- Internal Code :
- Subject Code :
- University :
- Subject Name : IT Computer Science
Comparative Analysis of Security Techniques in Mobile Operating System
Abstract on Network Security Analysis of Linux Operating System
These days' Mobile phones are more in demand as our daily work depends on it. Mobile technology brings a significant change in our life. In mobile phones, Security management plays an essential role. If the discussion goes on about the working efficiency of any mobile device then the three functionality- Security, Memory, and Performance has come into the picture as all these elements rely on their operating system (OS). The three most general Operating systems in mobile phones are Windows, iOS, and Android. All these Operating systems have their way of regulating the security system in certain mobile applications. A lot of research approaches have been taken to develop new techniques to regulate the security systems of these OS‟s. In this work project, overall comparative analysis of security system software in mobile phone operating systems have been discussed [9]. This discussion will help in discovering a better operating system that manages the security system efficiently. At present, about 96% of the Android phone does not have pre-installed security system software. This absence of a security system gives a chance to cyber attackers to hack into different types of mobile devices. Unfortunately, this becomes convenient for a malicious cyber attacker to access your data. In this project, systematic analysis of technical issues creating in designing the secure mobile device platforms against several threats will be discussed.
Outline of the Proposed Research
In the view of security, several types of the operating system have different techniques for securing the data in mobile phones. At present, the main problem is to provide security features in mobile phones [4]. All these problems are creating due to the less attention given by the developers while designing the operating system in mobile phones. Some of the people discover the flaws and attacks on mobile phones for different reasons such as for sneaking details, personal data, login details saved in mobile phones, network information, etc. Some of the applications are specially created to attack particular operating systems of mobile devices. Mostly these kinds of apps are the third party application. At particular intervals, these apps alter the default settings of the system which play an important role to provide security in mobile devices [5]. So this research does the comparative analysis of security problems in various kinds of operating systems in hand handle devices.
Background of Network Security Analysis of Linux Operating System
Security in Android-In Android phones, Dalvik Virtual Machine is responsible for dealing with the security issue that has been created in their operating system [5]. In Dalvik Virtual Machine, no application assured to execute any function that would malicious for any other operating system and applications. This method is dynamically applied using Dalvik Virtual Machine and the basic platform of Linux with the help of UNIX user identifiers and file permission. Unexpectedly, countless Linux Desktop operating systems, where apps from the same person perform their task with the same person ID, and every app implement its virtual machine in a distinct technique with its user ID. This certainly specifies that the applications in Android phones cannot retrieve the information from others. But still, there are chances of being attacked by some unknown source due to its open software availability [6].
Security in iOS -iPhone provides several application programming interfaces to control the security issues for the developers. To design the security features iPhone operating system used Berkeley System Distribution and Content Delivery & Security Association Architecture (CDSA) [1]. Kernel of BSD which is based on the UNIX operating system designed the low-level features like file permissions in iPhone and high-level features for authentication and encryption are provided by CDSA. SCDA is not directly accessible because it does not accompany the level of MAC programming [5], however, it is an open-source standard. The whole system may be compromised when some security issue is found in the application. This characteristic creates a difference between iOS and other mobile operating systems.
Security in Windows-In windows, developers have full rights to create the apps using a low-level application programming interface. In the context of security, the created applications are shielded and not obstructing the process of the system. The application is not permitted to approach directly at the process space of another application process [2]. But when needed then through the DLL injection technique it can be accessible. By default, process space is developed as shielded from application error. But it is not sufficient to secure applications from dangerous applications. There will be a limitation if there is a new operation start as a trusted process. Although before authentication is permitted the applications which retrieve the trusted APIs likely need to be signed but this method relies on the designed security draft.
Purpose
The main purpose of this research proposal is to design a secure mobile operating system that protects user's privacy. Research is conducted to investigate the security features of different mobile operating systems. Three mobile operating system-Windows, iOS, and Android have been investigated for the design of the secure proposed architecture of the mobile operating system.
Goals
The main aim of this project is to find solutions for different security challenges of the mobile operating systems in the market and to design and implement a secure architecture.
Rationale
As per the review, about 69% of the end-users thinks that mobile phones provide a present threat to the banking & corporate sector, where 21% of the people think that it can present a threat in near future. Two major trouble has come into the picture [9]
- Loss of mobile device that could be at risk due to the information and data stored on it
- The network is at risk by a corrupted device being inserted.
To understand the effect of the absence of mobile device security it is required to do this research.
Research Topic & Central Research Question
Research Topic
To do the comparative analysis of security techniques in mobile operating systems so that a more secure mobile operating system architecture can be design.
Central Research Question
What countermeasures should be taken by a developer to design a secure architecture for mobile operating systems?
Methodological Approach
Several methodologies are ready for use to describe the design flow of research. For analyzing the data this study will follow the steps as shown in Fig 1. Here is the initial representation of doing a survey of current mobile operating systems in the market. Then survey the user perception on mobile, based on the security features. Then ask for some recommendations on it to improve the security mechanism of mobile. Then check for security features implemented.
Based on these discussions and reviews then finalize the better operating system in terms of security and performance.
Based on these discussion and reviews then finalize the better operating system in term of security and performance.
Research Design
This section describes our methodologies for collecting the data for research. Our approach is to conduct the Survey of the latest mobile operating systems, qualitative, and statistical analysis of research. This approach helps us to understand the user's risk perception towards adopting the various security features of a smartphone. This study helps us to learn about the difficulties that the user is facing while dealing with the security system of smartphones.
Survey of Latest mobile operating system-The research methodology of the survey helps us to investigate different kinds of malware activities in mobile operating systems.
Qualitative analysis through interview approach-In this, a sample of smartphone users from different backgrounds will be selected for interview sessions to identify the factors that are responsible for making the decisions of smartphone users to adopt the various risk associated security features of mobile phones. Some of the security features are location services, mobile messenger app, application repositories, public Wi-Fi networks, Galleries, and Camera Applications [9].
Statistical Analysis- Several operating systems are currently available in the market. As the latest operating systems are used mostly by the users as all operating systems compete to add new attributes and achieving a major role in the market [2]
Design of Research Experiment
The threats for hand handle devices and their countermeasures are based on a literature survey of the latest mobile security system. After deeply analyze the issues related to the usability and their effect on the defined technical procedure form a basis for describing the identified specific open issue of designing a connected channel between the end-user and information assistant [6]. At last, an architecture for secure hand handle devices is suggested that label most of the security hazards while taking into consideration the constraint created by usability issues.
An Architecture for Secure Mobile Devices
To design a secure hand handle device it is necessary to outline the missing technical fragment as shown in Fig 2. Due to the inherent code complexity, even the operating system like Android which is an open-source software cannot be considered as sufficiently secured. To design the secure user interface a small portion of the operating system can be separated from the main operating system through the techniques of virtualization hinged on the support of software (hypervisor) and hardware [3]. Still, these two elements are not available openly. Even though Mobicore seeks to design such a protective user interface relay on hardware hypervisor like ARM trust zone. Not a single feature of it is available openly so in this way first security problem has already been uncovered. All these technical elements resolve a few security threats [11].
Proposed Architecture
For a proposed architecture the following parts of software requirements to be attached or expanded: The main element is virtualization and Xen is the only software solution for this, generally virtual machines need the support of CPU and hardware [3]. Additionally to managing entry to computation and memory, the hypervisor software will also require to manage entry to touch screen and wireless radio.
- As mentioned above, the touch screen is not enough to stipulate to the end-user when the active virtual guests are present. A much secure indicator in the configuration of LEDs is required that is under the command of hypervisor software and cannot be altered by any of the mobile operating systems [11]
- To confirm that the virtual machine controller is managing the touch screen, radios, and the main CPU in the right way then it is necessary to verify the boot up [9]. The secure process of boot up is controlled by the embedded smart card because it is the only reliable hardware available when a mobile device is turned on
- A secure OS has played a major role in providing the reliable interaction of user through the touch screen and act as a link between backend services and applet. Even though such a safe operating system is very compact to reduce the surface attack but still to minimize the attack the high-level programming languages with run-time checks should be used[8]
- An applet manager is needed to hold up the installation and control the applets of third-party on the single smart card chip [11]. The applet manager should analytically interface only with the reliable mobile operating system
- Typical encryption of bulk storage like flash memory is required to be managed by the hypervisor software to uphold distinct encryption keys for various area of security[6]
- Mandatory access control should be utilized in every section of the standard OS case to limit the third-party applications in a superior way and reduce the surface attack. Although strong recommendations are that do not depend on this solution for the overall security of the operating system [7]
- Biometric authentication recognizes the end user. Preferably, the essential templates of biometric should be stored and fixed in applets continue to run on the embedded smart card which can then move on the testament function to the software named hypervisor for permitting or rejecting a shift to some other security area[10]
- To validate transmission with other mobile devices over channels of wireless communication, the sensor installed device validation can be used to help the end-users in confirming which mobile devices they are communicating with [11]
Taking into consideration the above points, an architecture for secure mobile devices is proposed as shown in Fig 3.
Contributions
There are three major contributions in this research proposal.
- The first contribution is a rigorous literature review that describes security issues for mobile devices [1]
- The second major contribution is a security enhancement framework that utilized the proposed architecture to provide users delightful control over their security system [2]
- This work will elongate to impart a complete execution of architecture, advancement to the combination of the framework, and detecting from estimating various open-source applications[9]
- Lastly, the third contribution is to attach better virtualization techniques that support a more advanced combination of embedded smart cards with secure user interface elements and secure boot verification [3]. The major concern is how to implement the user interaction in such a way that the user knows which part of the application they are dealing with.
The contribution presented within this proposed research solves the problem of providing an enhanced security system
Proposed Time Schedule
|
Task Description |
Project Months |
|||||||||||
|
Continue review of current literature, intense background |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
|
Collecting information from site |
X |
X |
X |
|||||||||
|
Analysis and implementation, simulation of the project |
X |
X |
X |
X |
||||||||
|
Writing and revising the report |
X |
X |
X |
X |
X |
X |
||||||
|
Preparation for conferences and publications |
x |
x |
x |
x |
||||||||
References for Network Security Analysis of Linux Operating System
[1]J. Philip and M. Raju, "An Overview About the Security Architecture of the Mobile Operating System iOS", Indian Journal of Computer Science, vol. 4, no. 1, p. 13, 2019. Available: 10.17010/ijcs/2019/v4/i1/142412.
[2]S. Koley, "Security Architecture with Mobile Cloud in CDroid Operating System for Big Data", SSRN Electronic Journal, 2015. Available: 10.2139/ssrn.2873687.
[3]S. Wessel, M. Huber, F. Stumpf and C. Eckert, "Improving mobile device security with operating system-level virtualization", Computers & Security, vol. 52, pp. 207-220, 2015. Available: 10.1016/j.cose.2015.02.005.
[4]X. YANG, "Analysis of risk evaluation techniques on information system security", Journal of Computer Applications, vol. 28, no. 8, pp. 1920-1923, 2008. Available: 10.3724/sp.j.1087.2008.01920.
[5]R. ., "A Comparative Analysis of mobile Operating Systems", International Journal of Computer Sciences and Engineering, vol. 6, no. 12, pp. 69-73, 2018. Available: 10.26438/ijcse/v6i12.6973.
[6]A. Vivek Chandra, K. Harish Kumar, M. Chaithanya, P. P. and M. Patil, "Database Design Approaches for Secure Storage on Mobile Devices", International Journal of Future Computer and Communication, vol. 4, no. 2, pp. 130-135, 2015. Available: 10.7763/ijfcc.2015.v4.371.
[7]Y. Cui and Y. Zhang, "The Network Security Analysis of Linux Operating System", Advanced Materials Research, vol. 998-999, pp. 1274-1277, 2014. Available: 10.4028/www.scientific.net/amr.998-999.1274.
[8]P. Hopkins, "Operating System Security", Engineering & Technology Reference, 2015. Available: 10.1049/etr.2014.0035.
[9]K. Curran, V. Maynes and D. Harkin, "Mobile device security", International Journal of Information and Computer Security, vol. 7, no. 1, p. 1, 2015. Available: 10.1504/ijics.2015.069205.
[10]T. Neal and D. Woodard, "Surveying Biometric Authentication for Mobile Device Security", Journal of Pattern Recognition Research, vol. 11, no. 1, pp. 74-110, 2016. Available: 10.13176/11.764.
[11]R. Mayrhofer, "An architecture for secure mobile devices", Security and Communication Networks, vol. 8, no. 10, pp. 1958-1970, 2014. Available: 10.1002/sec.1028.
Remember, at the center of any academic work, lies clarity and evidence. Should you need further assistance, do look up to our Computer Science Assignment Help