Accession Number : ADA589631


Title :   CrossTalk. The Journal of Defense Software Engineering. Volume 25, Number 2


Descriptive Note : Journal


Corporate Author : OGDEN AIR LOGISTICS CENTER HILL AFB UT SOFTWARE MAINTENANCE SQUADRON (517)


Personal Author(s) : Hill, Justin T


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a589631.pdf


Report Date : Apr 2012


Pagination or Media Count : 41


Abstract : Malware has begun infecting the mobile world. Several studies [1, 2] have been conducted showing how mobile malware is exploiting the online world. Android malware infections are exploding as compared to iPhone. The primary reason is that Android is an open source platform where as iPhone s iOS is closed. Our target is to discuss the potential possibilities of malware occurrence in iPhone devices. In spite of the iPhone s strong security platform, malware is making inroads. However, successful iPhone exploitation depends on several factors. As we know, Apple has implemented several security barricades in order to secure the iPhone environment aided by tight control of their app market. Apple considers iPhones marginalized by the jailbreaking process as unsecure since all the inherent protection mechanisms have been circumvented by the attacker. Is it possible to write a malicious application that may not exploit security vulnerability, but can still perform some spyware activity? The answer is yes. This is possible in certain scenarios where a malicious application can be designed to bypass Apple s application review process to execute illegitimate operations on an user s iPhone. In this paper, we discuss practical scenarios and effective techniques that can be used to host malicious applications on non-jailbroken Apple iPhones.


Descriptors :   *MOBILE , *SOFTWARE ENGINEERING , ENVIRONMENTS , GLOBAL , INFECTIOUS DISEASES , PROTECTION , SECURITY


Subject Categories : Computer Programming and Software


Distribution Statement : APPROVED FOR PUBLIC RELEASE