Mobile Handsets: A Panoramic Overview

Adam C. Champion and Dong XuanDepartment of Computer Science &

EngineeringThe Ohio State University

Outline

• Introduction• Mobile Handset Architecture• Mobile Handset Operating Systems• Networking• Applications• Mobile Handset Security

Mobile Handset Definition

• Mobile handsets (mobiles): electronic devices that provide services to users:– Internet– Games– Contacts

• Form factors: tablets, smartphones, consoles

• Mobile: your next computer system

Mobile Handsets: Business

• Meteoric sales and growth:– Over 4 billion mobile phone users [1]– Over 5 billion mobile phone subscriptions

[2] (some people have multiple phones)–Mobile handsets & industries: $5 trillion

[3]• Mobile phones are replaced every 6

months in S. Korea (just phones) [4]• We can’t ignore these numbers• Note: mobiles are computer systems

What’s Inside a Mobile Handset?

Source: [5]

Handset Architecture (1)

• Handsets use several hardware components:– Microprocessor– ROM– RAM– Digital signal processor– Radio module– Microphone and speaker– Hardware interfaces– LCD display

Handset Architecture (2)

• Handsets store system data in electronically-erasable programmable read-only memory (EEPROM)–Mobile operators can reprogram phones

without physical access to memory chips• OS is stored in ROM (nonvolatile

memory)• Most handsets also include subscriber

identity module (SIM) cards

Handset Microprocessors

• Handsets use embedded processors– Intel, ARM architectures dominate market.

Examples include:• BlackBerry 8700, uses Intel PXA901 chip [6]• iPhone 3G, uses Samsung ARM 1100 chip [7]

– Low power use and code size are crucial [5]–Microprocessor vendors often package all

the chip’s functionality in a single chip (package-on-package (PoP)) for maximum flexibility

– Apple A4 uses a PoP design [10]

Example: iPhone 3G CPU

• The iPhone: a real-world MH [7–9]– Runs on Samsung

S3C6400 chip, supports ARM architecture

– Highly modular architecture

Source: [8]

Mobile Handset OSes (1)

• Key mobile OSes:– Symbian OS– BlackBerry OS– Google Android– Apple iOS– Windows Phone 7

(formerly Windows Mobile)

• Others include:– HP Palm webOS– Samsung bada

Source: [11]

Mobile Handset OSes (2)• Symbian (^n) OS (ARM

only)– Open-source (Nokia)– Multitasking– Programming: C++, Java

ME, Python, Qt/HTML5• BlackBerry OS (ARM)

– Proprietary (RIM)– Multitasking– Many enterprise features– Programming: Java ME,

Adobe AIR (tablet)• iPhone OS (ARM only)

– Proprietary (Apple)– Multitasking– Multi-touch interface– Programming: Objective-C

• Windows Phone 7 (ARM only)– Proprietary (Microsoft)– No multitasking– Programming: Silverlight/XNA,

C#.NET/VB.NET• Android (ARM, x86, …)

– Open-source– Multitasking– Programming: Java

(Apache Harmony), scripts• Other OS features

– Most require app code signing– Many support Adobe Flash/AIR,

multitasking– ARM is predominant ISA

Mobile Handset Networking

• Handsets communicate with each other and with service providers via many networking technologies

• Two “classes” of these technologies:– Cellular telephony–Wireless networking

• Most handsets support both, some also support physical connections such as USB

Cellular Telephony Basics (1)

• Many mobile handsets support cellular services

• Cellular telephony is radio-based technology, radio waves propagated by antennas

• Most cellular frequency bands: 800, 850, 900, 1800, 1900, 2100 MHz

Source: [5]

Cellular Telephony Basics (2)

• Cells, base stations– Space divided into cells,

each has base station (tower, radio equipment)

– Base stations coordinate so mobile users can access network

– Move from one cell to another: handoff

Cellular Telephony Basics (3)

• Statistical multiplexing– Time Division Multiple Access (TDMA)

• Time & frequency band split into time slots• Each conversation gets the radio a fraction of the time

– Frequency Division Multiple Access (FDMA) analogous

Wireless Networking (1)

• Bluetooth (BT)– Frequency-hopping radio technology: hops

among frequencies in 2.4 GHz band– Nearly ubiquitous on mobile handsets– Personal area networking: master device

associate with ≤ 7 slave devices (piconet)– Pull model, not push model:

• Master device publishes services• BT devices inquire for nearby devices, discover

published services, connect to them

– Latest version: 4.0; latest mobiles support 3.0 [12]

Wireless Networking (2)

• WiFi (IEEE 802.11)– Variants: 802.11b, g, n, etc.– Radio technology for WLANs: 2.4, 3.6, 5 GHz– Some mobile handsets support WiFi, esp.

premium– Two modes: infrastructure and ad hoc

• Infrastructure: mobile stations communicate with deployed base stations, e.g., OSU Wireless

• Ad hoc: mobile stations communicate with each other without infrastructure

– Most mobiles support infrastructure mode

Mobile Handset Applications

• Mobile apps span many categories, e.g.:– Games: Angry Birds, Assassin’s Creed, etc.– Multimedia: Pandora, Guitar Hero, etc.– Utilities: e-readers, password storage, etc.

• Many apps are natively developed for one mobile OS, e.g., iOS, Android– Cross-platform native mobile apps can be

developed via middleware, e.g., Rhodes [13], Titanium [14]

– Can also build (HTML5) Web apps, e.g., Ibis Reader [15], Orbium [16]

• We’ll discuss mobile app development next

Native Mobile App Development

• Mobile apps can be developed natively for particular mobile handset OSes– iOS: Dashcode, Xcode; Mac only– Android: Eclipse; Win/Mac/Linux–Windows Phone: Visual Studio, XNA;

Windows only– Symbian: Eclipse, NetBeans, Qt;

Win/Mac/Linux– BlackBerry: Eclipse, Visual Studio;

Win/Mac

Other Mobile App Development

• Middleware– Rhodes: Ruby/HTML compiled for all mobile OSes– Titanium: HTML/JS + APIs compiled for iOS,

Android– Still dependent on native SDK restrictions

• Web development: HTML5, CSS, JS – Works on most mobile browsers– Can develop on many IDEs, Win/Mac/Linux

• Biz: SMS/MMS/mobile network operators key

Business Opportunities• Virtually every mobile OS supports app sales via stores,

e.g., iOS App Store, Android Market, Windows Marketplace

• Devs sign up for accounts, download SDKs– Costs: $99/yr (iOS, Win), $25 once (Android)– http://developer.apple.com, http://market.android.com,

http://create.msdn.com

Mobile Handset Security Issues

• People store much info on their mobiles• “Smartphones are the new computers.…2

billion…will be deployed by 2013” – M.A.D. Partners [18]

• Handsets are targets for miscreants:– Calls– SMS/MMS messages– E-mail– Multimedia– Calendars– Contacts– Phone billing system [18]

Handset Malware History (1)

• Hackers are already attacking handsets–Most well-known case: a 17-year-old broke

into Paris Hilton’s Sidekick handset [19]– Less well-known: worms, viruses, and

Trojans have targeted handsets since 2004• 2004: [20]

– Cabir worm released by “29A,” targets Symbian phones via Bluetooth

– Duts virus targets Windows Mobile phones– Brador Trojan opens backdoor on Windows Mobile [24]

Handset Malware History (2)

• 2005: [21]– CommWarrior worm released; replicates via Bluetooth, MMS to all

contacts– Doomboot Trojan released; claims to be “Doom 2” video game,

installs Cabir and CommWarrior• 2006: [20, 21]

– RedBrowser Trojan released; claims to be a Java program, secretly sends premium-rate SMS messages to a Russian phone number

– FlexiSpy spyware released; sends log of phone calls, copies of SMS/MMS messages to Internet server for third party to view

• 2008: [22]– First iPhone Trojan released

• 2009–2010: iPhone “Rickrolling”, Android SMS malware, etc.

• “The single biggest thing threatening any enterprise today on a security basis is mobile. Furthermore, mobile phone application stores are the greatest malware delivery system ever invented by man” – Robert Smith, CTO, M.A.D. Partners [18]

Key Handset Threats, Attacks

• Info theft [23]– Transient info: user location– Static info: bluesnarfing attacks, WEP & WPA cracks [24]

• Service/$ theft, e.g., premium-rate calls/SMS [23]• Denial-of-service attacks [23]

– Flooding attacks overload handset radio with garbage– Power-draining attacks attempt to drain battery

• Botnets and DoS attacks against networks [22, 25]• Exploiting the human factor• We’ll discuss risk management strategies

Risk Management Strategies

• Organizations must: –Understand rapidly-evolving threatspace [18]–Understand applicable laws & regulations–Understand employee demand for handsets

and balance this against the risk they pose– Institute CSO policies to achieve compliance

(and get top management on board!)– Inform employees about policies (change

mgmt)– Implement the policies with tech and people

Risk Management Tactics

• To implement strategies, organizations must:– Decide whether to distribute handsets to

employees for business purposes, allow use– Encrypt device data– Remote data wipe as needed– Procure, install anti-malware, firewall products– Require VPN use, strong passwords, inventory

mgmt.– Monitor employee handset use to detect attacks– Educate employees about the threatspace, train

them to treat handsets as any other computer system

– Prevent, detect, and respond appropriately

Discussion and Questions

Thank you

References [1]1. Wireless Intelligence, “Snapshot: Global mobile connections surpass 5 billion

milestone,” 8 Jul. 2010, https://www.wirelessintelligence.com/print/snapshot/100708.pdf

2. T. T. Ahonen, “5 - 4 - 3 - 2 - 1, as in Billions. What do these gigantic numbers mean?,” 6 Aug. 2010, http://communities-dominate.blogs.com

3. T. T. Ahonen, 29 Sep. 2010, http://untether.tv/ellb/?p=22274. T. T. Ahonen, “When there is a mobile phone for half the planet:

Understanding the biggest technology”, 16 Jan. 2008, http://communities-dominate.blogs.com/ brands/2008/01/when-there-is-a.html

5. J. L. Hennessy and D. A. Patterson, Computer Architecture: A Quantitative Approach, 4th ed., Elsevier, 2007

6. Research in Motion, “BlackBerry 8700c Technical Specifications”, http://www.blackberry.com/products/pdfs/blackberry8700c_ent.pdf

7. R. Block, “iPhone processor found: 620MHz ARM CPU”, Engadget, 1 Jul. 2007, http://www.engadget.com/2007/07/01/iphone-processor-found-620mhz-arm/

8. Samsung Semiconductor, “Product Technical Brief: S3C6400, Jun. 2007”, http://www.samsung.com/global/system/business/semiconductor/product/2007/8/21/661267ptb_s3c6400_rev15.pdf

References [2]9. Wikipedia, “iPhone”, updated 15 Nov. 2008,

http://en.wikipedia.org/wiki/Iphone10. Wikipedia, “Apple A4”, updated 21 Oct. 2010,

http://en.wikipedia.org/wiki/Apple_A411. Gartner (12 August 2010). "Gartner Says Worldwide Mobile Device Sales

Grew 13.8 Percent in Second Quarter of 2010, But Competition Drove Prices Down". Press release. http://www.gartner.com/it/page.jsp?id=1421013

12. Wikipedia, “Samsung Galaxy S”, updated 21 Oct. 2010, http://en.wikipedia.org/wiki/Samsung_Galaxy_S

13. Rhomobile Inc., http://rhomobile.com/14. Appcelerator Inc., http://www.appcelerator.com/15. Ibis Reader LLC, http://ibisreader.com16. Björn Nilsson, Orbium, http://jsway.se/m/ 17. Ericsson.Global mobile data traffic nearly triples in 1 year, 12 August 2010.

http://www.ericsson.com/thecompany/press/releases/2010/08/1437680.18. Georgia Tech Information Security Center, “Emerging Cyber Threat Reports

2011,” http://www.gtisc.gatech.edu/pdf/cyberThreatReport2011.pdf

References [3]19.B. Krebs, “Teen Pleads Guilty to Hacking Paris Hilton’s Phone”,

Washington Post, 13 Sep. 2005, http://www.washingtonpost.com/wp-dyn/content/article/2005/09/13/AR2005091301423_pf.html

20.D. Emm, “Mobile malware – new avenues”, Network Security, 2006:11, Nov. 2006, pp. 4–6

21.M. Hypponen, “Malware Goes Mobile”, Scientific American, Nov. 2006, pp. 70–77, http://www.cs.virginia.edu/~robins/Malware_Goes_Mobile.pdf

22.PandaLabs, “PandaLabs Quarterly Report: January–March 2008”, http://pandalabs.pandasecurity.com/blogs/images/PandaLabs/2008/04/01/Quarterly_Report_PandaLabs_Q1_2008.pdf

23.D. Dagon et al., “Mobile Phones as Computing Devices: The Viruses are Coming!”, IEEE Pervasive Computing, Oct. – Dec. 2004, pp. 11–15

24.G. Fleishman, “Battered, but not broken: understanding the WPA crack”, Ars Technica, 6 Nov. 2008, http://arstechnica.com/articles/paedia/wpa-cracked.ars

25.http://blog.mylookout.com/2010/12/geinimi_trojan/