsible for doing the signaling to its home agent to enable session continuity as it moves between subnets. To remove the mobile node's signalling processing load, the network-based Mobile IPv6 has been proposed recently. It allows session continuity for a mobile node without its involvement in mobility management. The proxy mobility agent in the network performs the signaling and does the mobility management on behalf of the mobile node. However, to make secure communications for a mobile node, security mechanisms against diverse attacks should be adopted. To do this, first of all security threats to the network-based Mobile IPv6 should be also identified and analyzed. Potential attack objectives may be to consume network services at the cost of a legitimate mobile node and, eavesdropping and fabrication of user traffic through interception of a mobile node's communications. This paper identifies and discusses security threats to the network-based Mobile IPv6 in details. The results of threats analysis are limited to threats that are peculiar to the network-based Mobile IPv6 except threats to IPv6 in general.

A Study on the Security Checklist Improvements to improve the Security in the Mobile Applications Development (모바일 어플리케이션 개발에서의 보안성 향상을 위한 보안 점검항목 개선에 관한 연구)

  • Shin, Jun-Yuop;Kim, Dong-Soo;Han, Ki-Jun;Kim, Hee-Wan
    • Journal of Digital Convergence
    • /
    • v.12 no.8
    • /
    • pp.113-127
    • /
    • 2014
  • The use of mobile devices offers a variety of services to the individuals and companies. On the other hand, security threats and new mobile security threats that exist in IT infrastructure to build the environment for mobile services are present at the same time. Services such as mobile and vaccine management services, such as MDM (Mobile Device Management) has attracted a great deal of interest in order to minimize the threat of security in mobile environment. These solutions can not protect an application that was developed for the mobile service from the threat of vulnerability of mobile application itself. Under these circumstances, in this paper, we proposed mobile application security checklists based on application security review items in order to prevent security accidents that can occur in a mobile service environment. We collected and analyzed Android applications, we performed a total inspection of the applications for verification of the effectiveness of the check items. And we checked that the check items through a survey of experts suitability was verified.

National Institution's Information Security Management on the Smart phone use environment (스마트폰 이용 환경에서 국가기관 정보보호 관리방안)

  • Kim, Ji-Sook;Lim, Jong-In
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.6
    • /
    • pp.83-96
    • /
    • 2010
  • The rapid spread of smart phone in recent years changes not only personal life but also work environment of organizations. Moreover, smart phone provoke service combination between industries and transit the digital paradigm in our society because of the character that anyone can develop or use the application of smart phone. Under these circumstances, the government hastens the construction of mobile-government in order to improve national services and communication with people. However, since security threats on smart phone become more critical recently, we should hurry the counter measures against mobile threats or we will face obstacles to the activation of mobile-government. On this article, we suggest the methods of information security and the Mobile-government Information Security Management System(M-ISMS) on the smart phone use environment for building up the secure and convenient mobile system in the national institution.

Improved Session Management for Mobile Workflow in Web Application Service (모바일 환경을 위한 웹 애플리케이션 서비스의 세션 관리 개선방안)

  • Kim, Young-hun;Park, Yongsuk
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2014.10a
    • /
    • pp.387-389
    • /
    • 2014
  • It is preferred to the popularization of smart device business processes through mobile. The ratio of Internet access via mobile devices is reached 30% of PC in September 2012. It is reproduced in a mobile environment that security threats arising from the Internet. that is the characteristics of cyber security threats appearing on the mobile era. Web Application Service security research firm OWASP (The Open Web Application Security Project) issued Session Management threat. That threat will be reproduced in the mobile environment. But Mobile is significantly different from Desktop Computer about Session Management environment. This proceeding proposes a improved Session Management method in Mobile environment.

  • PDF