1 / 31

Mobile Handsets: A Panoramic Overview

Mobile Handsets: A Panoramic Overview. Adam C. Champion and Dong Xuan Department of Computer Science & Engineering The Ohio State University. Outline. Introduction Mobile Handset Architecture Mobile Handset Operating Systems Networking Applications Mobile Handset Security.

prisca
Download Presentation

Mobile Handsets: A Panoramic Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Mobile Handsets: A Panoramic Overview Adam C. Champion and Dong Xuan Department of Computer Science & Engineering The Ohio State University

  2. Outline • Introduction • Mobile Handset Architecture • Mobile Handset Operating Systems • Networking • Applications • Mobile Handset Security

  3. Mobile Handset Definition • Mobile handsets (mobiles): electronic devices that provide services to users: • Internet • Games • Contacts • Form factors: tablets, smartphones, consoles • Mobile: your next computer system

  4. Mobile Handsets: Business • Meteoric sales and growth: • Over 4 billion mobile phone users [1] • Over 5 billion mobile phone subscriptions [2] (some people have multiple phones) • Mobile handsets & industries: $5 trillion [3] • Mobile phones are replaced every 6 months in S. Korea (just phones) [4] • We can’t ignore these numbers • Note: mobiles are computer systems

  5. What’s Inside a Mobile Handset? Source: [5]

  6. Handsets use several hardware components: Microprocessor ROM RAM Digital signal processor Radio module Microphone and speaker Hardware interfaces LCD display Handset Architecture (1)

  7. Handset Architecture (2) • Handsets store system data in electronically-erasable programmable read-only memory (EEPROM) • Mobile operators can reprogram phones without physical access to memory chips • OS is stored in ROM (nonvolatile memory) • Most handsets also include subscriber identity module (SIM) cards

  8. Handset Microprocessors • Handsets use embedded processors • Intel, ARM architectures dominate market. Examples include: • BlackBerry 8700, uses Intel PXA901 chip [6] • iPhone 3G, uses Samsung ARM 1100 chip [7] • Low power use and code size are crucial [5] • Microprocessor vendors often package all the chip’s functionality in a single chip (package-on-package (PoP)) for maximum flexibility • Apple A4 uses a PoP design [10]

  9. Example: iPhone 3G CPU • The iPhone: a real-world MH [7–9] • Runs on Samsung S3C6400 chip, supports ARM architecture • Highly modular architecture Source: [8]

  10. Mobile Handset OSes (1) • Key mobile OSes: • Symbian OS • BlackBerry OS • Google Android • Apple iOS • Windows Phone 7 (formerly Windows Mobile) • Others include: • HP Palm webOS • Samsung bada Source: [11]

  11. Mobile Handset OSes (2) • Symbian (^n) OS (ARM only) • Open-source (Nokia) • Multitasking • Programming: C++, Java ME, Python, Qt/HTML5 • BlackBerry OS (ARM) • Proprietary (RIM) • Multitasking • Many enterprise features • Programming: Java ME, Adobe AIR (tablet) • iPhone OS (ARM only) • Proprietary (Apple) • Multitasking • Multi-touch interface • Programming: Objective-C • Windows Phone 7 (ARM only) • Proprietary (Microsoft) • No multitasking • Programming: Silverlight/XNA, C#.NET/VB.NET • Android (ARM, x86, …) • Open-source • Multitasking • Programming: Java (Apache Harmony), scripts • Other OS features • Most require app code signing • Many support Adobe Flash/AIR, multitasking • ARM is predominant ISA

  12. Handsets communicate with each other and with service providers via many networking technologies Two “classes” of these technologies: Cellular telephony Wireless networking Most handsets support both, some also support physical connections such as USB Mobile Handset Networking

  13. Cellular Telephony Basics (1) • Many mobile handsets support cellular services • Cellular telephony is radio-based technology, radio waves propagated by antennas • Most cellular frequency bands: 800, 850, 900, 1800, 1900, 2100 MHz Source: [5]

  14. Cellular Telephony Basics (2) • Cells, base stations • Space divided into cells, each has base station (tower, radio equipment) • Base stations coordinate so mobile users can access network • Move from one cell to another: handoff

  15. Cellular Telephony Basics (3) • Statistical multiplexing • Time Division Multiple Access (TDMA) • Time & frequency band split into time slots • Each conversation gets the radio a fraction of the time • Frequency Division Multiple Access (FDMA) analogous

  16. Wireless Networking (1) • Bluetooth (BT) • Frequency-hopping radio technology: hops among frequencies in 2.4 GHz band • Nearly ubiquitous on mobile handsets • Personal area networking: master device associate with ≤ 7 slave devices (piconet) • Pull model, not push model: • Master device publishes services • BT devices inquire for nearby devices, discover published services, connect to them • Latest version: 4.0; latest mobiles support 3.0 [12]

  17. Wireless Networking (2) • WiFi (IEEE 802.11) • Variants: 802.11b, g, n, etc. • Radio technology for WLANs: 2.4, 3.6, 5 GHz • Some mobile handsets support WiFi, esp. premium • Two modes: infrastructure and ad hoc • Infrastructure: mobile stations communicate with deployed base stations, e.g., OSU Wireless • Ad hoc: mobile stations communicate with each other without infrastructure • Most mobiles support infrastructure mode

  18. Mobile Handset Applications • Mobile apps span many categories, e.g.: • Games: Angry Birds, Assassin’s Creed, etc. • Multimedia: Pandora, Guitar Hero, etc. • Utilities: e-readers, password storage, etc. • Many apps are natively developed for one mobile OS, e.g., iOS, Android • Cross-platform native mobile apps can be developed via middleware, e.g., Rhodes [13], Titanium [14] • Can also build (HTML5) Web apps, e.g., Ibis Reader [15], Orbium [16] • We’ll discuss mobile app development next

  19. Native Mobile App Development • Mobile apps can be developed natively for particular mobile handset OSes • iOS: Dashcode, Xcode; Mac only • Android: Eclipse; Win/Mac/Linux • Windows Phone: Visual Studio, XNA; Windows only • Symbian: Eclipse, NetBeans, Qt; Win/Mac/Linux • BlackBerry: Eclipse, Visual Studio; Win/Mac

  20. Other Mobile App Development • Middleware • Rhodes: Ruby/HTML compiled for all mobile OSes • Titanium: HTML/JS + APIs compiled for iOS, Android • Still dependent on native SDK restrictions • Web development: HTML5, CSS, JS • Works on most mobile browsers • Can develop on many IDEs, Win/Mac/Linux • Biz: SMS/MMS/mobile network operators key

  21. Business Opportunities • Virtually every mobile OS supports app sales via stores, e.g., iOS App Store, Android Market, Windows Marketplace • Devs sign up for accounts, download SDKs • Costs: $99/yr (iOS, Win), $25 once (Android) • http://developer.apple.com, http://market.android.com, http://create.msdn.com

  22. People store much info on their mobiles “Smartphones are the new computers.…2 billion…will be deployed by 2013” – M.A.D. Partners [18] Handsets are targets for miscreants: Calls SMS/MMS messages E-mail Multimedia Calendars Contacts Phone billing system [18] Mobile Handset Security Issues

  23. Handset Malware History (1) • Hackers are already attacking handsets • Most well-known case: a 17-year-old broke into Paris Hilton’s Sidekick handset [19] • Less well-known: worms, viruses, and Trojans have targeted handsets since 2004 • 2004: [20] • Cabir worm released by “29A,” targets Symbian phones via Bluetooth • Duts virus targets Windows Mobile phones • Brador Trojan opens backdoor on Windows Mobile [24]

  24. Handset Malware History (2) • 2005: [21] • CommWarrior worm released; replicates via Bluetooth, MMS to all contacts • Doomboot Trojan released; claims to be “Doom 2” video game, installs Cabir and CommWarrior • 2006: [20, 21] • RedBrowser Trojan released; claims to be a Java program, secretly sends premium-rate SMS messages to a Russian phone number • FlexiSpy spyware released; sends log of phone calls, copies of SMS/MMS messages to Internet server for third party to view • 2008: [22] • First iPhone Trojan released • 2009–2010: iPhone “Rickrolling”, Android SMS malware, etc. • “The single biggest thing threatening any enterprise today on a security basis is mobile. Furthermore, mobile phone application stores are the greatest malware delivery system ever invented by man” – Robert Smith, CTO, M.A.D. Partners [18]

  25. Key Handset Threats, Attacks • Info theft [23] • Transient info: user location • Static info: bluesnarfing attacks, WEP & WPA cracks [24] • Service/$ theft, e.g., premium-rate calls/SMS [23] • Denial-of-service attacks [23] • Flooding attacks overload handset radio with garbage • Power-draining attacks attempt to drain battery • Botnets and DoS attacks against networks [22, 25] • Exploiting the human factor • We’ll discuss risk management strategies

  26. Risk Management Strategies • Organizations must: • Understand rapidly-evolving threatspace [18] • Understand applicable laws & regulations • Understand employee demand for handsets and balance this against the risk they pose • Institute CSO policies to achieve compliance (and get top management on board!) • Inform employees about policies (change mgmt) • Implement the policies with tech and people

  27. Risk Management Tactics • To implement strategies, organizations must: • Decide whether to distribute handsets to employees for business purposes, allow use • Encrypt device data • Remote data wipe as needed • Procure, install anti-malware, firewall products • Require VPN use, strong passwords, inventory mgmt. • Monitor employee handset use to detect attacks • Educate employees about the threatspace, train them to treat handsets as any other computer system • Prevent, detect, and respond appropriately

  28. Discussion and Questions Thank you

  29. References [1] • Wireless Intelligence, “Snapshot: Global mobile connections surpass 5 billion milestone,” 8 Jul. 2010, https://www.wirelessintelligence.com/print/snapshot/100708.pdf • T. T. Ahonen, “5 - 4 - 3 - 2 - 1, as in Billions. What do these gigantic numbers mean?,” 6 Aug. 2010, http://communities-dominate.blogs.com • T. T. Ahonen, 29 Sep. 2010, http://untether.tv/ellb/?p=2227 • T. T. Ahonen, “When there is a mobile phone for half the planet: Understanding the biggest technology”, 16 Jan. 2008, http://communities-dominate.blogs.com/ brands/2008/01/when-there-is-a.html • J. L. Hennessy and D. A. Patterson, Computer Architecture: A Quantitative Approach, 4th ed., Elsevier, 2007 • Research in Motion, “BlackBerry 8700c Technical Specifications”, http://www.blackberry.com/products/pdfs/blackberry8700c_ent.pdf • R. Block, “iPhone processor found: 620MHz ARM CPU”, Engadget, 1 Jul. 2007, http://www.engadget.com/2007/07/01/iphone-processor-found-620mhz-arm/ • Samsung Semiconductor, “Product Technical Brief: S3C6400, Jun. 2007”, http://www.samsung.com/global/system/business/semiconductor/product/2007/8/21/661267ptb_s3c6400_rev15.pdf

  30. References [2] • Wikipedia, “iPhone”, updated 15 Nov. 2008, http://en.wikipedia.org/wiki/Iphone • Wikipedia, “Apple A4”, updated 21 Oct. 2010, http://en.wikipedia.org/wiki/Apple_A4 • Gartner (12 August 2010). "Gartner Says Worldwide Mobile Device Sales Grew 13.8 Percent in Second Quarter of 2010, But Competition Drove Prices Down". Press release. http://www.gartner.com/it/page.jsp?id=1421013 • Wikipedia, “Samsung Galaxy S”, updated 21 Oct. 2010, http://en.wikipedia.org/wiki/Samsung_Galaxy_S • Rhomobile Inc., http://rhomobile.com/ • Appcelerator Inc., http://www.appcelerator.com/ • Ibis Reader LLC, http://ibisreader.com • Björn Nilsson, Orbium, http://jsway.se/m/ • Ericsson.Global mobile data traffic nearly triples in 1 year, 12 August 2010. http://www.ericsson.com/thecompany/press/releases/2010/08/1437680. • Georgia Tech Information Security Center, “Emerging Cyber Threat Reports 2011,” http://www.gtisc.gatech.edu/pdf/cyberThreatReport2011.pdf

  31. References [3] • B. Krebs, “Teen Pleads Guilty to Hacking Paris Hilton’s Phone”, Washington Post, 13 Sep. 2005, http://www.washingtonpost.com/wp-dyn/content/article/2005/09/13/AR2005091301423_pf.html • D. Emm, “Mobile malware – new avenues”, Network Security, 2006:11, Nov. 2006, pp. 4–6 • M. Hypponen, “Malware Goes Mobile”, Scientific American, Nov. 2006, pp. 70–77, http://www.cs.virginia.edu/~robins/Malware_Goes_Mobile.pdf • PandaLabs, “PandaLabs Quarterly Report: January–March 2008”, http://pandalabs.pandasecurity.com/blogs/images/PandaLabs/2008/04/01/Quarterly_Report_PandaLabs_Q1_2008.pdf • D. Dagon et al., “Mobile Phones as Computing Devices: The Viruses are Coming!”, IEEE Pervasive Computing, Oct. – Dec. 2004, pp. 11–15 • G. Fleishman, “Battered, but not broken: understanding the WPA crack”, Ars Technica, 6 Nov. 2008, http://arstechnica.com/articles/paedia/wpa-cracked.ars • http://blog.mylookout.com/2010/12/geinimi_trojan/

More Related