310 likes | 506 Views
Mobile Handsets: A Panoramic Overview. Adam C. Champion and Dong Xuan Department of Computer Science & Engineering The Ohio State University. Outline. Introduction Mobile Handset Architecture Mobile Handset Operating Systems Networking Applications Mobile Handset Security.
E N D
Mobile Handsets: A Panoramic Overview Adam C. Champion and Dong Xuan Department of Computer Science & Engineering The Ohio State University
Outline • Introduction • Mobile Handset Architecture • Mobile Handset Operating Systems • Networking • Applications • Mobile Handset Security
Mobile Handset Definition • Mobile handsets (mobiles): electronic devices that provide services to users: • Internet • Games • Contacts • Form factors: tablets, smartphones, consoles • Mobile: your next computer system
Mobile Handsets: Business • Meteoric sales and growth: • Over 4 billion mobile phone users [1] • Over 5 billion mobile phone subscriptions [2] (some people have multiple phones) • Mobile handsets & industries: $5 trillion [3] • Mobile phones are replaced every 6 months in S. Korea (just phones) [4] • We can’t ignore these numbers • Note: mobiles are computer systems
What’s Inside a Mobile Handset? Source: [5]
Handsets use several hardware components: Microprocessor ROM RAM Digital signal processor Radio module Microphone and speaker Hardware interfaces LCD display Handset Architecture (1)
Handset Architecture (2) • Handsets store system data in electronically-erasable programmable read-only memory (EEPROM) • Mobile operators can reprogram phones without physical access to memory chips • OS is stored in ROM (nonvolatile memory) • Most handsets also include subscriber identity module (SIM) cards
Handset Microprocessors • Handsets use embedded processors • Intel, ARM architectures dominate market. Examples include: • BlackBerry 8700, uses Intel PXA901 chip [6] • iPhone 3G, uses Samsung ARM 1100 chip [7] • Low power use and code size are crucial [5] • Microprocessor vendors often package all the chip’s functionality in a single chip (package-on-package (PoP)) for maximum flexibility • Apple A4 uses a PoP design [10]
Example: iPhone 3G CPU • The iPhone: a real-world MH [7–9] • Runs on Samsung S3C6400 chip, supports ARM architecture • Highly modular architecture Source: [8]
Mobile Handset OSes (1) • Key mobile OSes: • Symbian OS • BlackBerry OS • Google Android • Apple iOS • Windows Phone 7 (formerly Windows Mobile) • Others include: • HP Palm webOS • Samsung bada Source: [11]
Mobile Handset OSes (2) • Symbian (^n) OS (ARM only) • Open-source (Nokia) • Multitasking • Programming: C++, Java ME, Python, Qt/HTML5 • BlackBerry OS (ARM) • Proprietary (RIM) • Multitasking • Many enterprise features • Programming: Java ME, Adobe AIR (tablet) • iPhone OS (ARM only) • Proprietary (Apple) • Multitasking • Multi-touch interface • Programming: Objective-C • Windows Phone 7 (ARM only) • Proprietary (Microsoft) • No multitasking • Programming: Silverlight/XNA, C#.NET/VB.NET • Android (ARM, x86, …) • Open-source • Multitasking • Programming: Java (Apache Harmony), scripts • Other OS features • Most require app code signing • Many support Adobe Flash/AIR, multitasking • ARM is predominant ISA
Handsets communicate with each other and with service providers via many networking technologies Two “classes” of these technologies: Cellular telephony Wireless networking Most handsets support both, some also support physical connections such as USB Mobile Handset Networking
Cellular Telephony Basics (1) • Many mobile handsets support cellular services • Cellular telephony is radio-based technology, radio waves propagated by antennas • Most cellular frequency bands: 800, 850, 900, 1800, 1900, 2100 MHz Source: [5]
Cellular Telephony Basics (2) • Cells, base stations • Space divided into cells, each has base station (tower, radio equipment) • Base stations coordinate so mobile users can access network • Move from one cell to another: handoff
Cellular Telephony Basics (3) • Statistical multiplexing • Time Division Multiple Access (TDMA) • Time & frequency band split into time slots • Each conversation gets the radio a fraction of the time • Frequency Division Multiple Access (FDMA) analogous
Wireless Networking (1) • Bluetooth (BT) • Frequency-hopping radio technology: hops among frequencies in 2.4 GHz band • Nearly ubiquitous on mobile handsets • Personal area networking: master device associate with ≤ 7 slave devices (piconet) • Pull model, not push model: • Master device publishes services • BT devices inquire for nearby devices, discover published services, connect to them • Latest version: 4.0; latest mobiles support 3.0 [12]
Wireless Networking (2) • WiFi (IEEE 802.11) • Variants: 802.11b, g, n, etc. • Radio technology for WLANs: 2.4, 3.6, 5 GHz • Some mobile handsets support WiFi, esp. premium • Two modes: infrastructure and ad hoc • Infrastructure: mobile stations communicate with deployed base stations, e.g., OSU Wireless • Ad hoc: mobile stations communicate with each other without infrastructure • Most mobiles support infrastructure mode
Mobile Handset Applications • Mobile apps span many categories, e.g.: • Games: Angry Birds, Assassin’s Creed, etc. • Multimedia: Pandora, Guitar Hero, etc. • Utilities: e-readers, password storage, etc. • Many apps are natively developed for one mobile OS, e.g., iOS, Android • Cross-platform native mobile apps can be developed via middleware, e.g., Rhodes [13], Titanium [14] • Can also build (HTML5) Web apps, e.g., Ibis Reader [15], Orbium [16] • We’ll discuss mobile app development next
Native Mobile App Development • Mobile apps can be developed natively for particular mobile handset OSes • iOS: Dashcode, Xcode; Mac only • Android: Eclipse; Win/Mac/Linux • Windows Phone: Visual Studio, XNA; Windows only • Symbian: Eclipse, NetBeans, Qt; Win/Mac/Linux • BlackBerry: Eclipse, Visual Studio; Win/Mac
Other Mobile App Development • Middleware • Rhodes: Ruby/HTML compiled for all mobile OSes • Titanium: HTML/JS + APIs compiled for iOS, Android • Still dependent on native SDK restrictions • Web development: HTML5, CSS, JS • Works on most mobile browsers • Can develop on many IDEs, Win/Mac/Linux • Biz: SMS/MMS/mobile network operators key
Business Opportunities • Virtually every mobile OS supports app sales via stores, e.g., iOS App Store, Android Market, Windows Marketplace • Devs sign up for accounts, download SDKs • Costs: $99/yr (iOS, Win), $25 once (Android) • http://developer.apple.com, http://market.android.com, http://create.msdn.com
People store much info on their mobiles “Smartphones are the new computers.…2 billion…will be deployed by 2013” – M.A.D. Partners [18] Handsets are targets for miscreants: Calls SMS/MMS messages E-mail Multimedia Calendars Contacts Phone billing system [18] Mobile Handset Security Issues
Handset Malware History (1) • Hackers are already attacking handsets • Most well-known case: a 17-year-old broke into Paris Hilton’s Sidekick handset [19] • Less well-known: worms, viruses, and Trojans have targeted handsets since 2004 • 2004: [20] • Cabir worm released by “29A,” targets Symbian phones via Bluetooth • Duts virus targets Windows Mobile phones • Brador Trojan opens backdoor on Windows Mobile [24]
Handset Malware History (2) • 2005: [21] • CommWarrior worm released; replicates via Bluetooth, MMS to all contacts • Doomboot Trojan released; claims to be “Doom 2” video game, installs Cabir and CommWarrior • 2006: [20, 21] • RedBrowser Trojan released; claims to be a Java program, secretly sends premium-rate SMS messages to a Russian phone number • FlexiSpy spyware released; sends log of phone calls, copies of SMS/MMS messages to Internet server for third party to view • 2008: [22] • First iPhone Trojan released • 2009–2010: iPhone “Rickrolling”, Android SMS malware, etc. • “The single biggest thing threatening any enterprise today on a security basis is mobile. Furthermore, mobile phone application stores are the greatest malware delivery system ever invented by man” – Robert Smith, CTO, M.A.D. Partners [18]
Key Handset Threats, Attacks • Info theft [23] • Transient info: user location • Static info: bluesnarfing attacks, WEP & WPA cracks [24] • Service/$ theft, e.g., premium-rate calls/SMS [23] • Denial-of-service attacks [23] • Flooding attacks overload handset radio with garbage • Power-draining attacks attempt to drain battery • Botnets and DoS attacks against networks [22, 25] • Exploiting the human factor • We’ll discuss risk management strategies
Risk Management Strategies • Organizations must: • Understand rapidly-evolving threatspace [18] • Understand applicable laws & regulations • Understand employee demand for handsets and balance this against the risk they pose • Institute CSO policies to achieve compliance (and get top management on board!) • Inform employees about policies (change mgmt) • Implement the policies with tech and people
Risk Management Tactics • To implement strategies, organizations must: • Decide whether to distribute handsets to employees for business purposes, allow use • Encrypt device data • Remote data wipe as needed • Procure, install anti-malware, firewall products • Require VPN use, strong passwords, inventory mgmt. • Monitor employee handset use to detect attacks • Educate employees about the threatspace, train them to treat handsets as any other computer system • Prevent, detect, and respond appropriately
Discussion and Questions Thank you
References [1] • Wireless Intelligence, “Snapshot: Global mobile connections surpass 5 billion milestone,” 8 Jul. 2010, https://www.wirelessintelligence.com/print/snapshot/100708.pdf • T. T. Ahonen, “5 - 4 - 3 - 2 - 1, as in Billions. What do these gigantic numbers mean?,” 6 Aug. 2010, http://communities-dominate.blogs.com • T. T. Ahonen, 29 Sep. 2010, http://untether.tv/ellb/?p=2227 • T. T. Ahonen, “When there is a mobile phone for half the planet: Understanding the biggest technology”, 16 Jan. 2008, http://communities-dominate.blogs.com/ brands/2008/01/when-there-is-a.html • J. L. Hennessy and D. A. Patterson, Computer Architecture: A Quantitative Approach, 4th ed., Elsevier, 2007 • Research in Motion, “BlackBerry 8700c Technical Specifications”, http://www.blackberry.com/products/pdfs/blackberry8700c_ent.pdf • R. Block, “iPhone processor found: 620MHz ARM CPU”, Engadget, 1 Jul. 2007, http://www.engadget.com/2007/07/01/iphone-processor-found-620mhz-arm/ • Samsung Semiconductor, “Product Technical Brief: S3C6400, Jun. 2007”, http://www.samsung.com/global/system/business/semiconductor/product/2007/8/21/661267ptb_s3c6400_rev15.pdf
References [2] • Wikipedia, “iPhone”, updated 15 Nov. 2008, http://en.wikipedia.org/wiki/Iphone • Wikipedia, “Apple A4”, updated 21 Oct. 2010, http://en.wikipedia.org/wiki/Apple_A4 • Gartner (12 August 2010). "Gartner Says Worldwide Mobile Device Sales Grew 13.8 Percent in Second Quarter of 2010, But Competition Drove Prices Down". Press release. http://www.gartner.com/it/page.jsp?id=1421013 • Wikipedia, “Samsung Galaxy S”, updated 21 Oct. 2010, http://en.wikipedia.org/wiki/Samsung_Galaxy_S • Rhomobile Inc., http://rhomobile.com/ • Appcelerator Inc., http://www.appcelerator.com/ • Ibis Reader LLC, http://ibisreader.com • Björn Nilsson, Orbium, http://jsway.se/m/ • Ericsson.Global mobile data traffic nearly triples in 1 year, 12 August 2010. http://www.ericsson.com/thecompany/press/releases/2010/08/1437680. • Georgia Tech Information Security Center, “Emerging Cyber Threat Reports 2011,” http://www.gtisc.gatech.edu/pdf/cyberThreatReport2011.pdf
References [3] • B. Krebs, “Teen Pleads Guilty to Hacking Paris Hilton’s Phone”, Washington Post, 13 Sep. 2005, http://www.washingtonpost.com/wp-dyn/content/article/2005/09/13/AR2005091301423_pf.html • D. Emm, “Mobile malware – new avenues”, Network Security, 2006:11, Nov. 2006, pp. 4–6 • M. Hypponen, “Malware Goes Mobile”, Scientific American, Nov. 2006, pp. 70–77, http://www.cs.virginia.edu/~robins/Malware_Goes_Mobile.pdf • PandaLabs, “PandaLabs Quarterly Report: January–March 2008”, http://pandalabs.pandasecurity.com/blogs/images/PandaLabs/2008/04/01/Quarterly_Report_PandaLabs_Q1_2008.pdf • D. Dagon et al., “Mobile Phones as Computing Devices: The Viruses are Coming!”, IEEE Pervasive Computing, Oct. – Dec. 2004, pp. 11–15 • G. Fleishman, “Battered, but not broken: understanding the WPA crack”, Ars Technica, 6 Nov. 2008, http://arstechnica.com/articles/paedia/wpa-cracked.ars • http://blog.mylookout.com/2010/12/geinimi_trojan/