Abstract

The economic impact of Mobile IP, the standard that allows IP sessions to be maintained even when switching between different cellular towers or networks, has been staggering in terms of both scale and acceleration (Doherty, 2016). As voice communications transition to all-digital, all-IP networks such as 4G, there will be an increase in risk due to vulnerabilities, malware, and hacks that exist for PC-based systems and applications (Harwood, 2011). According to Gostev (2006), in June, 2004, a well-known Spanish virus collector known as VirusBuster, emailed the first known mobile phone virus to Kaspersky Lab, Moscow. Targeting the Symbian OS, the worm spread via Bluetooth. Ten years later, Kaspersky Lab reported 884,774 new malicious mobile programs (Unuchek & Chebyshev, 2015).

On the one hand, during mobile application installations, users typically agree with the vendor’s end-user license agreement (EULA) as a contract between the licensor and licensee. On the other hand, there is no easy way for users to monitor approved software functionality (i.e., automatic updates) as opposed to unapproved functionality (i.e., unwanted Bluetooth connectivity).

This paper presents, as the primary goal, the development of the Mobile Application Security Invasiveness (MASI) Index for assessing the level of invasiveness of covert application functionality. By assessing the MASI Index of an application, users should be able to score its invasiveness, classify it (i.e., non-invasive application or invasive application) and potentially uninstall it.

Comments

The author is a Ph. D. in Information Systems (DISS) student at Nova Southeastern University with Dr. Yair Levy as doctoral research advisor

 

Towards a Development of a Mobile Application Security Invasiveness Index

The economic impact of Mobile IP, the standard that allows IP sessions to be maintained even when switching between different cellular towers or networks, has been staggering in terms of both scale and acceleration (Doherty, 2016). As voice communications transition to all-digital, all-IP networks such as 4G, there will be an increase in risk due to vulnerabilities, malware, and hacks that exist for PC-based systems and applications (Harwood, 2011). According to Gostev (2006), in June, 2004, a well-known Spanish virus collector known as VirusBuster, emailed the first known mobile phone virus to Kaspersky Lab, Moscow. Targeting the Symbian OS, the worm spread via Bluetooth. Ten years later, Kaspersky Lab reported 884,774 new malicious mobile programs (Unuchek & Chebyshev, 2015).

On the one hand, during mobile application installations, users typically agree with the vendor’s end-user license agreement (EULA) as a contract between the licensor and licensee. On the other hand, there is no easy way for users to monitor approved software functionality (i.e., automatic updates) as opposed to unapproved functionality (i.e., unwanted Bluetooth connectivity).

This paper presents, as the primary goal, the development of the Mobile Application Security Invasiveness (MASI) Index for assessing the level of invasiveness of covert application functionality. By assessing the MASI Index of an application, users should be able to score its invasiveness, classify it (i.e., non-invasive application or invasive application) and potentially uninstall it.

 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.