Mobile computing is a main part of the daily activities of the modern day people. They use mobile devices to access communication technologies which give the internet facility from anywhere any time. Smartphone, tablets, laptops, mobile data storage devices, music players and GPS are some of the common devices used in mobile computing. Most of the latest trends like e-learning, e-commerce, and e-communication are engaged with mobile computing to increase the efficiency, productivity of the day to day functions. For most of the people, mobile computing is a main part of their lives. So, it’s better to know about the threats and issues related to mobile computing. When we are talking about threats/vulnerabilities, we should concern about the physical device, data, and the communication medium/ the channel.
DOS attacks (Denial of Service)
In here, the attacker’s intention is to prevent actual users accessing the connection/service. In order to do that, attackers create a huge traffic by sending large number of request to the server and server gets busy with giving responses to those requests instead of responding to the actual user’s request.
Eg: If “X” send a probe request to the Access Point (AP) and attacker needs to disrupt. So, the attacker send a new probe request to the AP by using X’s MAC address. Due to that, AP will drop X’s probe request and drop his connection and will response to the attacker’s fake request.
Attackers use the internet connection using a wormhole node and pretend as an Access Point (AP) to a user showing that it is the shortest path for the internet connection. So, the every packet transmitted through the AP can be captured and read by the attacker.
Attackers spy the conversation between the sender and the receiver and grab the authentication details. Then connect to the infrastructure for a while and re-transmit the content again pretending as the previous sender.
Malicious persons attack to the network connections by pretending as another user (using their IP address)
Attackers listen to the traffic flowing of the channel and capture packets and read data. Then they track locations and get access to the personnel information of the targeted users.
In simple terms it says getting illegal access to a conversation as a third party. Data sent from the client to an enterprise server is often unencrypted. So, it leads to eavesdrop on users’ sensitive communications.
Most of the software applications and hardware are interconnected synchronized. If a component infected with a malicious attack, then it affects to the other components automatically. So, the likelihood of expose to the risks is high.
Theft and loss
Because of the high usage and the portable size, misplacing mobile devices is a common issue in mobile computing. It may cause data loss and exposes private and confidential data to the unauthorized parties. Most of the mobile applications ask for login credentials when accessing. Because of the ease most of us store credentials and stay logged in for those mobile applications. So, in case of loss or theft, no more we are the owners of our data. Whoever the person gets our device can unauthorizedly access our device.
Malicious software (Malware)
It means any program or an application which can cause harm to the computer device or to the user. Virus, Worm, Trojans, Spyware are some of the examples for malware.
• Virus- A computer program which maliciously attached to a genuine program and make duplicates of itself and spread them among other programs and infect them by modifying data of those program files
• Worm- A standalone computer program which can make an exact copy of itself and spread among other computers
• Trojans- it’s a kind of malware which can use to hack into the computer by giving wrong idea or the impression. Then the attackers can access personal data like passwords, banking information
• Spyware- A software which is attached to the genuine software or hidden inside the genuine software without knowing the user in order to steal information of the user
In here an attacker controls the device as a source of data and obtained data by device itself
Malicious codes which can establish in the mobile device and then gradually reach to other components of the network.