Smartphone Security: Classification and Categorization of Smartphone Malware (Proof of Concept and Found In The Wild)

Abstract

Smartphone applications are growing in their popularity, this has also brought them under greater threat due to growing smartphone malware attacks. All platforms for smartphones have faced exponential growth of malware in recent years. Bright future of open source platforms are augmenting this figure to grow phenomenally as they continue to capture huge market share. Moreover, smartphone malware are targeting anything from communications, location, personal or identifiable information and are growing to be very sophisticated in nature. A number of detection and defense mechanisms have emerged in the last decade to tackle the mobile malware phenomenon but alarmingly they are mostly ineffective. It has become extremely important to arrange this huge influx of information better understand the smartphone malware problem. A taxonomy of smartphone malware has been proposed on the basis of their different dimensions. Dimension means to view the smartphone malware from different aspects. Various aspects include; how malware attack the system, their spread or propagation mechanisms, circumvention techniques they adopt to evade smartphone security, architectural layer of smartphone platform they attack, etc. The proposed taxonomy classifies and categorizes both kinds of malware, those found in the wild as well as those which are proof of concept. Severity of smartphone malware is also discussed for those found in the wild; based on user concerns. Severity is in the terms of the level of threat user feels while keeping in mind the loss it can cause if a malware succeeds to achieve its aim. The severity of malware is presented with respect to user concerns in a graphical manner based on the samples of malware families that are collected from the wild and through various sources.