Abstract
The economic impact of Mobile IP, the standard that allows IP sessions to be maintained even when switching between different cellular towers or networks, has been staggering in terms of both scale and acceleration (Doherty, 2016). As voice communications transition to all-digital, all-IP networks such as 4G, there will be an increase in risk due to vulnerabilities, malware, and hacks that exist for PC-based systems and applications (Harwood, 2011). According to Gostev (2006), in June, 2004, a well-known Spanish virus collector known as VirusBuster, emailed the first known mobile phone virus to Kaspersky Lab, Moscow. Targeting the Symbian OS, the worm spread via Bluetooth. Ten years later, Kaspersky Lab reported 884,774 new malicious mobile programs (Unuchek & Chebyshev, 2015).
On the one hand, during mobile application installations, users typically agree with the vendor’s end-user license agreement (EULA) as a contract between the licensor and licensee. On the other hand, there is no easy way for users to monitor approved software functionality (i.e., automatic updates) as opposed to unapproved functionality (i.e., unwanted Bluetooth connectivity).
This paper presents, as the primary goal, the development of the Mobile Application Security Invasiveness (MASI) Index for assessing the level of invasiveness of covert application functionality. By assessing the MASI Index of an application, users should be able to score its invasiveness, classify it (i.e., non-invasive application or invasive application) and potentially uninstall it.
Included in
Digital Communications and Networking Commons, Information Security Commons, Management Information Systems Commons, Risk Analysis Commons, Technology and Innovation Commons
Towards a Development of a Mobile Application Security Invasiveness Index
The economic impact of Mobile IP, the standard that allows IP sessions to be maintained even when switching between different cellular towers or networks, has been staggering in terms of both scale and acceleration (Doherty, 2016). As voice communications transition to all-digital, all-IP networks such as 4G, there will be an increase in risk due to vulnerabilities, malware, and hacks that exist for PC-based systems and applications (Harwood, 2011). According to Gostev (2006), in June, 2004, a well-known Spanish virus collector known as VirusBuster, emailed the first known mobile phone virus to Kaspersky Lab, Moscow. Targeting the Symbian OS, the worm spread via Bluetooth. Ten years later, Kaspersky Lab reported 884,774 new malicious mobile programs (Unuchek & Chebyshev, 2015).
On the one hand, during mobile application installations, users typically agree with the vendor’s end-user license agreement (EULA) as a contract between the licensor and licensee. On the other hand, there is no easy way for users to monitor approved software functionality (i.e., automatic updates) as opposed to unapproved functionality (i.e., unwanted Bluetooth connectivity).
This paper presents, as the primary goal, the development of the Mobile Application Security Invasiveness (MASI) Index for assessing the level of invasiveness of covert application functionality. By assessing the MASI Index of an application, users should be able to score its invasiveness, classify it (i.e., non-invasive application or invasive application) and potentially uninstall it.
Comments
The author is a Ph. D. in Information Systems (DISS) student at Nova Southeastern University with Dr. Yair Levy as doctoral research advisor