A Survey of Efficient Trust Management Schemes in Mobile Ad-Hoc Network

Mobile Ad Hoc Networks (MANETs) are comprised of an arrangement of self-sorting mobile hosts furnished with wireless interaction devices gathered in groups without the need of any settled framework as well as centralized organization to maintain a system over radio connections. Every mobile node can react as a host and also, the router freely utilizes the wireless medium inside the correspondence range to deal with the interaction between huge quantities of individual mobile nodes by framing a correspondence system and trading the information among them without using any described group of the base station. A trust-based model in MANET estimates and sets up trust relationship among objectives. Trust-based routing is utilized to keep away data from different attackers like a wormhole, DOS, black-hole, selfish attack and so forth. Trust can be executed in different steps like reputation, subjective rationale and from the supposition of the neighboring node. A trust estimation approach not just watches the behavior of neighbor nodes, additionally it screens the transmission of the information packet in the identification of the route for exact estimation of trust value. A survey is carried out to find some of the limitations behind the existing works which has been done by the researchers to implement various approaches thus to build the trust management framework. Through the survey, it is observed that existing works focused only on the authenticated transmission of the message, how it transmits packets to the destination node securely using a trust-based scheme. And also, it is observed that the routing approach only focused on the key management issues. Certain limitation observed in the implemented approaches of existing work loses the reliability of framework. Thus, to withstand these issues it is necessary to establish a reliable security framework that protects the information exchanged among the users in a network while detecting various misbehaving attacks among the users. Confidentiality, as well as the integrity of information, can be secured by combining context-aware access control with trust management. The performance parameters should be evaluated with the previous works packet delivery ratio, packet drop, detection accuracy, number of false positives, and overhead.

A Study of e-Commerce Transaction Risk Assessment Model in Mobile Internet

With the continuous development of information technology, mobile e-commerce as a new economic and industrial mode has brought great benefits to the society. Mobile e-commerce does not need to bear the constraints of time and place, which has brought great benefits to the enterprise, from the point of trading, mobile e-commerce relies on convenient mobile terminal devices to provide convenience and unlimited trading environment for the user. However, there is a certain risk, mobile e-commerce is different from traditional e-commerce. It may bring many new problems and risks, and may lead to serious economic loss. So how to make reasonable assessment of mobile e-commerce transaction risk and then select strategy to minimize the risk is very important for the development of mobile e-commerce. In this paper, the risk of mobile e-commerce transactions is analyzed firstly, and then it uses a reasonable evaluation system to build a mobile e-commerce transactions risk assessment model. Finally, with the fact, it shows that the model has good feasibility and practical application value.

Biometric Systems in Mobile Devices

Growth of mobile devices uses has favored the user experience with different digital platforms, from basic activities such as sending messages, phone calls, taking pictures for social networks, email, bank account management, and commerce. These are some examples of daily tasks performed from mobile devices, which makes it essential to provide security of information. Therefore, privacy of stored information has become a main point in the development of mobile devices. This article presents research about the impact that mobile devices have in people's lives and the presence of biometric systems in this kind of device. Papers related with biometrics on mobile devices were examined to find which devices have integrated biometric systems; in addition to identifying biometric features used to authenticate people and find out what mobile platforms were created for. It was found that the smartphone is the device with more biometrics systems, and fingerprints are the most used feature; also, that the Android operating system is the most widely used mobile platform for these purposes.

Android Botnets

Mobile botnets are gaining popularity with the expressive demand of smartphone technologies. Similarly, the majority of mobile botnets are built on a popular open source OS, e.g., Android. A mobile botnet is a network of interconnected smartphone devices intended to expand malicious activities, for example; spam generation, remote access, information theft, etc., on a wide scale. To avoid this growing hazard, various approaches are proposed to detect, highlight and mark mobile malware applications using either static or dynamic analysis. However, few approaches in the literature are discussing mobile botnet in particular. In this article, the authors have proposed a hybrid analysis framework combining static and dynamic analysis as a proof of concept, to highlight and confirm botnet phenomena in Android-based mobile applications. The validation results affirm that machine learning approaches can classify the hybrid analysis model with high accuracy rate (98%) than classifying static or dynamic individually.

Optimized Three-Dimensional Security Framework to Mitigate Risks Arising From BYOD-Enabled Business Environment

Bring your own device (BYOD) has infiltrated the work environment and businesses are enjoying the benefits coupled with the adoption of the trend. At the same time, the adoption of BYOD has introduced a number of security threats that businesses are failing to match. In the pursuit of addressing security threats that are introduced by the adoption of this technology trend, this chapter recommends a three-dimensional (3-D) security framework that can be used to mitigate the risks emanating from a BYOD enabled environment. Data was collected from the employees of two banks in Africa that supported BYOD trend to measure individual and organizational practices. This chapter investigates further on these practices in addressing implications of BYOD. Three categories of security threats are delineated in this chapter. A review of existing security frameworks is presented in this chapter. The chapter concludes by outlining a 3-D security framework as a potential solution to protect BYOD enabled business environment.

Awareness, Knowledge, and Ability of Mobile Security Among Young Mobile Phone Users

The research literature on awareness, knowledge, and ability of mobile security of young mobile phone users was reviewed in this article. The existing literature suggests that young mobile phone users are usually not aware of potential mobile security issues when using a mobile phone. Young mobile phone users are often found to lack the knowledge to detect mobile security problems and to defend themselves in the mobile world. Empirical evidence also exists in which some users do not have the mobile security ability to safely use their mobile phones. Overall, it is vital that young users improve their awareness, knowledge, and ability of mobile security so that they can effectively and enjoyably use their mobile phones.

Theft Preventive Measures for Interconnected Personal Computer Devices as Proactive Physical Security of Data

This article is concerned with the arising problems and implications of physical security and privacy of personal and control data on portable computer devices, especially smartphones. The authors consider various classifications of portable computer devices, isolate smartphones as a most common device, and study types of user behavior regarding the involved security risks of unauthorized access to the data stored both locally and remotely with accent of physical data access via device theft. Based on provided categorization the researchers discuss the factors and criteria suitable to generalize user patterns and evaluate the corresponding vulnerability level against specified statistics. The considered statistical criteria can be formulated as a mathematical model of relative risks and implemented as a service or an application to be used for improving user awareness on current threats to his personal data and respective interconnected personal portable devices.

Identity Authentication Security Management in Mobile Payment Systems

Mobile payment is a new payment method offering users mobility, reachability, compatibility, and convenience. But mobile payment involves great uncertainty and risk given its electronic and wireless nature. Therefore, biometric authentication has been adopted widely in mobile payment in recent years. However, although technology requirements for secure mobile payment have been met, standards and consistent requirements of user authentication in mobile payment are not available. The flow management of user authentication in mobile payment is still at its early stage. Accordingly, this paper proposes an anonymous authentication and management flow for mobile payment to support secure transaction to prevent the disclosure of users' information and to reduce identity theft. The proposed management flow integrates transaction key generation, encryption and decryption, and matching to process users' personal information and biometric characteristics based on mobile equipment authentication carrier.

How Relevant Are Risk Perceptions, Effort, and Performance Expectancy in Mobile Banking Adoption?

This article provides a comprehensive overview of the adoption process using evidence from m-banking adoption in Pakistan. A survey design was used and 189 responses were received from across Pakistan and analyzed using Smart PLS application. Findings suggest that research on the effect of risk in the adoption process remains inconclusive. Contrarily, consumers have overcome many fears due to the usefulness, indispensability, high security features, and effort expended in the use of financial services delivered through m-banking. Perceived risk's (PR) direct influence was found to be generally weak. However, PR plays a major role in the pre-adoption process because it's weak and direct inhibiting influence become an “enhancer” in the association between effort expectancy (EE) and the three key TAM/UTAUT constructs [performance expectancy (PE), attitude (ATT), and adoption intention (INT)]. Most importantly, the role of EE as a strong driver of PE, ATT, INT, and its significant interaction with PR highlights the unique role that both risk and EE play in the adoption process.

Towards Privacy Risk Analysis in Android Applications Using Machine Learning Approaches

Android-based devices easily fall prey to an attack due to its free availability in the android market. These Android applications are not certified by the legitimate organization. If the user cannot distinguish between the set of permissions requested by an application and its risk, then an attacker can easily exploit the permissions to propagate malware. In this article, the authors present an approach for privacy risk analysis in Android applications using machine learning. The proposed approach can analyse and identify the malware application permissions. Here, the authors achieved high accuracy and improved F-measure through analyzing the proposed method on the M0Droid dataset and completed testing on an extensive test set with malware from the Androzoo dataset and benign applications from the Drebin dataset.