New Comprehensive Taxonomies on Mobile Security and Malware Analysis
New Comprehensive Taxonomies on Mobile Security and Malware Analysis
Taxonomies are known to provide a systematic and theoretical classification of elements in a particular domain and could be efficiently used to express concepts in a structural manner. Unfortunately, security literature witnesses a few taxonomies having about 40 nodes on average in mostly a narrowed scope and maximum of 25 nodes on mobile scope only. This study surveyed security related taxonomies with quality criteria and proposes new comprehensive mobile security taxonomy and mobile malware analysis subtaxonomy from not only defensive but also offensive point of view. We have developed a levelling scheme and notation for security taxonomies in general and proposed a new definite method to build the taxonomies having over 1,300 nodes. We have also visualized our taxonomies for researchers, security professionals and even common end users to provide comprehensible, well structured, and handy maps. As security threats and vulnerabilities dynamically increase and diversify, these new taxonomies would help to see the entire perspective of mobile security without losing any details and present new perspective to bring mobile computing and cyber security disciplines closer.
___
- [1] L. Howell, Ed., Global Risks 2013, 8th ed.
Cologny/Geneva: World Economic Forum,
2013.
- [2] Global Risks 2015, 10th ed., Cologny/Geneva,
2015.
- [3] The Global Risks Report 2016, 11th ed.
Cologny/Geneva: World Economic Forum,
2016.
- [4] V. Melvin, M. Cousin, S. Thorne, L. Liu, and
A. Cheeseman, “Threat Horizon 2016: On the
edge of trust Review,” Information Security
Forum Limited, Tech. Rep., 2014.
- [5] D. McMorrow, “Science of Cyber-Security,”
The MITRE Corporation, McLean, Virginia,
Tech. Rep. November, 2010.
- [6] C. von Linn, Systema naturae per regna tria
naturae: secundum classes, ordines, genera,
species, cum characteribus, differentiis, synonymis, locis (System of nature through the
three kingdoms of nature, according to classes,
orders, genera and species, with characters),
10th ed. Stockholm: Impensis Direct. Laurentii Salvii,, 1758, vol. v.1.
- [7] U. Lindqvist and E. Jonsson, “How to systematically classify computer security intrusions,”
in IEEE Symposium on Security and Privacy.
Oakland, CA: IEEE, 1997, pp. 154–163.
- [8] R. P. Lippmann, D. J. Fried, I. Graf, J. Haines,
K. R. Kendall, D. McClung, D. Weber, S. E.
Webster, D. Wyschogrod, R. K. Cunningham,
and M. A. Zissman, “Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation,” in Proceedings
DARPA Information Survivability Conference
and Exposition DISCEX’00, vol. 2. Hilton
Head, SC: IEEE, 2000, pp. 12–26.
- [9] J. Mirkovic and P. Reiher, “A taxonomy of
DDoS attack and DDoS defense mechanisms,”
ACM SIGCOMM Computer Communication
Review, vol. 34, no. 2, p. 39, 2004.
- [10] M. Uma and G. Padmavathi, “A survey on
various cyber attacks and their classification,”
International Journal of Network Security,
vol. 15, no. 5, pp. 390–396, 2013.
- [11] J. D. Howard, “An Analysis of Security Incidents on the Internet 1989 - 1995,” Ph.D. Dissertation, Carnegie Mellon University, 1997.
- [12] M. Kjaerland, “A taxonomy and comparison of
computer security incidents from the commercial and government sectors,” Computers and
Security, vol. 25, no. 7, pp. 522–538, 2006.
- [13] S. D. Applegate and A. Stavrou, “Towards a
cyber conflict taxonomy,” in The Fifth International Conference on Cyber Conflict. Tallinn:
NATO CCD COE, 2013, pp. 1–18.
- [14] T. Rid and B. Buchanan, “Attributing Cyber
Attacks,” Journal of Strategic Studies, vol. 38,
no. 1-2, pp. 4–37, 2014.
- [15] G. Suarez-Tangil, J. E. Tapiador, P. PerisLopez, and A. Ribagorda, “Evolution, detection and analysis of malware for smart devices,” IEEE Communications Surveys & Tutorials, vol. 16, no. 2, pp. 961–987, 2014.
- [16] C. Alberts and A. Dorofee, “OCTAVE Threat
Profiles,” Software Engineering Institute, Pittsburgh, Tech. Rep., 2001.
- [17] M. Bishop, “A Taxonomy of UNIX System
and Network Vulnerabilities,” University of
California, Davis, Tech. Rep., 1995.
- [18] C. E. Landwehr, A. R. Bull, J. P. McDermott, and W. S. Choi, “A Taxonomy of Computer Program Security Flaws, with Examples,” Naval Research Laboratory, Washington,
DC, Tech. Rep., 1993.
- [19] D. L. Lough, “A Taxonomy of Computer
Attacks with Applications to Wireless Networks,” Ph.D. Dissertation, Faculty of the Virginia Polytechnic Institute and State University, 2001.
- [20] J. J. Cebula and L. R. Young, “A Taxonomy of Operational Cyber Security Risks,”
Carnegie Mellon Software Engineering Institute, Hanscom AFB, Tech. Rep. December,
2010.
- [21] J. Christy, “Cyber threat to critical infrastructure,” in The NEbraskaCERT Conference,
Omaha, NE, 1999.
- [22] S. Hansman and R. Hunt, “A Taxonomy of
Network and Computer Attacks,” Computers
and Security, vol. 24, no. 1, pp. 31–43, 2005.
- [23] C. Simmons, C. Ellis, S. Shiva, D. Dasgupta,
and Q. Wu, “AVOIDIT: A cyber attack taxonomy,” University of Memphis, Tech. Rep.,
2009.
- [24] R. Hunt and J. Slay, “A new approach to
developing attack taxonomies for network security - Including case studies,” in 17th IEEE
International Conference on Networks (ICON).
Singapore: IEEE, 2011, pp. 281–286.
- [25] P. G. Neumann, “Computer system security
evaluation,” in 1978 National Computer Conference Proceedings (AFIPS Conference Proceedings), S. P. Ghosh and L. Y. Liu, Eds.
Anaheim, California: AFIPS Press, 1978, pp.
1087–1095.
- [26] A. Algirdas, J.-C. Laprie, B. Randell, and
C. Landwehr, “Basic Concepts and Taxonomy
of Dependable and Secure Computing,” IEEE
Transactions on Dependable and Secure Computing, vol. 1, no. 1, pp. 11–33, 2004.
- [27] G. Canbek and S. Sagiroglu, “Bilgisayar Sistemlerine Yapılan Saldırılar ve Turleri: Bir ¨
˙Inceleme {Attacks against Computer Systems
and Their Types: A Review Study},” Erciyes
Universitesi Fen Bilimleri Enstit ¨ us¨ u Dergisi ¨ ,
vol. 23, no. 1-2, pp. 1–12, 2007.
- [28] ——, “Kot¨ uc¨ ul ve Casus Yazılımlar: Kapsamlı ¨
bir Aras¸tırma {Malware and Spyware: A Comprehensive Review},” Journal of the Faculty of
Engineering and Architecture of Gazi University, vol. 22, no. 1, pp. 121–136, 2007.
- [29] K. Ivaturi and L. Janczewski, “A taxonomy
for social engineering attacks,” in International Conference on Information Resources
Management (CONF-IRM). AIS Electronic
Library (AISeL) CONF-IRM, 2011.
- [30] C. F. M. Foozy, R. Ahmad, M. F. Abdollah, R. Yusof, and M. Z. Mas’ud, “Generic
taxonomy of social engineering attack,” in
Malaysian Technical Universities International Conference on Engineering Technology
MUiCET 2011 (2011), 2011, pp. 527–533.
- [31] A. Amamra, C. Talhi, and J.-M. Robert,
“Smartphone malware detection: From a survey towards taxonomy,” in 7th International
Conference on Malicious and Unwanted Software (MALWARE). Fajardo, PR: IEEE, oct
2012, pp. 79–86.
- [32] C. F. M. Foozy, R. Ahmad, and M. F. Abdollah, “Phishing Detection Taxonomy for Mobile
Device,” International Journal of Computer
Science Issues (ISSN), vol. 10, no. 1, pp. 338–
344, 2013.
- [33] A. Algarni, Y. Xu, Taizan Chan, and Yu-Chu
Tian, “Social engineering in social networking sites: Affect-based model,” in Proceedings
of the 8th IEEE International Conference for
Internet Technology and Secured Transactions
(ICITST-2013), 2013, pp. 508–515.
- [34] A. Mylonas, “Explo(r—it)ing the User’s Exposure to Security and Privacy Threats in the
Smartphone Ecosystem,” Ph.D. Dissertation,
Athens University of Economics & Business,
2014.
- [35] R. Heartfield and G. Loukas, “A Taxonomy
of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks,” ACM Computing Surveys, vol. 48, no. 3,
p. 39, 2015.
- [36] C. W. Hanson, “Mobile devices in 2011,” in
Library Technology Reports, 2011, ch. 2, pp.
11–23.
- [37] “Eyes on the road,” 2014. [Online]. Available:
https://youtube.com/watch?v=R22WNkYKeo8
- [38] Y. Zhang, Z. Chen, and Y. Kang,
“Guaranteed Clicks: Mobile App Company
Takes Control of Android Phones,”
FireEye, Tech. Rep., 2015. [Online]. Available: https://www.fireeye.com/blog/threatresearch/2015/09/guaranteed clicksm.html
- [39] J. D. Aycock, Computer viruses and malware.
Springer, 2006.
- [40] M. Bailey, S.-P. Oriyano, and R. Shimonski,
“Dissection of a Client-side attack,” in Clientside attacks and Defense. Waltham,MA:
Syngress, 2012, ch. 2, p. 26.