Security

Vulnerabilities and threats of mobile computing

vulnerability

Mobile computing is a main part of the daily activities of the modern day people. They use mobile devices to access communication technologies which give the internet facility from anywhere any time. Smartphone, tablets, laptops, mobile data storage devices, music players and GPS are some of the common devices used in mobile computing. Most of the latest trends like e-learning, e-commerce, and e-communication are engaged with mobile computing to increase the efficiency, productivity of the day to day functions. For most of the people, mobile computing is a main part of their lives. So, it’s better to know about the threats and issues related to mobile computing. When we are talking about threats/vulnerabilities, we should concern about the physical device, data, and the communication medium/ the channel.

DOS attacks (Denial of Service)

In here, the attacker’s intention is to prevent actual users accessing the connection/service. In order to do that, attackers create a huge traffic by sending large number of request to the server and server gets busy with giving responses to those requests instead of responding to the actual user’s request.

Eg: If “X” send a probe request to the Access Point (AP) and attacker needs to disrupt. So, the attacker send a new probe request to the AP by using X’s MAC address. Due to that, AP will drop X’s probe request and drop his connection and will response to the attacker’s fake request.

Wormhole attacks

Attackers use the internet connection using a wormhole node and pretend as an Access Point (AP) to a user showing that it is the shortest path for the internet connection. So, the every packet transmitted through the AP can be captured and read by the attacker.

wormhole

Replay attacks

Attackers spy the conversation between the sender and the receiver and grab the authentication details. Then connect to the infrastructure for a while and re-transmit the content again pretending as the previous sender.

Spoofing

Malicious persons attack to the network connections by pretending as another user (using their IP address)

Traffic analysis

Attackers listen to the traffic flowing of the channel and capture packets and read data. Then they track locations and get access to the personnel information of the targeted users.

Eavesdropping

In simple terms it says getting illegal access to a conversation as a third party. Data sent from the client to an enterprise server is often unencrypted. So, it leads to eavesdrop on users’ sensitive communications.

High dependency

Most of the software applications and hardware are interconnected synchronized. If a component infected with a malicious attack, then it affects to the other components automatically. So, the likelihood of expose to the risks is high.

Theft and loss

Because of the high usage and the portable size, misplacing mobile devices is a common issue in mobile computing. It may cause data loss and exposes private and confidential data to the unauthorized parties. Most of the mobile applications ask for login credentials when accessing. Because of the ease most of us store credentials and stay logged in for those mobile applications. So, in case of loss or theft, no more we are the owners of our data. Whoever the person gets our device can unauthorizedly access our device.

Malicious software (Malware)

It means any program or an application which can cause harm to the computer device or to the user. Virus, Worm, Trojans, Spyware are some of the examples for malware.

Virus- A computer program which maliciously attached to a genuine program and make duplicates of itself and spread them among other programs and infect them by modifying data of those program files
Worm- A standalone computer program which can make an exact copy of itself and spread among other computers
Trojans- it’s a kind of malware which can use to hack into the computer by giving wrong idea or the impression. Then the attackers can access personal data like passwords, banking information
Spyware- A software which is attached to the genuine software or hidden inside the genuine software without knowing the user in order to steal information of the user

Pull attacks

In here an attacker controls the device as a source of data and obtained data by device itself

Push attacks

Malicious codes which can establish in the mobile device and then gradually reach to other components of the network.

Advertisements

2 thoughts on “Vulnerabilities and threats of mobile computing

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s