Security, threats and protection mechanisms for mobile devices
Keywords:
Mobile devices, security, mobile network, protection.
Abstract
Currently, more than half of commercial computing equipment is mobile, presenting these devices with diverse and constant challenges for network security, highlighting that unknown WiFi configuration, acceptance of unidentified applications, connection to sites that are not Trust and downloading apps from such sites can be listed as the top issues when using mobile devices. For this reason, it is of vital importance that users know the various security threats that put data and information contained in mobile devices at risk, the types and the main protection systems currently developed in order to avoid loss or theft of data. private personal and business information and documents that can put the integrity and security of users and organizations at risk. The objective of the research is to identify the various security threats that put data and information contained in mobile devices at risk, establishing the types of threats, reviewing the different strategies to avoid them and describing the main protection systems currently developed.
Downloads
Download data is not yet available.
References
Guevara, A. (2018). Dispositivos Móviles. Seguridad, (7). Recuperado el 18 de agosto de 2022, de https://revista.seguridad.unam.mx/numero-07/dispositivos-moviles
Kearns, G. (2016). Countering Mobile Device Threats: A Mobile Device Security Model. Journal of Forensic & Investigative Accounting, 8(1), 36-48.
Cisco. (2020). ¿Qué es la seguridad de dispositivos móviles? Recuperado el 5 de mayo de 2022, de https://www.cisco.com/c/es_mx/solutions/small-business/resource-center/security/mobile-device-security.html
Kitchenham, B. (2004). Procedures for Performing Systematic Reviews. Keele, UK: Keele Univ. Recuperado el 5 de mayo de 2022, de https://www.researchgate.net/publication/228756057_Procedures_for_Performing_Systematic_Reviews
Avizienis, A., Laprie, J.-C., Randell, B., & Landwehr, C. (2004). Basic concepts and taxonomy of dependable and secure computing. IEEE Transactions on Dependable and Secure Computing, 1(1), 11-33. https://doi.org/10.1109/TDSC.2004.2
Yamin, M. M., & Katt, B. (2019). Mobile device management (MDM) technologies, issues and challenges. En Proceedings of the 3rd International Conference on Cryptography, Security and Privacy (pp. 143-147). doi: 10.1145/3309074.3309103
Gontovnikas, M. (2021). Las 9 amenazas de seguridad más comunes para dispositivos móviles en 2021. Recuperado el 5 de mayo de 2022, de https://auth0.com/blog/the-9-most-common-security-threats-to-mobile-devices-in-2021/
Li, Q., & Clark, G. (2013). Mobile Security: A Look Ahead. IEEE Security & Privacy, 11(1), 78-81. https://doi.org/10.1109/MSP.2013.15
Yesilyurt, M., & Yalman, Y. (2016). Security Threats on Mobile Devices and their Effects: Estimations for the Future. International Journal of Security and Its Applications, 10(2), 13-26. https://doi.org/10.14257/ijsia.2016.10.2.02
Siliconweek.com. (2022). El robo de celulares en América Latina: un problema aún por resolver. Recuperado el 6 de mayo de 2022, de https://www.siliconweek.com/e-enterprise/el-robo-de-celulares-en-america-latina-un-problema-aun-por-resolver-55123?print=print
Shires, J. (2022). The Politics of Cybersecurity in the Middle East. Oxford University Press.
Kumar, J., Santhanavijayan, A., Janet, B., Rajendran, B., & Bindhumadhava, B. S. (2020). Phishing Website Classification and Detection Using Machine Learning. En 2020 International Conference on Computer Communication and Informatics (ICCCI) (pp. 1-6). doi: 10.1109/ICCCI48352.2020.9104161
Rajagopal, & Ramesh, B. (2016). Business Analytics and Cyber Security Management in Organizations. IGI Global.
Stair, R., & Reynolds, G. (2020). Principles of Information Systems. Cengage Learning.
Hole, K. J. (2015). Toward Anti-fragility: A Malware-Halting Technique. IEEE Security & Privacy, 13(4), 40-46. https://doi.org/10.1109/MSP.2015.73
Steele, C. (2020). What is Mobile Application Management (MAM)? Recuperado el 6 de mayo de 2022, de https://www.techtarget.com/searchmobilecomputing/definition/mobile-application-management-MAM
Sombatruang, N., Kadobayashi, Y., Sasse, M. A., Baddeley, M., & Miyamoto, D. (2018). The continued risks of unsecured public Wi-Fi and why users keep using it: Evidence from Japan. En 2018 16th Annual Conference on Privacy, Security and Trust (PST) (pp. 1-11). doi: 10.1109/PST.2018.8514208
Sobh, T. (2013). Wi-Fi Networks Security and Accessing Control. International Journal of Computer Network and Information Security, 5(7), 9-20. https://doi.org/10.5815/ijcnis.2013.07.02
IBM. (2020). What is end-to-end encryption? Recuperado el 6 de mayo de 2022, de https://webcache.googleusercontent.com/search?q=cache:MZoi2awKfiIJ:https://www.ibm.com/topics/end-to-end-encryption+&cd=20&hl=es&ct=clnk&gl=ec
Vandenberg, D. T. (2017). Encryption Served Three Ways: Disruptiveness as the Key to Exceptional Access. Berkeley Technology Law Journal, 32, 531-562.
Yadav, A., & Prasad, L. B. (2019). IOT Devices for Control Applications: A Review. En 2019 3rd International Conference on Electronics, Communication and Aerospace Technology (ICECA) (pp. 473-479). doi: 10.1109/ICECA.2019.8821895
Infoblox. (2021). Infoblox Reporting and Analytics | Know Your Network. Recuperado el 6 de mayo de 2022, de https://www.infoblox.com/products/reporting-analytics/
Infoblox. (2021). IoT Security | Foundational Security for Botnet Protection. Recuperado el 6 de mayo de 2022, de https://www.infoblox.com/solutions/secure-iot/
Salih, H. M., & Mohammed, M. S. (2020). Spyware Injection in Android using Fake Application. En 2020 International Conference on Computer Science and Software Engineering (CSASE) (pp. 100-105). doi: 10.1109/CSASE48920.2020.9142101
IBM. (2021). ¿Qué es la seguridad móvil? Recuperado el 5 de mayo de 2022, de https://www.ibm.com/topics/mobile-security
IBM. (2021). Soluciones de gestión de movilidad empresarial (EMM). Recuperado el 6 de mayo de 2022, de https://www.ibm.com/security/enterprise-mobility-management
Camacho Hernández, O. (2015). Implementación de la gestión de la movilidad empresarial (enterprise mobility management - emm) para la gestion del correo corporativo en el departamento para la prosperidad social – DPS. Universidad Nacional Abierta y a Distancia. Recuperado el 18 de agosto de 2022, de http://repository.unad.edu.co/handle/10596/4852
Li, T., Mehta, A., & Yang, P. (2017). Security Analysis of Email Systems. En 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud) (pp. 91-96). doi: 10.1109/CSCloud.2017.20
Chandel, S., Yu, S., Yitian, T., Zhili, Z., & Yusheng, H. (2019). Endpoint Protection: Measuring the Effectiveness of Remediation Technologies and Methodologies for Insider Threat. En 2019 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC) (pp. 81-89). doi: 10.1109/CyberC.2019.00023
Cando Estrella, C. A. (2020). Análisis e implementación de plataforma de seguridad para la protección de la información a través de la administración de los dispositivos finales en la Unidad Educativa Fiscomisional San Juan Bosco. Universidad de Guayaquil. Facultad de Ciencias Matemáticas y Físicas. Carrera de Ingeniería en Networking y Telecomunicaciones. Recuperado el 18 de agosto de 2022, de http://repositorio.ug.edu.ec/handle/redug/48833
Alshalan, A., Pisharody, S., & Huang, D. (2016). A Survey of Mobile VPN Technologies. IEEE Communications Surveys & Tutorials, 18(2), 1177-1196. https://doi.org/10.1109/COMST.2015.2496624
León Gómez, A. N. (2018). Monitoreo de rendimiento para la seguridad de VPN a través de PfSense y OpenVPN. Universidad Veracruzana. Facultad de Contaduría y Administración. Región Xalapa. Recuperado el 18 de agosto de 2022, de https://cdigital.uv.mx/
Gupta, A. K., Kumar, R., & Gupta, N. K. (2014). A trust based secure gateway selection and authentication scheme in MANET. En 2014 International Conference on Contemporary Computing and Informatics (IC3I) (pp. 1087-1093). doi: 10.1109/IC3I.2014.7019816
Bienhaus, D., Ebner, A., Jäger, L., Rieke, R., & Krauß, C. (2021). Secure gate: Secure gateways and wireless sensors as enablers for sustainability in production plants. Simulation Modelling Practice and Theory, 109, 102282. https://doi.org/10.1016/j.simpat.2021.102282
Yahya, Z. B., Ktata, F. B., & Ghedira, K. (2016). Multi-organizational Access Control Model Based on Mobile Agents for Cloud Computing. En 2016 IEEE/WIC/ACM International Conference on Web Intelligence (WI) (pp. 656-659). https://doi.org/10.1109/WI.2016.0116
Agrawal, N., & Tapaswi, S. (2019). A trustworthy agent-based encrypted access control method for mobile cloud computing environment. Pervasive and Mobile Computing, 52, 13-28. https://doi.org/10.1016/j.pmcj.2018.11.003
Leal, E. (2019, febrero). La seguridad de la información en dispositivos móviles personales de uso profesional. Recuperado el 18 de agosto de 2022, de http://repository.unipiloto.edu.co/handle/20.500.12277/4920
Balbix Inc. (2020, mayo 7). Balbix Releases State of Password Use Report 2020. Recuperado el 6 de mayo de 2022, de https://www.businesswire.com/news/home/20200507005204/en/Balbix-Releases-State-of-Password-Use-Report-2020
Prensario, T. (2021, julio). Informe de Seguridad Móvil 2021 de Check Point. Recuperado el 6 de mayo de 2022, de https://prensariotila.com/33106-informe-de-seguridad-movil-2021-de-check-point/
Ulloa Hallo, A. G. (2021, diciembre). Análisis de problemas técnicos y legales de ciberseguridad y sus posibles soluciones en el contexto de la computación en la nube. Recuperado el 18 de agosto de 2022, de http://repositorio.puce.edu.ec:80/xmlui/handle/22000/19745
Schmitt, M. (2022, julio 17). Mobile Security for the modern CEO: Attacks, Mitigations, and Future Trends. arXiv. https://doi.org/10.48550/arXiv.2207.08105
VMware. (2022). What is Mobile Device Security? Recuperado el 5 de mayo de 2022, de https://www.vmware.com/topics/glossary/content/mobile-device-security.html
Kearns, G. (2016). Countering Mobile Device Threats: A Mobile Device Security Model. Journal of Forensic & Investigative Accounting, 8(1), 36-48.
Cisco. (2020). ¿Qué es la seguridad de dispositivos móviles? Recuperado el 5 de mayo de 2022, de https://www.cisco.com/c/es_mx/solutions/small-business/resource-center/security/mobile-device-security.html
Kitchenham, B. (2004). Procedures for Performing Systematic Reviews. Keele, UK: Keele Univ. Recuperado el 5 de mayo de 2022, de https://www.researchgate.net/publication/228756057_Procedures_for_Performing_Systematic_Reviews
Avizienis, A., Laprie, J.-C., Randell, B., & Landwehr, C. (2004). Basic concepts and taxonomy of dependable and secure computing. IEEE Transactions on Dependable and Secure Computing, 1(1), 11-33. https://doi.org/10.1109/TDSC.2004.2
Yamin, M. M., & Katt, B. (2019). Mobile device management (MDM) technologies, issues and challenges. En Proceedings of the 3rd International Conference on Cryptography, Security and Privacy (pp. 143-147). doi: 10.1145/3309074.3309103
Gontovnikas, M. (2021). Las 9 amenazas de seguridad más comunes para dispositivos móviles en 2021. Recuperado el 5 de mayo de 2022, de https://auth0.com/blog/the-9-most-common-security-threats-to-mobile-devices-in-2021/
Li, Q., & Clark, G. (2013). Mobile Security: A Look Ahead. IEEE Security & Privacy, 11(1), 78-81. https://doi.org/10.1109/MSP.2013.15
Yesilyurt, M., & Yalman, Y. (2016). Security Threats on Mobile Devices and their Effects: Estimations for the Future. International Journal of Security and Its Applications, 10(2), 13-26. https://doi.org/10.14257/ijsia.2016.10.2.02
Siliconweek.com. (2022). El robo de celulares en América Latina: un problema aún por resolver. Recuperado el 6 de mayo de 2022, de https://www.siliconweek.com/e-enterprise/el-robo-de-celulares-en-america-latina-un-problema-aun-por-resolver-55123?print=print
Shires, J. (2022). The Politics of Cybersecurity in the Middle East. Oxford University Press.
Kumar, J., Santhanavijayan, A., Janet, B., Rajendran, B., & Bindhumadhava, B. S. (2020). Phishing Website Classification and Detection Using Machine Learning. En 2020 International Conference on Computer Communication and Informatics (ICCCI) (pp. 1-6). doi: 10.1109/ICCCI48352.2020.9104161
Rajagopal, & Ramesh, B. (2016). Business Analytics and Cyber Security Management in Organizations. IGI Global.
Stair, R., & Reynolds, G. (2020). Principles of Information Systems. Cengage Learning.
Hole, K. J. (2015). Toward Anti-fragility: A Malware-Halting Technique. IEEE Security & Privacy, 13(4), 40-46. https://doi.org/10.1109/MSP.2015.73
Steele, C. (2020). What is Mobile Application Management (MAM)? Recuperado el 6 de mayo de 2022, de https://www.techtarget.com/searchmobilecomputing/definition/mobile-application-management-MAM
Sombatruang, N., Kadobayashi, Y., Sasse, M. A., Baddeley, M., & Miyamoto, D. (2018). The continued risks of unsecured public Wi-Fi and why users keep using it: Evidence from Japan. En 2018 16th Annual Conference on Privacy, Security and Trust (PST) (pp. 1-11). doi: 10.1109/PST.2018.8514208
Sobh, T. (2013). Wi-Fi Networks Security and Accessing Control. International Journal of Computer Network and Information Security, 5(7), 9-20. https://doi.org/10.5815/ijcnis.2013.07.02
IBM. (2020). What is end-to-end encryption? Recuperado el 6 de mayo de 2022, de https://webcache.googleusercontent.com/search?q=cache:MZoi2awKfiIJ:https://www.ibm.com/topics/end-to-end-encryption+&cd=20&hl=es&ct=clnk&gl=ec
Vandenberg, D. T. (2017). Encryption Served Three Ways: Disruptiveness as the Key to Exceptional Access. Berkeley Technology Law Journal, 32, 531-562.
Yadav, A., & Prasad, L. B. (2019). IOT Devices for Control Applications: A Review. En 2019 3rd International Conference on Electronics, Communication and Aerospace Technology (ICECA) (pp. 473-479). doi: 10.1109/ICECA.2019.8821895
Infoblox. (2021). Infoblox Reporting and Analytics | Know Your Network. Recuperado el 6 de mayo de 2022, de https://www.infoblox.com/products/reporting-analytics/
Infoblox. (2021). IoT Security | Foundational Security for Botnet Protection. Recuperado el 6 de mayo de 2022, de https://www.infoblox.com/solutions/secure-iot/
Salih, H. M., & Mohammed, M. S. (2020). Spyware Injection in Android using Fake Application. En 2020 International Conference on Computer Science and Software Engineering (CSASE) (pp. 100-105). doi: 10.1109/CSASE48920.2020.9142101
IBM. (2021). ¿Qué es la seguridad móvil? Recuperado el 5 de mayo de 2022, de https://www.ibm.com/topics/mobile-security
IBM. (2021). Soluciones de gestión de movilidad empresarial (EMM). Recuperado el 6 de mayo de 2022, de https://www.ibm.com/security/enterprise-mobility-management
Camacho Hernández, O. (2015). Implementación de la gestión de la movilidad empresarial (enterprise mobility management - emm) para la gestion del correo corporativo en el departamento para la prosperidad social – DPS. Universidad Nacional Abierta y a Distancia. Recuperado el 18 de agosto de 2022, de http://repository.unad.edu.co/handle/10596/4852
Li, T., Mehta, A., & Yang, P. (2017). Security Analysis of Email Systems. En 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud) (pp. 91-96). doi: 10.1109/CSCloud.2017.20
Chandel, S., Yu, S., Yitian, T., Zhili, Z., & Yusheng, H. (2019). Endpoint Protection: Measuring the Effectiveness of Remediation Technologies and Methodologies for Insider Threat. En 2019 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC) (pp. 81-89). doi: 10.1109/CyberC.2019.00023
Cando Estrella, C. A. (2020). Análisis e implementación de plataforma de seguridad para la protección de la información a través de la administración de los dispositivos finales en la Unidad Educativa Fiscomisional San Juan Bosco. Universidad de Guayaquil. Facultad de Ciencias Matemáticas y Físicas. Carrera de Ingeniería en Networking y Telecomunicaciones. Recuperado el 18 de agosto de 2022, de http://repositorio.ug.edu.ec/handle/redug/48833
Alshalan, A., Pisharody, S., & Huang, D. (2016). A Survey of Mobile VPN Technologies. IEEE Communications Surveys & Tutorials, 18(2), 1177-1196. https://doi.org/10.1109/COMST.2015.2496624
León Gómez, A. N. (2018). Monitoreo de rendimiento para la seguridad de VPN a través de PfSense y OpenVPN. Universidad Veracruzana. Facultad de Contaduría y Administración. Región Xalapa. Recuperado el 18 de agosto de 2022, de https://cdigital.uv.mx/
Gupta, A. K., Kumar, R., & Gupta, N. K. (2014). A trust based secure gateway selection and authentication scheme in MANET. En 2014 International Conference on Contemporary Computing and Informatics (IC3I) (pp. 1087-1093). doi: 10.1109/IC3I.2014.7019816
Bienhaus, D., Ebner, A., Jäger, L., Rieke, R., & Krauß, C. (2021). Secure gate: Secure gateways and wireless sensors as enablers for sustainability in production plants. Simulation Modelling Practice and Theory, 109, 102282. https://doi.org/10.1016/j.simpat.2021.102282
Yahya, Z. B., Ktata, F. B., & Ghedira, K. (2016). Multi-organizational Access Control Model Based on Mobile Agents for Cloud Computing. En 2016 IEEE/WIC/ACM International Conference on Web Intelligence (WI) (pp. 656-659). https://doi.org/10.1109/WI.2016.0116
Agrawal, N., & Tapaswi, S. (2019). A trustworthy agent-based encrypted access control method for mobile cloud computing environment. Pervasive and Mobile Computing, 52, 13-28. https://doi.org/10.1016/j.pmcj.2018.11.003
Leal, E. (2019, febrero). La seguridad de la información en dispositivos móviles personales de uso profesional. Recuperado el 18 de agosto de 2022, de http://repository.unipiloto.edu.co/handle/20.500.12277/4920
Balbix Inc. (2020, mayo 7). Balbix Releases State of Password Use Report 2020. Recuperado el 6 de mayo de 2022, de https://www.businesswire.com/news/home/20200507005204/en/Balbix-Releases-State-of-Password-Use-Report-2020
Prensario, T. (2021, julio). Informe de Seguridad Móvil 2021 de Check Point. Recuperado el 6 de mayo de 2022, de https://prensariotila.com/33106-informe-de-seguridad-movil-2021-de-check-point/
Ulloa Hallo, A. G. (2021, diciembre). Análisis de problemas técnicos y legales de ciberseguridad y sus posibles soluciones en el contexto de la computación en la nube. Recuperado el 18 de agosto de 2022, de http://repositorio.puce.edu.ec:80/xmlui/handle/22000/19745
Schmitt, M. (2022, julio 17). Mobile Security for the modern CEO: Attacks, Mitigations, and Future Trends. arXiv. https://doi.org/10.48550/arXiv.2207.08105
VMware. (2022). What is Mobile Device Security? Recuperado el 5 de mayo de 2022, de https://www.vmware.com/topics/glossary/content/mobile-device-security.html
Published
2024-05-06
Section
Artículos
