Solved by verified expert:I have the first draft attached and need to revise it. I have received feedback from my professor and the original requirements. ROUGH DRAFT FEEDBACK: Sara, you have gathered many useful and valuable sources here for your literature review, but you have to make sure that each bibliographical entry follows APA format. Some of these entries do not include the required information, such as volume numbers, page numbers, and a “doi” or “retrieved from” at the end of the citation. Please review APA citation format by looking at examples in our classroom materials or by using UMUC’s library tutorials on APA format. Each type of entry needs to follow a certain format. Also, the author’s last name goes first in each entry, and article titles should not be quoted. Titles of journals need to be in italics. In your annotation; you need to have a critical analysis at the end that explain why the source would or would not be useful in your literature review. The second line of each entry should be indented. I recommend studying sample annotated bibliographies before you revise this. It would also be helpful to submit your revised bibliography to the UMUC Writing Center (“Resources” along the purple bar at the top of the page) for free feedback. Finally, make sure that you edit your paper for grammatical errors; try reading each sentence out loud.
screen_shot_2017_11_06_at_2.11.46_pm.png
screen_shot_2017_11_06_at_2.12.16_pm.png
screen_shot_2017_11_06_at_2.11.54_pm.png
screen_shot_2017_11_06_at_2.12.07_pm.png
writing_assign_2.docx
Unformatted Attachment Preview
Running Head: CYBER SECURITY IN MOBILE COMPUTING
1
S. Raghuram, “Man in the Cloud: Threat, Impact, Resolution, and the Bigger Picture,” blog, 2015;
www.skyhighnetworks.com/cloud-security-blog/manin-the-cloud-threat-impactresolution-and-the-bigger-picture/ [accessed 8/23/2016]
Raghuram article describes the use cloud applications and services to avoid cyber-attacks,
to stay secure and compliant. He furthermore describes getting the visibility of the IT and
governance over mobile computing and data in clouds apps and how they are protected
against threats targeting cloud accounts. He describes how to achieve a better security with
less complexity. His article points out a clear indication and criticizes the removal of
CASBS, and rather it explains the importance of integrating it with the existing security
infrastructure to improve the management of the security in cloud computing. The article
explains the use of CloudSOC, which integrates with Symantec DLP, SWG, Endpoint,
Encryption, ATP, and Authentication will enhance a strong security coverage with a
reduction in operational cost and complexity. This article, therefore, is a good resource for
the Cyber-attacks security research; however, some of the contents in the article are not
indicating the cyber-attack concerns rather just explaining it in cloud computing
perspective only.
L. Francis et al., “Practical NFC peer-to-peer relay attack using mobile phones,” in Proceedings of
the 6th international conference on Radio frequency identification: security and privacy
issues (RFID.
This article explains the use of NFC as a standardized technology that provides short-range
RFID communications channels for mobile devices. The issues of peer-to-peer applications
CYBER SECURITY IN MOBILE COMPUTING
2
in mobile devices are receiving increased interests, and in some cases, these services are
relying on the NFC communications. The article has relied much more on the suggestions
about the NFC systems and how they are vulnerable to attacks. The author finally gives a
conclusion that the attacks on the proxy devices are more likely to be implemented off-theshelf. Furthermore, the article describes how an attack can be implemented against systems
by use of the peer-to-peer NFC communication by developing and installing suitable
MIDlets on the attacker’s NFC-enabled mobile phones. The article seemed to contradict
with other sources on how the attacks access the secure program rather it only suggest the
use of the APIs gain access. The article is purely good for researching security-related
issues in mobile computing and cyber-attacks. However, it only majors its focus on the
mobile environment and its countermeasure yet the computing field is very wide, and all
are subjected to different if not same threats.
M. Georgiev et al., “The most dangerous code in the world: validating SSL certificates in nonbrowser software,” in Proceedings of the 2012 ACM conference on Computer and
communications security.
The article purely talks about Secure Sockets Layer (SSL) as the main factor for secure
Internet communications. It describes that the security of SSL connections security
depends on correctly validating the public-key certificates presented when establishing the
network security infrastructure. He demonstrated on how the SSL certificate validation is
completely broken in many security-critical applications and libraries. The article explains
CYBER SECURITY IN MOBILE COMPUTING
3
the cause of the mobile computing vulnerabilities. However, the vulnerabilities sources are
not described rather they are badly described with a confusing array of settings and options.
This article is very important to anyone who researches SSL certificate and cryptography
issues in the computing environment. Writes about how fierce Geronimo was at his early
age a character that made him be adored by more and thus was given a chance to lead his
people. Finally, to extend my understanding, it is good to use some of outside sources that
he has cited in his work. This will help you add more content your research.
K. Zetter, “Darkhotel: A Sophisticated New Hacking Attack Targets high profile Hotel Guests,”
Wired, 10 Nov. 2014
The article deals with the controversial issues surrounding the mobile technology,
information technology and cyber-security attacks and threats. The author moves on and
explains on how the guest hotel executed malicious programs that they were directed by
the attackers and explained on how mobile technology has encouraged the cyber-attacks
on different platforms. In the article, it does not give the outside sources as a point of
reference in case one would like to know where the information was extracted from. This,
therefore, makes the article to be doubted when compared to other sources that I have
cited. The author only focuses on the executable malicious programs directed to the
network and simply giving out the whole threat and what are the vulnerabilities
associated with. Further for good research, the article requires a backup of other sources
for it to bring a clear knowledge on cyber-attacks about mobile computing.
CYBER SECURITY IN MOBILE COMPUTING
4
S. Merlot, “FTC Goes After Firm for Tracking Shoppers’ Cell Phones,” PCMag, 24 Apr. 2015;
www.pcmag.com/article2/0,2817,2482985,00.asp
In this article, the author talks about the company that allows tracking consumers’
movement through their stores. He critics the company for not informing their customers
that their information was tracked, rather they had a responsibility of cautioning them.
The article explains the number of customers’ information. It indicates that for the
company to avoid cyber-attacks and security threats, its import for the company to their
privacy promises to customers when implementing the new technology. The author uses
quite some useful sources that can give specific information about how to avoid these
threats. The article is useful for researching the impacts of new mobile technologies in
relationship to security threads. To narrow the area of study, it is advisable to use the
sources cited as outside sources to look for more understanding and to broaden the
knowledge. This journal is good for citing as a resource, but only it has a small problem
whereby it didn’t classify the specific threats that sharing of information in mobile
distributed systems face. Therefore it is recommended to back up with other external
sources to avoid the narrow point of view of the author.
L. Carettoni, C. Merloni, and S. Zanero, “Studying Bluetooth Malware NISTIR 8144 (DRAFT)
ASSESSING THREATS TO MOBILE TECHNOLOGIES 24 Propagation: The BlueBag
Project”, Proceedings of the 2007 IEEE Symposium on Security and Privacy, pp. 17-25,
2007.
CYBER SECURITY IN MOBILE COMPUTING
5
The journal is about how wireless and hoc networks play a crucial role in communication
dominance in the market. The journal particularly explains the need for having or
deploying a decentralized system and protocols so that no single node is exposed the
vulnerability of the network to avoid mobile-based attacks in the company. The author
focused more on multicasting applications for the tactical networks, where information has
to be distributed from the source to different nodes.
Z. Wang et al., “Implementation and Analysis of a Practical NFC Relay Attack Example,” in
Proceedings of the 2012 Second International Conference on Instrumentation,
Measurement, Computer, Communication, and Control, 2012, pp 143-146
This article focuses on the Near Field Communication (NFC), this is a kind of
technology that provide close with RFD communication channel based on mobile
devices. The author describes and gives examples on how peer-to-peer application based
on mobile devices and how they rely on NFC. A clear description of the security
problems the NFC system is facing which are susceptible to the relay attacks. This article
furthermore explains the mobile-based attacks happen on a peer-to-peer NFC
technology. This source is very important for researching cybersecurity topics that relate
to mobile dives. This because a vivid description of how attackers use mobile phone with
the NFC functions on Android platforms to install and run malicious programs. The
source is very reliable for more research, and it can be used solely because it comprises
several external references.
CYBER SECURITY IN MOBILE COMPUTING
6
M. Maass et al., Demo: NFCGate – An NFC Relay Application for Android [Extended Abstract],
presented at 8th ACM Conference on Security and Privacy in Wireless and Mobile
Networks, 26 June 2015; https://github.com/nfcgate/nfcgat
The author of the article explains the problems and threats that the mobile devices pose to
the enterprises. It points out that it might be very difficult to use isolated sandboxes and
remote wipe device, because all may fail to mitigate the security challenges associated
with the complexity of mobile information systems. He writes that there is the need to a
set security controls and countermeasures that address threats posed by the use of mobiles
in a holistic manner. The author is very clear on the issues, and he provides the reasons
why enterprises should put in place a mobile security system to control the cybersecurity
issues. This source according to my view is very legitimate to be used in research because
it gives a lot of broad areas concerning the topic. This includes cellular networks and the
cloud infrastructure that is used to support mobile application and other mobile devices.
C. Miller, Exploring the NFC Attack Surface, BLackhart presentation, 5 July 2012;
https://mediaattacks.blackhat.com/bh-us12/Briefings/C_Miller/BH_US_12_Miller_NFC_attack_surface_WP.pdf
The article as well describes how the NFC technology has been used in mobile devices n
some developed countries to mitigate the risks of cyber-security. Also, the description of
the emerging mobile devices technology is described. The author explains how the NFC
technology enables the mobile devices to communicate with each other in close range to
avoid being exposed to vulnerabilities. This article explores more on how NFC and its
CYBER SECURITY IN MOBILE COMPUTING
7
associated protocols are integrated to provide reliable and secure communication systems.
The main focus of the article is on how to build software that can take control the issues
associated with mobile communication and sharing of information be it personal or
enterprise based communication. The article is useful and more important for those who
want to carry out research, and I can prove that the authors ensured that all the contents of
the article are tangible.
M. Brignall, “Sim-Swap Fraud Claims Another Mobile Banking Victim,” The Guardian, 16 Apr. 2016
This article describes the challenge the e-commerce and the mCommerce sector are facing with
the rise of mobile fraud. The author focuses on the how the companies practicing ecommerce and m-commerce should do to ensure implementation of fraud management.
The article although gives the negatives site on the mobile technology although the positive
sector and less depicted. Possible countermeasure to create a firm and secure mobile
channel for business also is narrated in the article. The author suggests the use of devices
that implement an integrated SIM or eSIM that cannot be readily replaced by malicious
components and the use of strong physical controls also is important. This source is very
relevant to the topic, and its publication has an impact on various stakeholders be it the
researchers, e-commerce companies and also the customers who practice e-commerce or
m-commerce.
D. Goodin, “New Attack Steals Secret Crypto Keys from Android and iOS Phones,” Ars Technica,
3 Mar. 2016; secret-crypto keys-from-android-and-ios-phon
CYBER SECURITY IN MOBILE COMPUTING
8
This journal mainly describes the controversial issues associated with mobile security threats
surrounding the iPhone users. The article gives us the background understanding of the
main security issues facing the mobile users which he describes as manufactures problem
and not its users. Based on the mobile devices and cybersecurity concerns the author points
out that despite criticizing the manufactures also the end users should ensure they have a
well-integrated system to protects any mobile operation from malicious attacks. He stresses
the innovativeness among the youth in this century, which according to him it poses risks
as per as mobile computing is a concern. The article doesn’t provide external sources.
Therefore, it is not much reliable for quality research.
J. Cichonski, J.M. Franklin, and M. Bartock, Architecture Overview and Security Analysis,
National Institute of Standards and Technology, 2016;
This article describes the architecture overview and security analysis in mobile computing
technologies. It explains on how the new design of optimal utility that is associated with
mobile call admission control framework by the use of Bacterial Foraging Optimization.
The aim of this is to maximize the quality of service and to reduce the performances
degradation as well mobile usage security issues. The author also provided some of the
standard physical security mitigations that the industry should implement to ensure a good
system that is free from vulnerabilities and attacks. The article is very clear to comprehend
and so useful for research although it must be accompanied by other externals sources
because the author majored mostly on call security concerns.
…
Purchase answer to see full
attachment
