Mobile Handsets: A Panoramic Overview
advertisement
Mobile Handsets: A Panoramic Overview Adam C. Champion and Dong Xuan Department of Computer Science & Engineering The Ohio State University January 6, 2011 Outline • • • • • • Introduction Mobile Handset Architecture Mobile Handset Operating Systems Networking Applications Mobile Handset Security Mobile Handset Definition • Mobile handsets (mobiles): electronic devices that provide services to users: – Internet – Games – Contacts • Form factors: tablets, smartphones, consoles • Mobile: your next computer system Mobile Handsets: Business • Meteoric sales and growth: – Over 4 billion mobile phone users [1] – Over 5 billion mobile phone subscriptions [2] (some people have multiple phones) – Mobile handsets & industries: $5 trillion [3] • Mobile phones are replaced every 6 months in S. Korea (just phones) [4] • We can’t ignore these numbers • Note: mobiles are computer systems What’s Inside a Mobile Handset? Source: [5] Handset Architecture (1) • Handsets use several hardware components: – – – – – – – – Microprocessor ROM RAM Digital signal processor Radio module Microphone and speaker Hardware interfaces LCD display Handset Architecture (2) • Handsets store system data in electronically-erasable programmable read-only memory (EEPROM) – Mobile operators can reprogram phones without physical access to memory chips • OS is stored in ROM (nonvolatile memory) • Most handsets also include subscriber identity module (SIM) cards Handset Microprocessors • Handsets use embedded processors – Intel, ARM architectures dominate market. Examples include: • BlackBerry 8700, uses Intel PXA901 chip [6] • iPhone 3G, uses Samsung ARM 1100 chip [7] – Low power use and code size are crucial [5] – Microprocessor vendors often package all the chip’s functionality in a single chip (packageon-package (PoP)) for maximum flexibility – Apple A4 uses a PoP design [10] Example: iPhone 3G CPU • The iPhone: a real-world MH [7–9] – Runs on Samsung S3C6400 chip, supports ARM architecture – Highly modular architecture Source: [8] Mobile Handset OSes (1) • Key mobile OSes: – – – – – Symbian OS BlackBerry OS Google Android Apple iOS Windows Phone 7 (formerly Windows Mobile) • Others include: – HP Palm webOS – Samsung bada Source: [11] Mobile Handset OSes (2) • Symbian (^n) OS (ARM only) – Open-source (Nokia) – Multitasking – Programming: C++, Java ME, Python, Qt/HTML5 • BlackBerry OS (ARM) – – – – Proprietary (RIM) Multitasking Many enterprise features Programming: Java ME, Adobe AIR (tablet) • iPhone OS (ARM only) – – – – Proprietary (Apple) Multitasking Multi-touch interface Programming: Objective-C • Windows Phone 7 (ARM only) – Proprietary (Microsoft) – No multitasking – Programming: Silverlight/XNA, C#.NET/VB.NET • Android (ARM, x86, …) – Open-source – Multitasking – Programming: Java (Apache Harmony), scripts • Other OS features – Most require app code signing – Many support Adobe Flash/AIR, multitasking – ARM is predominant ISA Mobile Handset Networking • Handsets communicate with each other and with service providers via many networking technologies • Two “classes” of these technologies: – Cellular telephony – Wireless networking • Most handsets support both, some also support physical connections such as USB Cellular Telephony Basics (1) • Many mobile handsets support cellular services • Cellular telephony is radio-based technology, radio waves propagated by antennas • Most cellular frequency bands: 800, 850, 900, 1800, 1900, 2100 MHz Source: [5] Cellular Telephony Basics (2) • Cells, base stations – Space divided into cells, each has base station (tower, radio equipment) – Base stations coordinate so mobile users can access network – Move from one cell to another: handoff Cellular Telephony Basics (3) • Statistical multiplexing – Time Division Multiple Access (TDMA) • Time & frequency band split into time slots • Each conversation gets the radio a fraction of the time – Frequency Division Multiple Access (FDMA) analogous Wireless Networking (1) • Bluetooth (BT) – Frequency-hopping radio technology: hops among frequencies in 2.4 GHz band – Nearly ubiquitous on mobile handsets – Personal area networking: master device associate with ≤ 7 slave devices (piconet) – Pull model, not push model: • Master device publishes services • BT devices inquire for nearby devices, discover published services, connect to them – Latest version: 4.0; latest mobiles support 3.0 [12] Wireless Networking (2) • WiFi (IEEE 802.11) – – – – Variants: 802.11b, g, n, etc. Radio technology for WLANs: 2.4, 3.6, 5 GHz Some mobile handsets support WiFi, esp. premium Two modes: infrastructure and ad hoc • Infrastructure: mobile stations communicate with deployed base stations, e.g., OSU Wireless • Ad hoc: mobile stations communicate with each other without infrastructure – Most mobiles support infrastructure mode Mobile Handset Applications • Mobile apps span many categories, e.g.: – Games: Angry Birds, Assassin’s Creed, etc. – Multimedia: Pandora, Guitar Hero, etc. – Utilities: e-readers, password storage, etc. • Many apps are natively developed for one mobile OS, e.g., iOS, Android – Cross-platform native mobile apps can be developed via middleware, e.g., Rhodes [13], Titanium [14] – Can also build (HTML5) Web apps, e.g., Ibis Reader [15], Orbium [16] • We’ll discuss mobile app development next Native Mobile App Development • Mobile apps can be developed natively for particular mobile handset OSes – iOS: Dashcode, Xcode; Mac only – Android: Eclipse; Win/Mac/Linux – Windows Phone: Visual Studio, XNA; Windows only – Symbian: Eclipse, NetBeans, Qt; Win/Mac/Linux – BlackBerry: Eclipse, Visual Studio; Win/Mac Other Mobile App Development • Middleware – Rhodes: Ruby/HTML compiled for all mobile OSes – Titanium: HTML/JS + APIs compiled for iOS, Android – Still dependent on native SDK restrictions • Web development: HTML5, CSS, JS – Works on most mobile browsers – Can develop on many IDEs, Win/Mac/Linux • Biz: SMS/MMS/mobile network operators key Business Opportunities • Virtually every mobile OS supports app sales via stores, e.g., iOS App Store, Android Market, Windows Marketplace • Devs sign up for accounts, download SDKs – Costs: $99/yr (iOS, Win), $25 once (Android) – http://developer.apple.com, http://market.android.com, http://create.msdn.com Mobile Handset Security Issues • People store much info on their mobiles • “Smartphones are the new computers.…2 billion…will be deployed by 2013” – M.A.D. Partners [18] • Handsets are targets for miscreants: – – – – – – – Calls SMS/MMS messages E-mail Multimedia Calendars Contacts Phone billing system [18] Handset Malware History (1) • Hackers are already attacking handsets – Most well-known case: a 17-year-old broke into Paris Hilton’s Sidekick handset [19] – Less well-known: worms, viruses, and Trojans have targeted handsets since 2004 • 2004: [20] – Cabir worm released by “29A,” targets Symbian phones via Bluetooth – Duts virus targets Windows Mobile phones – Brador Trojan opens backdoor on Windows Mobile [24] Handset Malware History (2) • 2005: [21] – CommWarrior worm released; replicates via Bluetooth, MMS to all contacts – Doomboot Trojan released; claims to be “Doom 2” video game, installs Cabir and CommWarrior • 2006: [20, 21] – RedBrowser Trojan released; claims to be a Java program, secretly sends premium-rate SMS messages to a Russian phone number – FlexiSpy spyware released; sends log of phone calls, copies of SMS/MMS messages to Internet server for third party to view • 2008: [22] – First iPhone Trojan released • 2009–2010: iPhone “Rickrolling”, Android SMS malware, etc. • “The single biggest thing threatening any enterprise today on a security basis is mobile. Furthermore, mobile phone application stores are the greatest malware delivery system ever invented by man” – Robert Smith, CTO, M.A.D. Partners [18] Key Handset Threats, Attacks • Info theft [23] – Transient info: user location – Static info: bluesnarfing attacks, WEP & WPA cracks [24] • Service/$ theft, e.g., premium-rate calls/SMS [23] • Denial-of-service attacks [23] – Flooding attacks overload handset radio with garbage – Power-draining attacks attempt to drain battery • Botnets and DoS attacks against networks [22, 25] • Exploiting the human factor • We’ll discuss risk management strategies Risk Management Strategies • Organizations must: – Understand rapidly-evolving threatspace [18] – Understand applicable laws & regulations – Understand employee demand for handsets and balance this against the risk they pose – Institute CSO policies to achieve compliance (and get top management on board!) – Inform employees about policies (change mgmt) – Implement the policies with tech and people Risk Management Tactics • To implement strategies, organizations must: – Decide whether to distribute handsets to employees for business purposes, allow use – Encrypt device data – Remote data wipe as needed – Procure, install anti-malware, firewall products – Require VPN use, strong passwords, inventory mgmt. – Monitor employee handset use to detect attacks – Educate employees about the threatspace, train them to treat handsets as any other computer system – Prevent, detect, and respond appropriately Discussion and Questions Thank you References [1] 1. 2. 3. 4. 5. 6. 7. 8. Wireless Intelligence, “Snapshot: Global mobile connections surpass 5 billion milestone,” 8 Jul. 2010, https://www.wirelessintelligence.com/print/snapshot/ 100708.pdf T. T. Ahonen, “5 - 4 - 3 - 2 - 1, as in Billions. What do these gigantic numbers mean?,” 6 Aug. 2010, http://communities-dominate.blogs.com T. T. Ahonen, 29 Sep. 2010, http://untether.tv/ellb/?p=2227 T. T. Ahonen, “When there is a mobile phone for half the planet: Understanding the biggest technology”, 16 Jan. 2008, http://communities-dominate.blogs.com/ brands/2008/01/when-there-is-a.html J. L. Hennessy and D. A. Patterson, Computer Architecture: A Quantitative Approach, 4th ed., Elsevier, 2007 Research in Motion, “BlackBerry 8700c Technical Specifications”, http://www.blackberry.com/products/pdfs/blackberry8700c_ent.pdf R. Block, “iPhone processor found: 620MHz ARM CPU”, Engadget, 1 Jul. 2007, http://www.engadget.com/2007/07/01/iphone-processor-found-620mhz-arm/ Samsung Semiconductor, “Product Technical Brief: S3C6400, Jun. 2007”, http://www.samsung.com/global/system/business/semiconductor/product/2007 /8/21/661267ptb_s3c6400_rev15.pdf References [2] 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. Wikipedia, “iPhone”, updated 15 Nov. 2008, http://en.wikipedia.org/wiki/Iphone Wikipedia, “Apple A4”, updated 21 Oct. 2010, http://en.wikipedia.org/wiki/ Apple_A4 Gartner (12 August 2010). "Gartner Says Worldwide Mobile Device Sales Grew 13.8 Percent in Second Quarter of 2010, But Competition Drove Prices Down". Press release. http://www.gartner.com/it/page.jsp?id=1421013 Wikipedia, “Samsung Galaxy S”, updated 21 Oct. 2010, http://en.wikipedia.org/ wiki/Samsung_Galaxy_S Rhomobile Inc., http://rhomobile.com/ Appcelerator Inc., http://www.appcelerator.com/ Ibis Reader LLC, http://ibisreader.com Björn Nilsson, Orbium, http://jsway.se/m/ Ericsson.Global mobile data traffic nearly triples in 1 year, 12 August 2010. http://www.ericsson.com/thecompany/press/releases/2010/08/1437680. Georgia Tech Information Security Center, “Emerging Cyber Threat Reports 2011,” http://www.gtisc.gatech.edu/pdf/cyberThreatReport2011.pdf References [3] 19. B. Krebs, “Teen Pleads Guilty to Hacking Paris Hilton’s Phone”, Washington Post, 13 Sep. 2005, http://www.washingtonpost.com/wp-dyn/content/article/2005/09/ 13/AR2005091301423_pf.html 20. D. Emm, “Mobile malware – new avenues”, Network Security, 2006:11, Nov. 2006, pp. 4–6 21. M. Hypponen, “Malware Goes Mobile”, Scientific American, Nov. 2006, pp. 70–77, http://www.cs.virginia.edu/~robins/Malware_Goes_Mobile.pdf 22. PandaLabs, “PandaLabs Quarterly Report: January–March 2008”, http://pandalabs.pandasecurity.com/blogs/images/PandaLabs/2008/04/01/Quarte rly_Report_PandaLabs_Q1_2008.pdf 23. D. Dagon et al., “Mobile Phones as Computing Devices: The Viruses are Coming!”, IEEE Pervasive Computing, Oct. – Dec. 2004, pp. 11–15 24. G. Fleishman, “Battered, but not broken: understanding the WPA crack”, Ars Technica, 6 Nov. 2008, http://arstechnica.com/articles/paedia/wpa-cracked.ars 25. http://blog.mylookout.com/2010/12/geinimi_trojan/
