Security aspects of mobile phone virus: a critical survey
| Date | 25 April 2008 |
| Pages | 478-494 |
| DOI | https://doi.org/10.1108/02635570810868344 |
| Published date | 25 April 2008 |
| Author | Dong‐Her Shih,Binshan Lin,Hsiu‐Sen Chiang,Ming‐Hung Shih |
| Subject Matter | Economics,Information & knowledge management,Management science & operations |
Security aspects of mobile phone
virus: a critical survey
Dong-Her Shih
Department of Information Management,
National Yunlin University of Science and Technology, Douliou, Taiwan
Binshan Lin
College of Business Administration, Louisiana State University in Shreveport,
Shreveport, Louisiana, USA
Hsiu-Sen Chiang
Department of Information Management,
National Yunlin University of Science and Technology, Douliou, Taiwan, and
Ming-Hung Shih
Department of Electronics Engineering, National Chiao Tung University,
Hsinchu, Taiwan
Abstract
Purpose – The paper’s aim is to provide information about mobile viruses for end-users or
organizations and recommend useful tips of how individuals can protect their mobile phones from the
intrusion of mobile phone viruses.
Design/methodology/approach – This paper surveys chronicle, securities, risks and
countermeasure of mobile phone viruses.
Findings – This paper investigates infection routes, threats, damage, and spreading ways of mobile
phone viruses and provides available countermeasures. It also provides useful tips about mobile
viruses, indicating what to do and how to do it.
Research limitations/implications – This research may not be exhaustive about mobile viruses.
Practical implications – A very useful source of information and impartial advice for end-users or
organizations who are planning to protect their mobile phones and their own privacy.
Originality/value – This paper is the first to survey the risk of mobile phones and it discusses how
organizations or individuals can protect mobile phones from the intrusion of viruses and how to
develop their own mobile virus security plan.
Keywords Data security, Mobilecommunication systems
Paper type General review
1. Introduction
Computer viruses are well-known and dangerous risks to today’s corporate computer
environment. In 1986, there was only one known computer virus. Today, there are
almost 60,000 viruses in existence and they have gone from being a nuisance to a
permanent menace. They are costing literally billions of dollars and enormous
frustration to the users. Viruses and virus outbreaks continue to cause businesses to lose
the most money. According to the report of Computer Security Institute, respondents
claimed viruses caused organizations the greatest financial loss, over $15 million and
The current issue and full text archive of this journal is available at
www.emeraldinsight.com/0263-5577.htm
IMDS
108,4
478
Received 1 October 2007
Revised 1 December 2007
Accepted 30 December 2007
Industrial Management & Data
Systems
Vol. 108 No. 4, 2008
pp. 478-494
qEmerald Group Publishing Limited
0263-5577
DOI 10.1108/02635570810868344
approximately 1/3 of the cost for all computer security incidents combined. The ICSA
Labs Virus Prevalence Survey 2004 indicates that the financial cost of virus infection,
measured in cost per incident, was listed at over $130 million, the latest virus disaster
alone cost them over $40,000 and took 31 person days to fully recover after a virus
disaster. The reported costs of virus infection would be much higher if related costs such
as loss of business and lower productivity were taken into consideration.
Recently, the number of viruses targeting mobile phones soared from one to more
than 200, a rate of growth that roughly paralleled that of computer viruses in the first
two years after the first PC virus was released in 1986. The target population for
malicious mobile software is enormous and growing by leaps. Since the number of
smart mobile devices in the world has expanded dramatically in recent years, and so
has the amount of malware set loose to attack them, as shown in Figure 1 (Hypponen,
2006). Today, there are more than two billion mobile phones and more than 300 kinds
of malware, such as worms, Trojan horses, other viruses and spyware, have been
unleashed against the devices in the world.
2. Chronicle of mobile phone viruses
Mobile phones are to be powered with all features of modern PCs connected to the
internet ( John and Gorman, 2002). They will be equipped with operating system, text
editors, spreadsheet editors and database processors similar to modern ones.
Moreover, users of mobile phone will have the ability to exchange with executable files
(Yang et al., 2007). Exactly as it is with PCs, some of them may contain malicious
programs (Yap and Ewe, 2005). As wireless phone and PDA networks become more
numerous and more complex, it has become more difficult to secure them against
electronic attacks in the form of viruses or other malicious software (also known as
malware) (Choi et al., 2007).
A mobile virus is an electronic virus that targets mobile phones or wireless-enabled
PDAs. The first computer virus that attacks mobile phone is VBS.Timofonica which
was found on May 30, 2000. In June 2004, computer scientists released a proof-of-concept
mobile virus named Cabir, used Bluetooth to send itself over the airwaves to
unsuspecting victims who thought they had received a security program and proceeded
to infect themselves upon installation. Cabir and its variants ran natively on the
Symbian operating environment, which accounts for more than 80 percent of the GSM
mobile phone market. The first virus to infect handhelds running Windows Mobile
operating system was released July 17, 2004. The instance of a mobile virus occurred in
August 2004 called Ojam had engineered an anti-piracy Trojan virus in older versions of
their mobile phone game Mosquito. This virus sent short message service (SMS) text
messages to the company without the user’s knowledge. This virus was removed from
Figure 1.
Growth in smartphone
and mobile malware
15
10
5
0
Units Sold, Worldwide (millions)
Quarter 1 Q2 Q2Q1 Q2Q1Q3 Q3 Q3Q4 Q4 Q4 Q2Q1 Q3Q4
2006200520042003
350
300
250
200
150
100
50
0
June 04
Cumulative Number of
Known Malware Programs
Sept. 04
Dec. 04
March 05
June 05
Sept. 05
Dec. 05
March 06
June 06
Aug. 06
Security aspects
of mobile
phone virus
479
To continue reading
Request your trial