26-06-2014, 03:34 PM
Potential Threats to Mobile Network Security
Potential.doc (Size: 152 KB / Downloads: 25)
ABSTRACT
Can virus infect the mobile phones? It is a million dollar question that has no answer up to now. The chance is increasing day by day and recent hoax virus, Spam SMS worms is an evidence of it. Due to the financial aspects associated with wireless communications, this subject is under through research now.
The WAP protocol is now the leading standard for information services on wireless terminals like digital mobile phones. By the use of WAP, there is a possibility of wireless devices like mobile phones, getting infected with virus and worms. Though up to now there is no such attack, as the usage of script languages increases, there is a chance of malicious code injection.
Wireless application protocol is an application environment and a set of communication protocols for wireless devices. It enables the wireless devices, independent access to the Internet. WAP bridges the mobile world and the Internet. It also connects the corporate intranets. Due to this users can access the same amount of information by using a packet-sized device as they can from a desktop PC.
The WAP standard is based on Internet standards (HTML, XML and TCP/IP). It consists of a WML language, a WMLScript, and a Wireless Telephony Application Interface (WTAI). The use of WAP-enabled mobile phones is booming. Cellular phones with support for WAP allow users to access a wide variety of services. WAP enables users to do on-line banking, monitor stock markets, use email, and access the Internet – all from their mobile phones. New services are being developed everyday and as more robust scripting becomes possible, the chance for malicious code increases.
This paper will discuss the threats with current WAP protocol and how changes in the protocol and the increase in its usage will enable entry of real viruses. Future threat scenarios are presented along with suggestions to avoid these problems.
This paper also presents an overview on WAP, WAP Push, WML, and WMLScript and their ability to host malicious software. Finally to detect such future threats, potential solution placement will be presented.
1. Introduction
The growth of media on the Internet is motivated by high-speed bandwidth. Concern for small streamlined content is decreasing with the advent of cheap 24x7 high-speed connections for both home and businesses. However, computing devices are becoming smaller and more portable with a relatively lower bandwidth to Internet content -- thus, the desire for a smaller media format. WAP specifically addresses these needs with WML and WMLScript, which is designed for small display sizes, limited input devices, low resource devices, and narrow-band connectivity.
Solution Placement
This section does not discuss the technical solutions of how to detect such threats. Products with the ability to detect current JavaScript or Visual Basic Script threats should require little if any modification to detect future WML and WMLScript threats. This section only discusses the advantages and disadvantages of solution placement.
7.1 On-Device Solution
Placing a scanner on the device can be effective in blocking content, but may be resource intensive and difficult in regards to development. WAP devices vary from phones to personal digital assistants (PDAs) and each of the devices may be running on non-updatable and proprietary operating systems. One could not create a single solution that could be placed on all devices. In addition, updating the firmware or software may be problematic.
While possible, on-device solutions do not seem practically viable.
7.2 Origin Server Solution
Origin servers are generally run on popular operating systems such as Unix or NT. Existing products can scan these servers. The existing products would need to be updated with new signature files to detect malicious WML (Script) code, but this would be trivial for any scanner that can currently handle JavaScript or Visual Basic Script threats.
However, limiting the solution to the origin server does not adequately protect the end user. While the origin server administrator could assure his systems are free from malicious content, the end user could not be assured any origin server visited is free from malicious conten