Integrating Flexible Support for Security Policies into the Linux Operating System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Performance by Design: Computer Capacity Planning By Example
Performance by Design: Computer Capacity Planning By Example
Symbian OS Platform Security
SmartSiren: virus detection and alert for smartphones
Proceedings of the 5th international conference on Mobile systems, applications and services
Using 9-1-1 call data and the space-time permutation scan statistic for emergency event detection
dg.o '08 Proceedings of the 2008 international conference on Digital government research
Detecting energy-greedy anomalies and mobile malware variants
Proceedings of the 6th international conference on Mobile systems, applications, and services
Intelligent virus detection on mobile devices
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Using labeling to prevent cross-service attacks against smart phones
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
Hi-index | 0.00 |
The increasingly open environment of mobile computing systems such as PDAs and smartphones brings rich applications and services to mobile users. Accompanied with this trend is the growing malicious activities against these mobile systems, such as information leakage, service stealing, and power exhaustion. Besides the threats posed against individual mobile users, these unveiled mobile devices also open the door for more serious damage such as disabling critical public cyber physical systems that are connected to the mobile/wireless infrastructure. The impact of such attacks, however, has not been fully recognized. In this work, we show that mobile devices, even with the state-of-the-art security mechanisms, are still vulnerable to a set of carefully crafted attacks. Taking Linux-based cell-phones as an example, we show that this vulnerability not only makes it possible to attack individual mobile devices such as accessing unauthorized resources, disabling predefined security mechanisms, and diverting phone calls, but also can be exploited to launch distributed denial-of-service attacks against critical public services such as 911. Using the open multi-class queuing network model, we analyze in detail the consequence of these attacks against the 911 service in a large region and also present some unique characteristics of these attacks. We further discuss potential countermeasures that can effectively mitigate or eliminate these attacks.