| Due to the highly developed modern technology,Smart phones and other mobile devices are become more and more universal. Most of those devices are used to process or store sensitive and confidential data.Consequently,it may cause many problems,such as privacy disclosure,mobile phone virus,spyware,etc.Therefore,to research mobile operating system security is important.iOS is a mobile operating system unveiled with the first iPhone in2007.Because of it’s splendid user interface and excellent user experience it has won the most market share in the field of the smartphone OS market.For the years its popularity and growing prospects has attracted many experts in the whole world’s attention.The iOS operating system has many advanced technologies on its security mechanism, And through recent years Apple has put so much effort on how to make it more safer and less vulnerableness,it has become one of the most security mobile operating system,Besides the system security mechanism,the Apple also introduced Appstore to protect their software from being infected by malicious applications. For enterprise users,there is an Mobile Device Manager services provided by Apple to use.Although iOS is considered as a pretty secure operating system,but it dose not mean it has no vulnerablenesses.However,since the iOS and iPhone has became the focus of attention of millions of people,it is easier to become to malicious software’s target.Especially for those "jailbroken" devices,which without being protected by iOS security mechanism,can run unsigned applications that probably has malicious code inside.Even for those applications from Appstore are still have the risk of including malicious code if something went wrong during the AppStore review process.Security studies on the current iOS operating system are mainly includes two aspects.The one is studies on the system security mechanism itself.Since iOS is a closed source system,there is only a few research papers and documents about iOS are available now. In this paper we have discussed current researches and resources and pointed that iOS security mechanism is consist of trusted boot chain,code signing,sanbox,and data protection,etc.then we used reverse technologies to analyzed the whole iOS security mechanism architecture from the low level perspective and found many vulnerablenesses.The another studies is about iOS application security.In this paper we firstly analyzed the iOS application’s classification,structure,executable binary and permission system.Secondly,we studied all kinds of threatening behaviors a iOS malware have.And finally we presented a presented a iOS application security review system,this system consist of three major parts,they are static analysis,dynamic analysis,malicious behaviour detection.By using the iOS application review system designed in this paper,we can evaluate a application’s behaviour and know if this application include malicious behaviour,if it does, we could inform the user as soon as possible to avoid loss caused by malware. |
PDF Full Text Request