BibTex RIS Cite

New Comprehensive Taxonomies on Mobile Security and Malware Analysis

Year 2016, Volume: 5 Issue: 4, 106 - 138, 01.12.2016

Abstract

Taxonomies are known to provide a systematic and theoretical classification of elements in a particular domain and could be efficiently used to express concepts in a structural manner. Unfortunately, security literature witnesses a few taxonomies having about 40 nodes on average in mostly a narrowed scope and maximum of 25 nodes on mobile scope only. This study surveyed security related taxonomies with quality criteria and proposes new comprehensive mobile security taxonomy and mobile malware analysis subtaxonomy from not only defensive but also offensive point of view. We have developed a levelling scheme and notation for security taxonomies in general and proposed a new definite method to build the taxonomies having over 1,300 nodes. We have also visualized our taxonomies for researchers, security professionals and even common end users to provide comprehensible, well structured, and handy maps. As security threats and vulnerabilities dynamically increase and diversify, these new taxonomies would help to see the entire perspective of mobile security without losing any details and present new perspective to bring mobile computing and cyber security disciplines closer.

References

  • [1] L. Howell, Ed., Global Risks 2013, 8th ed. Cologny/Geneva: World Economic Forum, 2013.
  • [2] Global Risks 2015, 10th ed., Cologny/Geneva, 2015.
  • [3] The Global Risks Report 2016, 11th ed. Cologny/Geneva: World Economic Forum, 2016.
  • [4] V. Melvin, M. Cousin, S. Thorne, L. Liu, and A. Cheeseman, “Threat Horizon 2016: On the edge of trust Review,” Information Security Forum Limited, Tech. Rep., 2014.
  • [5] D. McMorrow, “Science of Cyber-Security,” The MITRE Corporation, McLean, Virginia, Tech. Rep. November, 2010.
  • [6] C. von Linn, Systema naturae per regna tria naturae: secundum classes, ordines, genera, species, cum characteribus, differentiis, synonymis, locis (System of nature through the three kingdoms of nature, according to classes, orders, genera and species, with characters), 10th ed. Stockholm: Impensis Direct. Laurentii Salvii,, 1758, vol. v.1.
  • [7] U. Lindqvist and E. Jonsson, “How to systematically classify computer security intrusions,” in IEEE Symposium on Security and Privacy. Oakland, CA: IEEE, 1997, pp. 154–163.
  • [8] R. P. Lippmann, D. J. Fried, I. Graf, J. Haines, K. R. Kendall, D. McClung, D. Weber, S. E. Webster, D. Wyschogrod, R. K. Cunningham, and M. A. Zissman, “Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation,” in Proceedings DARPA Information Survivability Conference and Exposition DISCEX’00, vol. 2. Hilton Head, SC: IEEE, 2000, pp. 12–26.
  • [9] J. Mirkovic and P. Reiher, “A taxonomy of DDoS attack and DDoS defense mechanisms,” ACM SIGCOMM Computer Communication Review, vol. 34, no. 2, p. 39, 2004.
  • [10] M. Uma and G. Padmavathi, “A survey on various cyber attacks and their classification,” International Journal of Network Security, vol. 15, no. 5, pp. 390–396, 2013.
  • [11] J. D. Howard, “An Analysis of Security Incidents on the Internet 1989 - 1995,” Ph.D. Dissertation, Carnegie Mellon University, 1997.
  • [12] M. Kjaerland, “A taxonomy and comparison of computer security incidents from the commercial and government sectors,” Computers and Security, vol. 25, no. 7, pp. 522–538, 2006.
  • [13] S. D. Applegate and A. Stavrou, “Towards a cyber conflict taxonomy,” in The Fifth International Conference on Cyber Conflict. Tallinn: NATO CCD COE, 2013, pp. 1–18.
  • [14] T. Rid and B. Buchanan, “Attributing Cyber Attacks,” Journal of Strategic Studies, vol. 38, no. 1-2, pp. 4–37, 2014.
  • [15] G. Suarez-Tangil, J. E. Tapiador, P. PerisLopez, and A. Ribagorda, “Evolution, detection and analysis of malware for smart devices,” IEEE Communications Surveys & Tutorials, vol. 16, no. 2, pp. 961–987, 2014.
  • [16] C. Alberts and A. Dorofee, “OCTAVE Threat Profiles,” Software Engineering Institute, Pittsburgh, Tech. Rep., 2001.
  • [17] M. Bishop, “A Taxonomy of UNIX System and Network Vulnerabilities,” University of California, Davis, Tech. Rep., 1995.
  • [18] C. E. Landwehr, A. R. Bull, J. P. McDermott, and W. S. Choi, “A Taxonomy of Computer Program Security Flaws, with Examples,” Naval Research Laboratory, Washington, DC, Tech. Rep., 1993.
  • [19] D. L. Lough, “A Taxonomy of Computer Attacks with Applications to Wireless Networks,” Ph.D. Dissertation, Faculty of the Virginia Polytechnic Institute and State University, 2001.
  • [20] J. J. Cebula and L. R. Young, “A Taxonomy of Operational Cyber Security Risks,” Carnegie Mellon Software Engineering Institute, Hanscom AFB, Tech. Rep. December, 2010.
  • [21] J. Christy, “Cyber threat to critical infrastructure,” in The NEbraskaCERT Conference, Omaha, NE, 1999.
  • [22] S. Hansman and R. Hunt, “A Taxonomy of Network and Computer Attacks,” Computers and Security, vol. 24, no. 1, pp. 31–43, 2005.
  • [23] C. Simmons, C. Ellis, S. Shiva, D. Dasgupta, and Q. Wu, “AVOIDIT: A cyber attack taxonomy,” University of Memphis, Tech. Rep., 2009.
  • [24] R. Hunt and J. Slay, “A new approach to developing attack taxonomies for network security - Including case studies,” in 17th IEEE International Conference on Networks (ICON). Singapore: IEEE, 2011, pp. 281–286.
  • [25] P. G. Neumann, “Computer system security evaluation,” in 1978 National Computer Conference Proceedings (AFIPS Conference Proceedings), S. P. Ghosh and L. Y. Liu, Eds. Anaheim, California: AFIPS Press, 1978, pp. 1087–1095.
  • [26] A. Algirdas, J.-C. Laprie, B. Randell, and C. Landwehr, “Basic Concepts and Taxonomy of Dependable and Secure Computing,” IEEE Transactions on Dependable and Secure Computing, vol. 1, no. 1, pp. 11–33, 2004.
  • [27] G. Canbek and S. Sagiroglu, “Bilgisayar Sistemlerine Yapılan Saldırılar ve Turleri: Bir ¨ ˙Inceleme {Attacks against Computer Systems and Their Types: A Review Study},” Erciyes Universitesi Fen Bilimleri Enstit ¨ us¨ u Dergisi ¨ , vol. 23, no. 1-2, pp. 1–12, 2007.
  • [28] ——, “Kot¨ uc¨ ul ve Casus Yazılımlar: Kapsamlı ¨ bir Aras¸tırma {Malware and Spyware: A Comprehensive Review},” Journal of the Faculty of Engineering and Architecture of Gazi University, vol. 22, no. 1, pp. 121–136, 2007.
  • [29] K. Ivaturi and L. Janczewski, “A taxonomy for social engineering attacks,” in International Conference on Information Resources Management (CONF-IRM). AIS Electronic Library (AISeL) CONF-IRM, 2011.
  • [30] C. F. M. Foozy, R. Ahmad, M. F. Abdollah, R. Yusof, and M. Z. Mas’ud, “Generic taxonomy of social engineering attack,” in Malaysian Technical Universities International Conference on Engineering Technology MUiCET 2011 (2011), 2011, pp. 527–533.
  • [31] A. Amamra, C. Talhi, and J.-M. Robert, “Smartphone malware detection: From a survey towards taxonomy,” in 7th International Conference on Malicious and Unwanted Software (MALWARE). Fajardo, PR: IEEE, oct 2012, pp. 79–86.
  • [32] C. F. M. Foozy, R. Ahmad, and M. F. Abdollah, “Phishing Detection Taxonomy for Mobile Device,” International Journal of Computer Science Issues (ISSN), vol. 10, no. 1, pp. 338– 344, 2013.
  • [33] A. Algarni, Y. Xu, Taizan Chan, and Yu-Chu Tian, “Social engineering in social networking sites: Affect-based model,” in Proceedings of the 8th IEEE International Conference for Internet Technology and Secured Transactions (ICITST-2013), 2013, pp. 508–515.
  • [34] A. Mylonas, “Explo(r—it)ing the User’s Exposure to Security and Privacy Threats in the Smartphone Ecosystem,” Ph.D. Dissertation, Athens University of Economics & Business, 2014.
  • [35] R. Heartfield and G. Loukas, “A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks,” ACM Computing Surveys, vol. 48, no. 3, p. 39, 2015.
  • [36] C. W. Hanson, “Mobile devices in 2011,” in Library Technology Reports, 2011, ch. 2, pp. 11–23.
  • [37] “Eyes on the road,” 2014. [Online]. Available: https://youtube.com/watch?v=R22WNkYKeo8
  • [38] Y. Zhang, Z. Chen, and Y. Kang, “Guaranteed Clicks: Mobile App Company Takes Control of Android Phones,” FireEye, Tech. Rep., 2015. [Online]. Available: https://www.fireeye.com/blog/threatresearch/2015/09/guaranteed clicksm.html
  • [39] J. D. Aycock, Computer viruses and malware. Springer, 2006.
  • [40] M. Bailey, S.-P. Oriyano, and R. Shimonski, “Dissection of a Client-side attack,” in Clientside attacks and Defense. Waltham,MA: Syngress, 2012, ch. 2, p. 26.
There are 40 citations in total.

Details

Primary Language English
Journal Section Research Article
Authors

Gürol Canbek This is me

Seref Sagiroglu This is me

Nazife Baykal This is me

Publication Date December 1, 2016
Published in Issue Year 2016 Volume: 5 Issue: 4

Cite

IEEE G. Canbek, S. Sagiroglu, and N. Baykal, “New Comprehensive Taxonomies on Mobile Security and Malware Analysis”, IJISS, vol. 5, no. 4, pp. 106–138, 2016.