What we have published

Fill 4

ERNW White Paper 55

Threat Analysis of malicious applications on mobile operating systems

In the following thesis a threat analysis of malware on mobile OSes will be performed. We use Windows Phone OS as an example.

One of the differences of mobile OSes to Desktop OSes is the enforcement of sandboxing techniques of applications. On mobile OSes these separate applications from each other but also from the OS itself. We will take a look at the security model of Windows Phone OS and see how sandboxing is implemented. With that we also analyze the structure of compiled application packages.

To perform the threat analysis, we use a methodology based on STRIDE. The acronym STRIDE stands for typical threats software is susceptible for, like tampering with data. For a structured approach we identify a data flow diagram consisting of typical parts of a mobile OS. Afterwards STRIDE is applied to the components of that diagram.

The result shows threats for each element of applications and OS from the perspective of a malicious application running on a mobile device. This can be used for analyzing a concrete application or as a basis for a risk analysis.