CHAPTER 1

Introduction
1.1. General
MALWARE:
Malware ("malicious software") is any program or file that possesses a threat to a
computer device and thus is harmful to a user. It includes computer viruses, worms, Trojan
horses, and also spy ware. It is any application that gathers information about a computer user
without permission.
The first Malware (virus) for cell phones to come out was !M"I#$%&'()#"I*.
+ortunately the virus spreads only from mobile to mobile running only !M"I#$%&'
operating system enabled with "luetooth technology

MALWARE CLASSIFICATIO:
!iru"
# virus is a program or programming code that replicates by being copied or initiating
its copying to another program. ,iruses can be transmitted as attachments to an e%mail
note or in a downloaded file
Tro#an Hor"e"
In computers, a Trojan horse is a program in which malicious or harmful code is
contained inside apparently harmless programming or data in such a way that it can get
control and do its chosen form of damage,
-.ample/ S$ull.%
Wor&"
0orm is a self%replicating virus that does not alter files but resides in active memory
and duplicates itself. 0orms use parts of an operating system that are automatic and
usually invisible to the user.
-.ample/ Ca'ir
1
1.(. Pro'le& State&ent
To 2evelop a M3"I4- M#40#*- capable of disclosing sensitive information
(te.t(multimedia messages, contacts, notes etc.) stored in "luetooth enabled mobile phones.
The main aim of this project is to identify security loop%holes or vulnerabilities in
present mobile communication devices.
This is achieved by finding loop 5holes in ymbian firmware and e.ploiting those
using "luetooth networ6. #lso study different types of attac6s, threats and wea6nesses in the
"luetooth enabled phones which an attac6er can use to retrieve personal data from the device.
This will help in research, develop and design more secure mobile system avoiding
security holes and implement more secure firmware at developer level.
The central in7uiry focuses on finding out the security flaws and vulnerabilities in the
current implementation of ymbian firmware and e.ploiting those wea6nesses via developing
a malware application over "luetooth networ6.
IFIP Tec)nical Co&&ittee *o 11+ : ecurity and 8rotection in I8 ystems
IFIP Wor$in, Grou- *o 11..+ : $etwor6 and distributed ystems security.
AIM:
To promote general awareness about security problems in the broad field of
information technology
SCOPE:
The vast scope of the project is in the field of Mobile data and networ6 security.
9
CHAPTER (
Re/ie012ac$,round Material
:
(.1. 2ac$,round Material
2oo$" Re3erred/
;Pro,ra&&in, Mo'ile %e/ice"4 To&&5 Mi$$onen
This boo6 has helped to understand the core concepts and fundamentals of
programming in mobile devices. This has helped to get a basic understanding of the #8I<s of
ymbian )== for mobile device application development.
This boo6 is distributed into four parts/
>. Memory Management 5 This introduces strategies for allocating variables to
memory such as stac6, heap, naming conventions, two phase constructors<
etc.
1. #pplication 5 This introduces wor6flow of the application development. It helps in
building user interface for the application.
9. $etwor6ing 5 Introduces basic connectivity in mobile devices. "luetooth
introduction and "luetooth in ymbian.
:. ecurity 5 2escribes 3 security features such as #pplication level security, -nd
to end security and low level security.
62luetoot) E""ential 3or Pro,ra&&er"4 Al'ert S. Huan, and Larr5 Rudol-)
This boo6 teaches essential concepts for "luetooth programming. It discusses the
major concepts and techni7ues involved in "luetooth programming. It tells about various
protocols such as 41)#8 (The 4ogical 4in6 )ontrol and #doption 8rotocol) and *+)3MM
(*adio +re7uency )ommunications) #)4 (The #synchronous )onnection%oriented 4ogical
transport protocol), )3 (ynchronous )onnection%3riented logical transport 8rotocol).
?
.
6S5&'ian OS C77 3or Mo'ile P)one"4 Ric)ard Harri"on 8 Mar$ S)ac$&an
The boo6 is broadly organi@ed into four sections/
>. Introduces ymbian 3 itself, and describes the basic building bloc6s and
usage patterns.
1. -.plains the core concepts, resources, programming idioms that are to be
created, test and publish a simple ABI (graphical user interface) application.
9. 8rovides a detailed description of the use of the ymbian 3 graphical user
interface to create non%trivial stand%alone applications. It helps us to ensure
that our application code is as device%independent as possible.
:. 8rovides an introduction to some of the most significant and useful of the
ymbian 3 system services. This section continues with practically%based
descriptions of the communications, multimedia and database services.
&
(.(. Literature Sur/e5
(.(.1+ S)a)arudin I"&ail and 9a)ri H# :uno" 6Wor&" and Tro#an" ,o &o'ile4
ISER t)e STAR InTec); (.; Marc); (<<=
The paper starts with an introduction on smart phones i.e. Mobile phones with advances 3
such as ymbian 3, Microsoft Mobile 3 and 8alm 3.
+urther the paper consists of identified malware and the threat they possesses to the mobile
user.
The malware discussed in the paper are/
Ca'ir
)abir was the first to be identified. This worm uses "luetooth to infect the phones and
also to transfer itself to the new host as a file. 0hen infected, the mobile phoneCs screen
displays the word ")aribe". The worms also modify the ymbian 3 on the phone so that
)abir is launched each time the phone is switched on.
MetalGear
This Trojan horse combines several malicious mobile phone programs that wor6 to
spread over ymbian%based phones. The Trojan, a fa6e version of the Metal Gear Solid game,
disables antivirus programs as well as other programs.
S$ull.%
6ull.2 is another Trojan horse. It disables applications, installs the )abir worm and
informs the user that his phone has been infected by displaying flashing s6ulls on the screen
the latest 6ulls Trojan horse comes disguised as a new version of the Macromedia Flash
player.
Ga/no.a and Ga/no.'
Aavno.a and Aavno.b Trojan horses mas7uerade as patches to tric6 users into
downloading them. Aavno is the first Trojan aimed at disrupting telephony, a core function of
mobile phones. This Trojan disrupts te.t messaging and e%mail.
Core >ue"tion: 0hat were the successful virus threats in mobile devicesD
E
(.(.(+ Guan)ua :an; Leticia Cuellar and !incent !u 62luetoot) 0or& Pro-a,ation:
Mo'ilit5 Pattern Matter"?4 Lo" Ala&o" ational La'orator5; (<<@.
In this paper, we study how mobility patterns affect "luetooth worm spreading speeds.
0e find that the impact of mobility patterns is substantial over a large set of changing
"luetooth and worm parameters. +or instance, a mobility model under which devices move
among a fi.ed set of activity locations can result in worm propagation speeds four times faster
than a classical mobility model such as the random wal6 model.
3ur investigation reveals that the 6ey factors affecting "luetooth worm propagation
speeds include spatial distributions of nodes, lin6 duration distributions, degrees to which
devices are mi.ed together, and even the burst ness of successive lin6s.
This paper also e.plains various Mobility Models and their practical uses in different
environments.
>. *andom waypoint model.
1. *andom wal6 model.
9. *andom direction model.
:. *andom landmar6 model.
ome e.periments are also simulated in this paper over a networ6 of 1'' devices.
The random waypoint model provides the fle.ibility to change the pause time of a
node after a trip. The random wal6 model, however, does not have such control.
In this paper investigation on how mobility patterns affect "luetooth worm propagation is
done. In the future, more realistic mobility models can be applied and other un6nown factors
that affect "luetooth worm propagation can be e.plored. # plan to build a model for
"luetooth worm propagation which incorporates the statistical properties of mobility patterns
that have been discussed in paper is also discussed.
F
2luetoot) 0or& &odellin,: infection cycle of "luetooth worm using flow chart
Core >ue"tion: 3n what constraints virus infection speed dependsD
G
Fi,ure (.(.1
(.(.A+ C)ri" FleiBac)5; Mic)ael Lil#en"ta&B; Per Co)an""on4Can :ou In3ect Me o0D
Mal0are Pro-a,ation in Mo'ile P)one et0or$"4 Cali3ornia; San %ie,o (<<@.
This paper evaluates the effects of Malware 8ropagation in mobile 8hone networ6s.
This paper evaluates the effects of malware propagating using communication services in
mobile 8hone networ6s. #s
I) ,oI8
II) MM
The paper developed an event%driven simulator to investigate Malware propagating using
MM and ,oice over I8 (,oI8) ervices. The simulator incorporates two important Topology
models that affect how malware spreads in such networ6s.
+irst, it uses a model of the physical networ6 topology that dense how mobile phone networ6s
are connected and provisioned. The networ6 topology fundamentally determines the physical
constraints for malware propagation.
econd, it uses a model of cell phone address boo6s that, combined, create a contact graph
topology among cell phone users. This contact graph determines how malware selects targets
for infection.
Core >ue"tion / -valuate the effects of Malware 8ropagation in Mobile phone networ6sD
>'
(.(..+ Ca5ant Pari5al 6An Anal5"i" on Ca'ir Mo'ile /iru"4 Co&-uter E&er,enc5
Re"-on"e Tea&; Ma5 11; (<<=.
This research report was developed by information and technology ministry of India.
The paper was released to ma6e a public notification regarding latest threat in mobile
communication, very well 6nown as )#"I*. The malware was able to affect ymbian &'
based mobiles. This malware infection started in Hune 1'':.
In later three months many different versions with diverted features were also released
6nown as )#"I*.# )#"I*." II. )#"I*.,
This malware has been classified as a worm. 3nce active it will send a copy of itself
6nown as replication to the first "luetooth device found. "ut in order to install it on target
mobile, user must agree on installation dialogue. The main aim of this worm was spread on
"luetooth enabled mobiles having these four steps
>. can for available "luetooth devices.
1. If found in range then open communication with device.
9. end )#"I*.! file to target mobile.
:. )lose "luetooth connection.
This paper gives all information regarding most popular )#"I* versions. 0ith full
differences and wor6ing tactic, it also gives information about malware bloc6ing. In addition
the paper describes another popular threat 6nown as )3MM0#**I3*. This very new threat
was able to spread over "luetooth as well as MM.
The main difference in )#"I* and )3MM0#**I3* was that )#"I* was sending
its replication to first "luetooth enabled device with a static name while )3MM0#**I3*
was sending its replication to every "luetooth mobile in range and sending replication with
different name. The main advantage was that target mobile will not be warned with any
specific file name.
>>
(.(.=+ Cin, Su; Eel/in E.W. C)an; E/al de Lara 6A -reli&inar5 In/e"ti,ation o3 Wor&
In3ection" in a 2luetoot) En/iorn&ent4 Fni/er"it5 o3 Toronto; (<<@
This paper starts with two e.periments/

>. To investigate weather a large%scale "luetooth worm is viable in practice.
1. tudy a driven simulations to e.amine the propagation dynamics of a "luetooth
worm in a large population
+irstly, under controlled e.periments and traces of "luetooth activity in different
urban environments are gathered. It was found that "luetooth%enabled devices are prevalent
and that the device population is relatively homogeneous. This suggests that a worm
e.ploiting vulnerability in a popular "luetooth implementation could spread 7uic6ly.
It was also found that devices typically remain within the range of "luetooth radios
long enough for a potential infection to occur.
+inally, it was found that wal6ing cannot prevent a person<s device from becoming
infected/ an infection can occur even when two people carrying "luetooth devices are
wal6ing in opposite directions.
These results suggest that a large%scale "luetooth worm outbrea6 is viable today.
econd, a drive simulation was traced to e.amine the propagation dynamics of a
"luetooth worm in a large population. The simulations reveal that "luetooth worms can infect
many devices relatively 7uic6ly, in just a few days.
It was found that a worm<s infection rate is not strongly affected by how many devices
are infected first/ the infection propagates 7uic6ly whether it started by infecting >'' or >'''
devices.
>1
Instead, it was found that the worm outbrea6<s start time is more important/
#n infection starting on a wee6%end or during an off%pea6 hour (e.g., late evening)
spreads more slowly.
The rest of the paper is organi@ed as follows.
>. 8resents a brief "luetooth primer.
1. 2iscussion on how "luetooth worms are different from other types of worms.
9. 2escription of diversity of 6nown security attac6s on the "luetooth protocol.
:. Investigation on the feasibility of a large%scale "luetooth worm outbrea6 today.
?. imulations to e.amine the propagation dynamics of "luetooth worms.
Core >ue"tion / Is it possible to monitor and disinfect a large scale
"luetooth 0orm 3utbrea6D
>9
CHAPTER A
Contri'utional Wor$ %e"cri-tion and Re"ult
>:
A.1. Met)odolo,5
Methodical approach to application development results in fewer defects and, therefore,
ultimately provides shorter delivery times and better value.
+or the project it was thought that the wor6 should be performed in stages and at each stage
testing and evaluation is to be done so the best Methodology to use was piral Methodology.
S-iral Met)odolo,5
In this approach projects are managed by segmenting into hierarchy of chun6s, such as
phases, activities, tas6s and steps with trial and error testing at each stage.
The spiral methodology reflects the relationship of tas6s with rapid prototyping.
>?
Fi,ure A.1
A.(.1. Modellin,
F"e Ca"e %ia,ra&":
i+ Client Ser/er TeGt Tran"action
>&
erver
)lient
earch for
2evices
earch for
ervices
*e7uest
for
connection
#ccept
connection
Transmit
te.t
*eceive
te.t
Mobile 2evice
Fi,ure A.(.1.1
ii+ Acti/it5 Lo, En,ine:
>E
-ngine
Bser
tart activity
tealth Mode
observation
-nd activity
,iew past performed
activities
Mobile 2evice
2ialled
calls
*eceived
)alls
ent
Message
*ecord #ctivity
Fi,ure A.(.1.(
iii+ O2EH File Tran"3errin,:
>F
3"-J
(ender)
"rowse file to
be transmitted
end +ile
*eceive +ile
*eceiver
earch for
devices
elect 2evice
for file
transmission
Mobile 2evice
Fi,ure A.(.1.A
T)e 3our cla""e" 3or i&-le&entin, a *Serie" @<+ a--lication:
Generic deri/ation o3 %ialo,:
>G
Fi,ure A.(.1..
Fi,ure A.(.1.=
Cla"" dia,ra& 3or Hello 0orld:
2luetoot) "er/ice di"co/er5:
1'
Fi,ure A.(.1.@
Fi,ure A.(.1.I
Flo0 dia,ra& 3or 2luetoot) Attac$
A.(.(. Anal5"i"
1>
%i"connect 3ro&
de/ice
Li"t
e&-t5D
Idle
In>uire 3or ne0 de/ice
2luetoot)
ena'led
de/ice 3ound
Collect li"t o3
nei,)'our"
EGtract nei,)'our de/ice 3ro& li"t
and connect to it
Connection
"ucce""3ulD
Tran"&it %ata
I%LE TIME
EHPIRES
O
:ES
:ES
O
:ES
O
Fi,ure A.(.1.J
#nalysis is done in many phases/
+irst the "luetooth transport protocols are analysed and are used during establishing
connection and file transfer.
2luetoot) Tran"-ort Protocol"
The above figure demonstrates the "luetooth transport protocols in ymbian 3.
The protocols shown above are
41)#8 (The 4ogical 4in6 )ontrol and #doption 8rotocol)
*+)3MM (*adio +re7uency )ommunications)
#)4 (The #synchronous )onnection%oriented 4ogical transport protocol)
)3 (ynchronous )onnection%3riented logical transport 8rotocol).
11
Fi,ure A.(.(.1
.
econdly, analysis on how ymbian )== wor6s is done
O/er/ie0 o3 2uild -ro#ect
In"tallation Proce""
A.(.A. Wor$ Plan
19
Fi,ure A.(.(.(
Fi,ure A.(.(.A
A.A.1. %e"i,n
1. 2luetoot) Ser/erKClient &e""a,in,:
$o
)entral en7uiry/ ecurity 4oopholes in e.isting mobile security.
Aet the general idea of e.isting threats in Mobile networ6s.
+ind the operations of previous viruses
elect the target platform which is widely used in Mobile phone
elect the target language
2evelopment of various modules
)ompletion
of module
Testing of modules
!es
tudy the process and suggest the flaws in 3 to enhance security
Merger of
modules
+urther research
!es
$o
1:
Fi,ure A.(.A.1
(. 2luetoot) File tran"3er:
1?
Fi,ure A.A.1.1
A.A.(. I&-le&entation
1&
Fi,ure A.A.1.(
2luetoot) PMP
This application is made in ymbian )==. It uses "luetooth technology for
device and service discovery, connection establishment to one or more devices,
communication between devices, and disconnection.
The "luetooth *+)3MM protocol is used as a transport protocol.
Important +iles and )lasses used/
)"luetooth8M8-.ample-ngine/

#cts as an engine and handles the connections.

)2evice2iscoverer/
Is used in device discovery.
)ervice2iscoverer/
Is used in service discovery.
))onnector/
0raps a soc6et connection. )4istener sets up a
listening channel.
Main ymbian classes used/
*oc6eterv/
oc6et erver
*Kost*esolver/
8rovides an interface to host name resolution services,
such as 2$,that may be provided by particular
protocol modules.
)dp#gent/
ervice discovery agent.
dpearch8attern/
ervice discovery search pattern.
*dp idp/
ervice discovery protocol session.
Acti/it5 Lo,,er:
1E
This application use the 4og -ngine #8I provided by ymbian. The #8I is
used to record activities done by the user, of which they may not be immediately
aware, or which are of high importance such as telephone calls, messages. These
events can be retrieved by a application and displayed to the user.
The 4og -ngine #8I is supported from &' 1nd -dition and 9rd -dition.
Important +iles and )lasses
)4og-.-ngine/
This class is used for retrieving events from the event
storage
)4og-.ample4og2atabase3bserver/
This class observes the event storage and notifies about
the changes in the storage.
$otification of events and clearing the event log could also be handled using
the M4og)lient)hange3bserver and M4og,iew)hange3bserver instead of the
generic change method used in the application but it was done as the above two
function do not have the developer level capabilities and so the security system in 9
rd

edition will not allow the application to access the 4og -ngine
2luetoot) File Tran"3er:
This #pplication provides a method for transferring objects or chun6s of data from
one device to another via the "luetooth 3"-J protocol.
These chun6s are files or other bloc6s of binary data. This e.ample demonstrates
how to run 3"-J on top of the "luetooth *+)3MM protocol.
The end BI #8I is also used. end BI is a convenient, high%level messaging #8I that
hides the bearer details from the developer. It can be easily used for sending M,
MM, and e%mail messages, and even for data transfer over "luetooth or infrared.
Important +iles and )lasses
1F
T3be."luetooth8rotocolInfo
This class provides a way for a client application to specify the underlying
"luetooth protocol it wishes 3"-J to use.
T3be."ase3bject
#ll data transmitted over 3"-J is wrapped up in a containing object before it
is sent. There are three main types of 3"-J data wrapper classes.


)3be."ase3bject provides the base class for all of these data wrappers
.

)3be."ase3bject is a virtual class that cannot be instantiated.

The three concrete classes are the following/

)3be.+ile3bject is designed to be used when sending files over
3"-J.
)3be."uf3bject is designed to be used when sending a chun6 of
memory over 3"-J.
)3be.$ull3bject provides a means for sending a blan6 object.
M3be.erver$otify
Is used by the operating system to inform an 3"-J server of 3"-J
communication events.
)3be.)lient
8rovides a client application with the necessary functionality to re7uest 3"-J
objects from and send 3"-J objects to the 3"-J server.
)3be.erver
#llows a client application to offer 3"-J services to other devices
)2ocumentKandler
Bsed for file launching.
constant L8owerModeetting$otifierBid M N'.>'''?G-1O
Bsed for detecting whether "luetooth is on. If not, the user is as6ed to
switch it on.
)"Tervice#dvertiser
1G
# class for advertising the service in the ervice 2iscovery 8rotocol (28)
database for devices to connect to.
)3bject-.changeervice#dvertiser
Inherits )"Tervice#dvertiser and adds the creation of the service description
which is used in service advertisement.
)"Terviceearcher
Bsed when searching for a "luetooth service.
)3bject-.changeerviceearcher
Inherits )"Terviceearcher. The service class to search for is set to/


end BI )lient/
The end BI #8I (sendui.h) is also implementation for easy file sending
+iles cannot be received and saved by the 3"-J #pplication, Instead the file will be received
by the Messaging application.
A.A.A. Te"tin,
9'
Testing on done first on emulator and then on devices.
2evice used for testing are/
Three $o6ia ?E'' (&' 9
rd
edition +8>)
3ne $o6ia $E1 (&' 1
nd
edition +81)
3ne ony -ricsson 0al6man ??'i
0edcomm "luetooth 2ongle
LAM Functionalit5 Te"tin,
>. can 2evises
8lan % 2iscover "luetooth devices in range and create a list.

3utput % 0hile testing, only visible devices appeared on screen. $on
discoverable devices did not appear.

1. earch ervice
8lan % To e.ecute client%erver communication, server will
4oo6 for client running transfer service open.
3utput % #pplication properly finds service and connects both
server%client
9. end Te.t
8lan % )lient and server will interchange te.t in%between.
9>
3utput % Te.t successfully transferred but sometimes the client side
tops responding and the device running it, hangs.
:. #ctivity recording
8lan % *ecord activities performed by user.
3utput % Message details including message recording successful
2ialled $o. record successful
*eceived no. record successful
?. +ile "rowser
8lan % 8hone and Memory card browsing
3utput % 2evice successfully browsed.
&. +ile Transfer
8lan % +ile sending via "luetooth.
3utput 5 +ile send successful without pin pairing, but as6s for
conformation on &' 9
rd
edition +8> devices.
L2M Plat3or& Intero-era'ilit5
91
The application was run on different Mobile devices running on &' operating
systems, li6e $3LI# ?E'', $E9 (Music edition) and $E1.
+or device discovery and file Transfer ony -ricsson ??'i was also used.
The applications output was almost similar for device discovery and service discovery.
The application wor6s on ymbian platform and can operate on any &'
2evice running version 1
nd
and 9
rd.
It will not wor6 mobiles running version >
st

because the libraries used for >
st
edition are totally different from the later.
LCM Accurac5
There are some errors that can occur/
>. "luetooth not turned 3$.
1. 2evice found but service not found
9. $o device found
:. )lient side busy
?. +ile not received.
&. +ile sending failed
L%M E33icienc5
The time ta6en by the application to search the devices, services in range was
tested and compared with the default device discovery, both time were different but
the application was running properly, also the file transfer was chec6ed to be accurate
and the file transferred was correct though the time ta6en for transfer to some device
was relatively large.
LEM Li&it" o3 t)e A--lication
The application is compatible only with mobiles running on ymbian &' 3
version 1
nd
and 9rd. #pplication is made only for multimedia devices with "luetooth
facilities.
99
CHAPTER .
Findin," and Conclu"ion
9:
..1. Findin,"
ymbian 3 was made to provide high efficiency application base. The security lea6s
were heavily used in first and second edition. The third edition of ymbian 3 is
currently the most popular and is said to be the most secure 3.
ymbian supports threaded bac6ground applications, while in java we get a H#,# logo
if any application runs. imply java indicates the e.istence of running application
while ymbian doesn<t show any indication if application runs in bac6ground. This is
the most prominent feature of any worm to run in bac6ground without
ac6nowledgment.
The latest 9
rd
edition of ymbian is e7uipped with 8I$ pairing facility for security
over device access .econd edition doesn<t have such feature. In some 9
rd
edition
devices, 8I$ pairing is still violated.
# system thread 6nown as recogni@er runs in bac6ground used for application
launching associated with respective file types. This also helps for worm to get
automatically installed in victim<s device. #t reception of I pac6age document
recogni@er automatically initiali@es installation wi@ard
9?
E/aluation MatriG
This matri. will show comparison between some worms with our application .
Pro#ect Ca'ir Co&&K0orrior %u"t
"5"te& Mobile phone Mobile phone Mobile phone Mobile phone
OS ymbian ymbian ymbian 0indows )-
Sel3 re-lication $ot yet !es $o $o
Mode o3
co&&unication
"luetooth "luetooth "luetooth +ile #8I
Functionalit5 8ropagation and
disclosing victim
data
8ropagation via
"luetooth
8ropagation via
"luetooth
+ile infector

9&
..(. Conclu"ion
Mobile phones are the most commonly used device and facing great technology
revolution .ymbian ma6ing it popular, handy and efficient. Threats are also coming in same
fashion. 8ast versions of ymbian came with great development flaws which were found very
early and ymbian faced worms and viruses in bul6.
2eveloper level errors and open security holes are prominent in software systems. #ny system
till the date is not >''P secure. It needs regular testing, vulnerability scanning and problem
rectification #nd for this we need to follow the e.perimental approach followed by hac6ers .
,ulnerability or loop%hole finding is always accidental or e.perimental. ymbian needs to
avoid these cases and to ma6e user data secure.
..A. Future Wor$
The wor6 can be e.tended with e.periments to develop worm application on ymbian
phones. This will help the IA of Mobile communication system with e.act solutions for the
improvements in the ymbian system l.
The implementation till now has features/
>. 2evice discovery
1. ervice discovery
9. #ctivity 4ogging
:. file transfer using 3"-J88
The authentication control is not being used.
$ow further wor6 can be ta6en out as/
>. Kidden and auto%run conversion.
1. self %Image *eplications
+urther wor6 can be performed over inter platform applicability as virus can travel
from computer to phones or vice%versa. +or security personals, such tool can be used
for remote monitoring of devices.
9E
Re3erence"
Re"earc) Pa-er":
>) haharudin Ismail and Qahri Kj !unos ;0orms and Trojans go mobileR
$I-* the T#* InTech, 1:, March, 1''?
4in6/
http/((www.cybersecurity.org.my(data(contentSfiles(>9(G>.pdfD.diffM>>E&:>&F:9
1) Auanhua yan, tephan -indenben@, 4eticia cellularR "4B-T33TK 03*M
8*38#A#TI3$/ M3"I4IT! 8#TT-*$ M#TT-*R,1''?.
4in6/ http/((www.ieee.plore.ieee.org(iel?(:99GEE:(:99GEE?(':9:'91F.pdf
9) )hris +lei@achy, Michael 4iljenstam@, 8er HohanssonR)an !ou Infect Me
$owD Malware 8ropagation in Mobile 8hone $etwor6sR )alifornia, an 2iego
1''&.
4in6/http/(( www%cse.ucsd.edu(Tvoel6er(pubs(cellworm%worm'E.pdf
:) Hayanta 8ariyal,R#$ #$#4!I 3$ )#"I* M3"I4- ,I*BR, 2ecember
1'':.
4in6/ http/((www.pferrie.tripod.com(papers(cabir.pdf
?) Hing u, Lelvin L.0. )han, -val de 4ara ;# preliminary Investigation of
0orm Infections in a "luetooth -nviornmentR Bniversity of Toronto, 1''&
4in6/ http/((www.cs.toronto.edu(Tagmi6las(pubs(bluetooth.pdf
9F
W)ite -a-er" and Article":K
http/((www.slashphone.com(>&(1F'9.html
http/((www.mobilemonday.net(mm(presentation.phpDidM99&>
http/((www.symbian.com(news(cn(1''&(cn1''&F>>&.html
http/((www.symantec.com(securitySresponse(writeup.jspDdocidM1'':%'&>:>G%
::>1%GG
http/((www.sophos.com(security(analyses(symbcabira.html
Ot)er "tud5 &aterial and rele/ant in3or&ation )a" 'een retrie/ed 3ro& "ite" "uc)
a"
http/((portal.acm.org
http/((www.f%secure.com(
http/((www.newlc.com(
http/((www.forum.no6ia.com(

Re3erence 2oo$":
;8rogramming Mobile 2evicesR Tommy Mi66onen
;"luetooth -ssential for 8rogrammersR #lbert . Kuang and 4arry *udolph
ymbian 3 )== for Mobile 8honesR *ichard Karrison U Mar6 hac6man
9G