外文翻译计算机科学与技术.docx

1、外文翻译计算机科学与技术毕业设计(论文)外文文献翻译专业计算机科学与技术学生姓名班级学号指导教师信 息 工 程 学 院Mobile Malware and Smart Device Security:Trends, Challenges and Solutions Abdullahi Arabo and Bernardi PranggonoThe Oxford Internet Institute (OII), Oxford University, Oxford, OX1 3JS, U.K.School of Engineering and Built Environment, Glasgow

2、 Caledonian University, Glasgow, G4 0BA, U.K.Abstract This work is part of the research to study trends and challenges of cyber security to smart devices in smart homes. We have seen the development and demand for seamless interconnectivity of smart devices to provide various functionality and abili

3、ties to users. While these devices provide more features and functionality, they also introduce new risks and threats. Subsequently, current cyber security issues related to smart devices are discussed and analyzed. The paper begins with related background and motivation. We identified mobile malwar

4、e as one of the main issue in the smart devices security. In the near future, mobile smart device users can expect to see a striking increase in malware and notable advancements in malware-related attacks, particularly on the Android platform as the user base has grown exponentially. We discuss and

5、analyzed mobile malware in details and identified challenges and future trends in this area. Then we propose and discuss an integrated security solution for cyber security in smart devices to tackle the issue.Index Botnet, cyber security, mobile malware, security framework, smart device securityI. I

6、NTRODUCTIONThe Internet is one of the most remarkable developments to have happened to mankind in the last 100 years. The development of ubiquitous computing makes things even more interesting as it has given us the possibility to utilise devices and technology in unusual ways. We have seen the deve

7、lopment and demand for seamless interconnectivity of smart devices to provide various functionalities and abilities to users. But we also know the vulnerabilities that exist within this ecosystem. However, these vulnerabilities are normally considered for larger infrastructures and little attention

8、has been paid to the cyber security threats from the usage and power of smart devices as a result of the Internet of Things (IoT) technologies. In the IoT vision, every physical object has a virtual component that can produce and consume services. Smart spaces are becoming interconnected with powerf

9、ul smart devices (smartphones, tablets, etc.). On the other hand, we also have the backbone, the power grid that powers our nations. These two phenomena are coming at the same time. The increased usage of smart meters in our homes or businesses provides an avenue of connectivity as well as powerful

10、home services or interconnected powerful smart devices. The example of the smart grid also provides the means of controlling and monitoring smart grid infrastructures via the use of portable smart devices.The vulnerability of the connected home and developments within the energy industrys new wirele

11、ss smart grid are exposed to the wrong people; it will inevitably lead to lights out for everyone. This will eventually uncover the multitude of interconnected smart devices in the IoT as a hotbed for cyber-attacks or robot networks (botnets) and a security nightmare for smart space users and possib

12、ly for national infrastructures as a whole.The latest research has reported that on average people own three internet-connected smart devices such as smartphones and tablets. Therefore, as a result of the ubiquity of smart devices, and their evolution as computing platforms, as well as the powerful

13、processors embedded in smart devices, has made them suitable objects for inclusion in a botnet. Botnets of mobile devices (also known as mobile botnets) are a group of compromised smart devices that are remotely controlled by bot-masters via command-and-control (C&C) channels. Mobile botnets have di

14、fferent characteristics in several aspects as compared to PC-based botnets, such as their C&C channels medium.PC-based botnets are seen as the most common platforms for security attacks, and mobile botnets are seen as less of a threat in comparison to their counterparts. This is so for different rea

15、sons, such as limited battery power, resource issues, and Internet access constraints, etc. Therefore, the efforts directed to both the manifestation of operating mobile botnets and corresponding research and development endeavours are not as wide as for PC-based botnets. However, this development c

16、ould change with the recent surge in popularity and use of smart devices. Smart devices are now widely used by billions of users due to their enhanced computing ability, practicality and efficient Internet access, thanks to advancement in solid-state technologies.Moreover, smart devices typically co

17、ntain a large amount of sensitive personal and corporate data and are often used in online payments and other sensitive transactions. The wide spread use of open-source smart device platforms such as Android and third-party applications made available to the public also provides more opportunities a

18、nd attractions for malware creators. Therefore, for now and the near future smart devices will become one of the most lucrative targets for cybercriminals.The main focus of this paper is threefold: firstly to highlight the possible threats and vulnerability of smart devices, secondly to analyse the

19、challenges involved in detecting mobile malware in smart devices and finally to propose a general security solution that will facilitate solving or addressing such threats. The rest of the paper is organized as follows. In section II we provide a detailed analysis of the security threats on smart de

20、vices and their links with cyber security. We have identified mobile malware as one of the main issues and we discuss it in more detail in Section III. Section IV provides our proposed security solution that will be able to deter the problems of mobile malware. The paper is concluded in section V.II

21、. SECURITY THREATS ON SMART DEVICESThe weakest link in any IT security chain is the user. The human factor is the most challenging aspect of mobile device security. Home users generally assume that everything will work just as it should, relying on a devices default settings without referring to com

22、plex technical manuals. Therefore service content providers and hardware vendors need to be aware of their responsibilities in maintaining network security and content management on the devices they provide. Service providers might also have the opportunity to provide add-on security services to com

23、plement the weaknesses of the devices.The issue of cyber security is much closer to the home environment than has been usually understood; hence, the problem of cyber security extends beyond computers it is also a threat to portable devices. Many electronic devices used at home are practically as po

24、werful as a computer - from mobile phones, video consoles, game consoles and car navigation systems. While these devices are portable, provide more features and functionality, they also introduce new risks.These devices previously considered as secure can be an easy target for assailants. The inform

25、ation stored and managed within such devices and home networks forms part of an individuals Critical Information Infrastructure (CII) 2 as identified by the POSTnote on cyber security in the UK. For example, an attacker may be able to compromise a smart device with a virus, to access the data on the

26、 device. Not only do these activities have implications for personal information, but they could also have serious consequences if corporate information were also stored on the smart device.The use of mobile devices in healthcare is also more common these days, such as in mobile-health. A typical ex

27、ample is having a health device connected to the home network, which is capable of transmitting data wirelessly to hospitals and other relevant parties. Most of the manufacturers of these devices do not put much effort in trying to make sure that the devices are secure. If these devices are compromi

28、sed not only will the information and privacy of the user of the device be compromised, but the attacker can even change the settings of the devices, which could lead to harmful consequences. It has been shown that it is possible to hack into a pacemaker and read the details of data stored in the de

29、vice such as names and medical data without having direct access to the devices simply by standing nearby 3.Therefore, it is also possible to reconfigure the parameters of the device. This is not only applicable to medical devices, but also to any devices that are used within the home network for an

30、y purpose.According to the Juniper Networks report 4, 76 percent of mobile users depend on their mobile devices to access their most sensitive personal information, such as online banking or personal medical information. This trend is even more noticeable with those who also use their personal mobil

31、e devices for business purposes. Nearly nine in ten (89 percent) business users report that they use their mobile device to access sensitive work-related information.Another more worrying impact is when cybercriminals use the vast resources of the network to turn it into a botnet and launch a cyber-

32、attack on national critical infrastructures. There are some Android applications that when downloaded from a third party market (not the Android market) are capable of accessing the root functionality of devices (“rooted”) and turning them into botnet soldiers without the users explicit consent.Peop

33、le could easily and unwittingly download malware to their smart devices or fall prey to “man-in-the-middle” attacks where cyber-criminals pose as a legitimate body, intercept and harvest sensitive information for malicious use. In 2011, there was a mix of Android applications removed from the Android