Abstract
This chapter outlines a comprehensive overview of the smartphone industry, focusing on smartphone history, market share evolution, security and privacy, and cybersecurity challenges. It begins by tracing the evolution of smartphones and the changing market shares of different operating systems and manufacturers. The importance of security and privacy in smartphones is emphasized, including discussions on application stores, security principles, privacy concerns, and vulnerabilities. The chapter then delves into cybersecurity challenges, highlighting adversarial techniques, attack types and impacts, and the rise of on-the-go malware. Practical mitigation measures are suggested, such as downloading files from trusted sources, educating employees about malware infections, using multi-factor authentication, and regularly patching software. The chapter concludes with a summary of the key points covered, providing a holistic understanding of the smartphone industry and the associated security considerations.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
References
Kanjo, E., Bacon, J., Roberts, D., & Landshoff, P. (2009). MobSens: Making smartphones smarter. IEEE Pervasive Computing, 8(4), 50–57.
Trifan, A., Oliveira, M., & Oliveira, J. L. (2019). Passive sensing of health outcomes through smartphones: A systematic review of current solutions and possible limitations. JMIR mHealth and uHealth, 7(8), e12649.
Mobile Design and Development. (n.d.). O’Reilly Online Learning. Retrieved January 11, 2022, from https://www.oreilly.com/library/view/mobile-design-and/9780596806231/ch01.html
Acs, Z. J., Song, A. K., Szerb, L., Audretsch, D. B., & Komlosi, E. (2021). The evolution of the global digital platform economy: 1971–2021. Small Business Economics, 57, 1629–1659.
Shakya, R. K., Rana, K., Gaurav, A., et al. (2019). Stability analysis of epidemic modeling based on spatial correlation for wireless sensor networks. Wireless Personal Communications, 108, 1363–1377.
O’Loughlin, K., Neary, M., Adkins, E. C., & Schueller, S. M. (2019). Reviewing the data security and privacy policies of mobile apps for depression. Internet Interventions, 110–115.
Cleary, G. (2018). Mobile privacy: What do your apps know about you? [Online]. Accessed 2023, from https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/mobile-privacy-apps
Pham, L. (2021). Mobile application: Definition, technology types and examples 2023. Accessed 2023, from https://magenest.com/en/mobile-application/
Ahvanooey, M. T., Li, Q., Rabbani, M., & Rajput, A. R. (2017). A survey on smartphones security: Software vulnerabilities, malware, and attacks. International Journal of Advanced Computer Science and Applications, 8, 30–45.
Dogtiev, A. (2023). App stores list. Accessed 2023, from https://www.businessofapps.com/guide/app-stores-list/
Alsmadi, I. (2019). Cyber security management. In The NICE cyber security framework (pp. 243–251). Springer.
Brook, C. (2023). What is data integrity? Definition, types and tips. Accessed 2023, from https://www.digitalguardian.com/blog/what-data-integrity-data-protection-101
Tan, Y. S., Ko, R. K. L., & Holmes, G. (2013) Security and data accountability in distributed systems: A provenance survey. In IEEE international conference on high-performance computing and communications & 2013 IEEE international conference on embedded and ubiquitous computing.
Hande, S. A., & Mane, S. B. (2015). An analysis on data accountability and security in cloud. In International Conference on Industrial Instrumentation and Control (ICIC), Pune.
CIPL and Hodges, C. (2021). Organizational accountability in data protection enforcement, [Online]. Accessed 2023, from https://www.informationpolicycentre.com/uploads/5/7/1/0/57104281/cipl_white_paper_on_organizational_accountability_in_data_protection_enforcement_-_how_regulators_consider_accountability_in_their_enforcement_decisions__6_oct_2021_.pdf
Mayernik, M. S. (2017). Open data: accountability and transparency. Big Data and Society, 4(2), 1–5.
Hoboken, J. V., & Fathaighb, R. O. (2021). Smartphone platforms as privacy regulators. Computer Law and Security Review, 41.
Ma, X., Du, Z., & Liu, J. (2018). Program power profiling based on phase behaviors. Sustainable Computing: Informatics and Systems, 19, 341–350.
Amplifiers, W. (2022). Cellular vs. Wifi: How safe is cellular data?. Accessed 2023, from https://www.wilsonamplifiers.com/blog/cellular-vs-wifi-how-safe-is-cellular-data/#
Firoozjaei, M. D., Lu, R., & Ghorbani, A. A. (2020). An evaluation framework for privacy-preserving solutions applicable for blockchain-based internet-of-things platforms. Security and Privacy, 131.
Khana, J., Abbas, H., & Al-Muhtadi, J. (2015). Survey on mobile user’s data privacy threats and defense mechanisms. In International workshop on cyber security and digital investigation (CSDI 2015).
Delgado-Santos, P., Stragapede, G., Tolosana, R., Guest, R., Deravi, F., & VeraRodriguez, R. (2022). A survey of privacy vulnerabilities of mobile devices sensors. ACM Computing Surveys, 54(11), 1–30.
Baumgärtner, L., Dmitrienko, A., Freisleben, B., Gruler, A., Höchst, J., Kühlberg, J., Mezini, M., Mitev, R., Miettinen, M., Muhamedagic, A., Nguyen, T. D., Penning, A., Pustelnik, D., Roos, F., Sadegi, A., Schwarz, M., & Uhl, C. (2020). Mind the GAP: Security & privacy risks of contact tracing apps. In IEEE 19th international conference on trust, security, and privacy in computing and communications (TrustCom).
Ali, A., Somroo, N. A., Farooq, U., Asif, M., Akour, I., & Mansoor, W. (2022). Smartphone security hardening: Threats to organizational security and risk mitigation. In 2022 International conference on cyber resilience (ICCR) (pp. 1–12). IEEE.
Desai, M., & Jaiswal, S. (2020). Importance of information security and strategies to prevent data breaches in mobile devices. In Improving business performance through innovation in the digital economy (pp. 215–225). IGI Global.
Adăscăliţei, I. (2019). Smartphones and IoT security. Informatica Economica, 23(2), 63–75.
A. (2020, October 7). Top 8 mobile device cyber threats you should know to protect your data! Stealthlabs. Retrieved February 2, 2022, from https://www.stealthlabs.com/blog/top-8-mobile-cybersecurity-threats-you-should-know-to-protect-your-data/
Hartrell, G. D., Steeves, D. J., & Hudis, E. (2012). Malicious code infection cause and effect analysis. https://patentimages.storage.googleapis.com/28/2d/57/2ab93c1faaf698/US8117659.pdf. US Patent 8,117,659
Mobile Techniques, MITRE ATT&CK. (2023). https://attack.mitre.org/techniques/mobile/ [online].
Clipboard Data, MITRE ATT&CK. (2023). https://attack.mitre.org/techniques/T1414/ [online].
Xu, E. & Guo, G. (2019). Mobile campaign ‘Bouncing Golf’ affects Middle East, [online]. https://www.trendmicro.com/en_us/research/19/f/mobile-cyberespionage-campaign-bouncing-golf-affects-middle-east.html
Gevers, R., Barbatei, A. M., Tivadar, M., Balazs, B., Bleotu, R., Coblis, C. (2019). Uprooting mandrake: The story of an advanced Android Spyware Framework that went undetected for 4 years. Bitdefender, [online], https://www.bitdefender.com/files/News/CaseStudies/study/329/Bitdefender-PR-Whitepaper-Mandrake-creat4464-en-EN-interactive.pdf
Lookout. (2019). Monokle- the mobile surveillance tooling of the special technology center, [online], https://www.lookout.com/documents/threat-reports/lookout-discovers-monokle-threat-report.pdf
Threat Fabric. (2019). Cerberus - A new banking Trojan from the underworld, [online], https://www.threatfabric.com/blogs/cerberus-a-new-banking-trojan-from-the-underworld.html
Snow, J. (2016). Triada: organized crime on Android, [online], https://www.kaspersky.com/blog/triada-trojan/11481/
Iarchy, R., & Rynkowski, E. (2018). GoldenCup: New cyber threat targeting world cup fans, [online], https://symantec-enterprise-blogs.security.com/blogs/expert-perspectives/goldencup-new-cyber-threat-targeting-world-cup-fans
Firoozjaei, M. D., Mahmoudyar, N., Baseri, Y., & Ghorbani, A. A. (2022). An evaluation framework for industrial control system cyber incidents. International Journal of Critical Infrastructure Protection, 36, 100487.
MITRE ATT@CK, Native API. Access in 2023, from https://attack.mitre.org/techniques/T1575/
Case, A., Lassalle, D., Meltzer, M., Koessel, S., Adair, S., Lancaster, T. (2020). Evil eye threat actor resurfaces with iOS exploit and updated implant, [online], https://www.volexity.com/blog/2020/04/21/evil-eye-threat-actor-resurfaces-with-ios-exploit-and-updated-implant/
Lookout. (2018). Stealth Mango & Tangelo. Security Research Report, [online], https://info.lookout.com/rs/051-ESQ-475/images/lookout-stealth-mango-srr-us.pdf
Hossain, M., Rafi, S., & Hossain, S. (2020). An optimized decision tree based android malware detection approach using machine learning. In Proceedings of the 7th international conference on networking, systems, and security (pp. 115–125).
Lookout. (2020). Mobile APT Surveillance Campaigns Targeting Uyghurs, [online], https://www.lookout.com/documents/threat-reports/us/lookout-uyghur-malwaretr-us.pdf
Flossman, M. (2017). FrozenCell: Multi-platform surveillance campaign against Palestinians, [online], https://www.lookout.com/blog/frozencell-mobile-threat
MITRE ATT@CK. Matrix for Enterprise. Access in 2023, from https://attack.mitre.org/
Guardsquare. (2017). New Android vulnerability allows attackers to modify apps without affecting their signatures, [online], https://www.guardsquare.com/blog/new-android-vulnerability-allows-attackers-to-modify-apps-without-affecting-their-signatures-guardsquare
Possemato, A., Aonzo, S., Balzarotti, D., & Fratantonio, Y. (2021). Trust, but verify: A longitudinal analysis of Android OEM compliance and customization. In 2021 IEEE symposium on security and privacy (SP) (pp. 87–102).
**ao, H. Z., Dong, Q., & Jiang, X. (2014). Oldboot: The first bootkit on Android. Qihoo 360 Technology Co. Ltd.
Hazum, A., He, F., Marom, I., Melnykov, B., & Polkovnichenko, A. (2019). Agent Smith: A new species of mobile malware, [online], https://research.checkpoint.com/2019/agent-smith-a-new-species-of-mobile-malware/
Husainiamer, M. A., Saudi, M. M., Ahmad, A., & Syafiq, A. S. M. (2021). Mobile Malware Classification for iOS Inspired by Phylogenetics. International Journal of Advanced Computer Science and Applications, 12(8).
Kondiloglu, A., et al. (2017). Information security breaches and precautions on Industry 4.0. Технологический аудит и резервы производства, 6.4(38), 58–63.
Zheng, C., **ao, C., & Xu, Z. (2016). New Android Trojan “Xbot” Phishes Credit Cards and Bank Accounts, Encrypts Devices for Ransom, Security Research Report, [online], https://unit42.paloaltonetworks.com/new-android-trojan-xbot-phishes-credit-cards-and-bank-accounts-encrypts-devices-for-ransom/
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Abdul Kadir, A.F., Habibi Lashkari, A., Daghmehchi Firoozjaei, M. (2024). Introduction. In: Understanding Cybersecurity on Smartphones. Progress in IS. Springer, Cham. https://doi.org/10.1007/978-3-031-48865-8_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-48865-8_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-48864-1
Online ISBN: 978-3-031-48865-8
eBook Packages: Business and ManagementBusiness and Management (R0)