Student No: 4218788 Name: Dhara Desai Final Mark: 40

Student No: 4218788 Name: Dhara Desai Final Mark: 40

Please enter X where appropriate

General 1 2 3 4 5

Appropriate academic writing style; well formatted document X Correctly formatted set of good quality academic references X Supporting appendices included X Including the Ethical Statements in the proposal X Chapter 1 1 2 3 4 5

Overview to the dissertation toward defining the problem statement. X Clear problem statement at the level of MSc X Clear, challenging, and achievable objectives X Chapter 2 1 2 3 4 5

Comprehensive literature review about related works X Providing the evidence of critical writing X Addressing the concepts provided in objectives (defining the keywords and metrics) X Chapter 3 1 2 3 4 5

Clear methodology by addressing all the steps needed to achieve each objective X Usage of tools (e.g. flowcharts and infographics) to represent the methodology X

Supervisors Comments:

Problem statement is lacking in depth and is unclear as to what the actual specific problem is. Research questions are sufficient but scope still seems fairly wide. Literature review contains some relevant points but is largely descriptive and could be more critical throughout. The concepts of the objectives are mapped fairly well though so well done. No tools are used to represent the methodology and the discussion of the methodology itself could have much more clarification and justification of why you are going to do what you are going to do. There should be more detail on how a review of secondary sources would be conducted and the specific types of analysis used to analyse these sources and what the sources would specifically be. Sounds more like part of a literature review at this stage and there is some uncertainty of what the methodology would actually look like.

Second Markers Comments:

Your abstract is very sparse and does not provide an overview of your research proposal. Make sure you are fully representing your work here. Your introduction reviews security, although you could have discussed your focus on mobile apps further to justify your own research. Make your research questions more applicable to what you are going to be analysing and evaluating. This will help you word your research objectives. At present, your objectives are very high level. How will you determine solutions for reducing mobile app risks? What primary research will you be doing and how will you achieve this? Make more use of your research in your literature review section, maintaining your scope throughout to prevent scope creep. At present, there are unsubstantiated statistics in this section. Your methodology states that you will be analysing qualitative primary data. How will you collect this primary data and from what sources, and how will you test your results against your objectives and research questions? These are important questions to answer prior to starting your dissertation. Make sure you are clear with what you want to achieve and how you are going to do this. Julie Paterson, 27th June 2023

School of Computing & Technology Assessment Criteria Grid

Mark

% Comment Grade &

Characteristics Theory &

Academic Approach Practice &

Deliverables

0 Fail plagiarism, collusion, non-pres., name only as theory

1-39 Reassess:

inadequate but recoverable with effort no understanding, very short, inadequate, factual but little interpretation, lacks coherence, short, errors, misconceptions, coherent but mechanical notes, partial - rudimentary answer, limited interpretation, lack of knowledge of topic, no evidence of background reading, weak English but some appropriate use of language of topic. poor effective deliverables, requirements not met, deliverables partially complete, limited response to brief.

40-49 3rd, D

Pass: Sufficient for award of credit

adequate mainly descriptive approach, fair, limited conceptual or theoretical ability adequate response, demonstration of basic knowledge, relevant content, clear intention communicated, evidence of reading, acceptable minimum level of English for business presentation but may lack precision, some limited analysis / application of knowledge / theory / weighting of evidence, inconsistent deliverables meet basic requirement correctly but limited, just adequate but not innovative, interesting or exciting, for higher marks, 45+ just exceeds minimum specification, might be good in some areas but not consistent

50-59 2ii, C

Satisfactory

Satisfactory with some conceptual ability but lacks good evaluation or synthesis of ideas good response to task, collates info, satisfactory analysis & judgement, constructs generalisations based on evidence & opinion, argues clearly, logically & constructs a case, some limited ability to state a personal position, correct English with few imprecise statements good deliverables, some evidence of good design or execution, coherent and organised product, some limited evidence of self criticism concerning deliverable, some independence, initiative, autonomy, appropriate techniques, integration of knowledge for task

60-69 2i, B

Good.

Good analysis, evaluation, synthesis, integration & argument. evaluates info. & synthesises generalisations, good ability to state & defend personal position, good analysis & judgement, applies knowledge to new situations, sound on theory, critical, understands limitations of methods, selective coherent & logical approach, well written with clear, correct and precise English all criteria met to good standard, evidence of good design or execution, good integration of academic & practical issues, solid evidence of self critique/evaluation of deliverables, products well organised - documented - coherent. Evidence of independence, initiative, autonomy, creativity, adaptability, resourcefulness. Integration of knowledge,

70-79 First class, A,

Excellent.

as above but also stronger evidence of excellent, original, innovative, articulate work very strong ability to state & defend position, uses criteria & weighting in judgements, wide knowledge and theoretical ability, full understanding of possibilities and limitations of methods & theories, 75+ more original, innovative approach, command of critical positions, lively articulate writing, excellent grasp of material - synthesis of ideas most criteria met to high standard, strong evidence of evaluation of deliverables, 75+: deliverables excellent - all criteria met in clear and definite manner, evidence of excellent design or execution, elegance, innovation, very good evaluation of deliverables,

80-89 Outstanding.

as above but also

authoritative, superlative,

creative as above but also :-

seen all possibilities in task, gone beyond accepted conceptual/critical positions, evidence of creative, intelligent, innovative approach consistently & forcefully expressed as above but also :-

all aspects of deliverables superlative

beyond 80% emphasis on theory rather than practice/deliverables

90-100 Faultless

as for 80-89 but also :-

all work superlative & without fault as for 80-89

University of Gloucestershire School of Computing and Engineering

MSc in Cyber Security

DISSERTATION RESEARCH PROJECT PROPOSAL 2022/2023

Title: Data Leak Problem Of Mobile Security And Defensive Methods

Student name:Dhara Desai

Student number:4218788

Supervisor: Jordan Allison

Date:14.06.2023

Abstract

Purpose:

The use of smartphones makes the world connected and apps are stepping stones. In the era of technology and digitalisation, data leakage is a common issue that users face in their daily life. The research examines data leakage while downloading new apps on mobile devices, where customers offer access to contacts, photos, videos, cameras, and other information without even knowing the impact of it. This will also discuss the defensive methods to control it.

Method:

To complete the research, the researcher will use a range of secondary data like journals, company reviews and articles to understand the types of data leakage, and how it can be prevented. 7-8 papers will be analysed and all of them will be cited in the relevant context.

Results:

The study will help users and employers to have control over their personal information security and the legislators to pose new rules and regulations.

Table of Contents

TOC h u z t "Heading 1,1,Heading 2,2,Heading 3,3,"Chapter 1 - Introduction PAGEREF _Toc136694667 h 4Overview PAGEREF _Toc136694668 h 5Problem statement PAGEREF _Toc136694669 h 7Research questions PAGEREF _Toc136694670 h 7Research Objectives PAGEREF _Toc136694671 h 7Scope PAGEREF _Toc136694672 h 8Ethical Issues PAGEREF _Toc136694673 h 8Conclusion PAGEREF _Toc136694674 h 8Chapter 2 Literature Review PAGEREF _Toc136694675 h 9Investigation on how data leaks occur in smartphones, exposing users' private data. PAGEREF _Toc136694676 h 9Assessment of how enabling camera, photographs, videos, and contacts permissions when downloading new applications increases the risk of data theft for Android users. PAGEREF _Toc136694677 h 11The solutions for reducing such risks of exposing user's personal information and ensuring smartphone users' data security PAGEREF _Toc136694678 h 12Chapter 3 Research Methodology PAGEREF _Toc136694679 h 14Research Approach PAGEREF _Toc136694680 h 14Data collection method PAGEREF _Toc136694681 h 14Sample size PAGEREF _Toc136694682 h 15Data Analysis PAGEREF _Toc136694683 h 16Ethical consideration PAGEREF _Toc136694684 h 16References PAGEREF _Toc136694685 h 17Appendix A Gantt Chart and Timetable of Dissertation PAGEREF _Toc136694686 h 21

Table of Figures

TOC h z c "Figure" Figure 1: Number of smartphone users PAGEREF _Toc136889591 h 5Figure 2: Cyber Security PAGEREF _Toc136889592 h 6Figure 3: Number of Malware attacks on smartphones between 2012-2023 PAGEREF _Toc136889593 h 9

Chapter 1 - Introduction

Overview

Figure SEQ Figure * ARABIC 1: Number of smartphone users(Source: Degenhard, 2023)

If smartphones are the medium of the future, applications are its foundations interdependent and complementary. As per Degenhard, (2023), the use of mobile phones will increase over the days. In 2022 the number of smartphone users in the world was 5006 million and it is predicted that the global consumer number will be 6162 million people in 2028. The revolutionary mobile industry transformed the worldwide technology environment by making handsets prevalent and catalysing the emergence of an app-based ecosystem. While the future seems promising, the tremendous rise in mobile app usage conceals a terrible secret: data leaking. This commonly occurs when a customer taps on unauthorised links or enables the installation of unfamiliar programmes, which begin acquiring sensitive information and even manipulating smartphone capabilities and apps without the user's permission (Kul, Upadhyaya and Chandola, 2018). Mobile devices grow more prevalent in daily life, their safety has become more important. Data breaches and other security problems are becoming more regular, with mobile devices becoming a primary target. This sophisticated portable technology, powered by applications, is a fertile ground for thieves and shady organisations looking to steal and exploit information.

Figure SEQ Figure * ARABIC 2: Cyber Security(Source: Paloalto, 2023)

A review of privacy trends for 2022 revealed that 93% of malware assaults on organisations originated in a device network (Michali, 2021). According to the survey, 52% of private credentials were obtained from mobile devices via phishing emails, implying that hackers' desire for mobile devices for confidential data would only grow in the future. Another survey was conducted by Paloalto, (2023), among 1,300 top managers from all over the world and across industries on current cybersecurity issues and themes. 96% of them have experienced one breach or incident in the past few years, a breach related to operational disruption was experienced by 33% of them. The results also show that 99% of the surveyed people are interested in adopting a Zero Trust framework to minimise cybercrime. In the following years, the worldwide safety of the mobile devices industry is expected to expand. In 2019, the market was valued at 7.77 billion USD. It is predicted to rise dramatically by 2030, reaching roughly 20.46 billion USD (Statista, 2023).

Before delving into various dangers that might result in data leaking, it's crucial to comprehend what security for mobile apps is and why leaking information can be harmful. So, the study is important to conduct. The study proposal concentrates on the mobile security data leak problem and associated defence measures. This study proposal aims to investigate the mobile security data leak problem and the approaches utilised to avoid such breaches. The study project would first look at the many sorts of data breaches that might happen on mobile devices. This will entail investigating the many sorts of harmful software and other hostile actors capable of stealing sensitive data. The study will also look at the many types of vulnerabilities in mobile operating systems and apps, as well as the ways for exploiting these vulnerabilities. The study proposal will then examine the defensive strategies utilised to reduce the danger of data breaches. This will entail investigating the different security methods available for mobile devices, such as encryption, authentication, and authorisation procedures. Other methods, such as customer education and regulations, will be investigated as part of the research to make sure consumers are aware of the hazards and know how to safeguard themselves.

Problem statementIn this part, the study discusses the topic of data leakage while downloading new programmes on mobile devices, where consumers provide access to contacts, images, videos, cameras, and furthermore. It poses data security vulnerabilities as personal data provided by users may be readily exploited.

Research questionsHow data leak occurs in smartphones, exposing users' private data?

How enabling camera, photographs, videos, and contacts permissions when downloading new programmes increases the risk of data theft for Android users.

What are the solutions for reducing such risks of exposing users' personal information and ensuring smartphone users' data security?

Research ObjectivesTo investigate how data leaks occur in smartphones, exposing users' private data.

To assess how enabling camera, photographs, videos, and contacts permissions when downloading new applications increases the risk of data theft for Android users.

To determine the solutions for reducing such risks of exposing users' personal information and ensuring smartphone users' data security.

ScopeThe goal of this study proposal is to examine information leak problems in mobile security and find defensive techniques for mitigating these risks. The study will concentrate on the many sorts of data breaches that can happen on mobile devices, as well as the probable origins of these leaks and the safety precautions that can be implemented to secure user data. In addition, the study will take into account how enabling camera, photographs, videos, and contacts permissions when downloading new programmes increases the risk of data theft for Android users. The study will also assess the efficiency of current security measures and how well they protect consumers from data leaks. This will help the consumers, the app owners, and the legislators to modify the laws and regulations. Lastly, the study will look at the possibilities for future safety precautions to further secure user data and the costs and benefits associated with implementing such measures.

Ethical IssuesEthical considerations are the set of principles that ensures the practices and design of the research. This makes sure the moral conflicts are addressed in the research. In terms of ethical issues in this research work, the originality of the research proposal is a concern. In this term, this is to confirm that the academic proposal is the result of the researcher's separate and unique effort. It has properly credited all of the materials from which these concepts and excerpts are derived. The citations are correct and used in relevant concepts. The work being done is not subject to plagiarism and has not been presented for publication anywhere. In doing this research proposal, a few tools will be used from open sources. In the end, the researcher followed the University guidelines to conduct the research proposal.

ConclusionThe chapter on the research has presented an overview of the research topic which is the data leak problem of mobile security and defensive methods. This has also discussed the problem statement, research questions and research objectives to reach the aim of the study. Along with it, the score of the study has given importance to conducting the research and the benefit of other researchers. Lastly, the ethical issues of the research make it full proof to conduct without any moral conflicts.

Chapter 2 Literature Review

Investigation on how data leaks occur in smartphones, exposing users' private data.Data leaks are a serious issue for mobile security since they expose people's personal information. It happens when unauthorised access is provided to confidential information and data has been exchanged with someone who is not intended to have it (Cilliers, 2020). Data leaking may occur in a variety of ways, and understanding how data leakage might occur is critical to secure users' data. Data from the business, application, web page, and other sources may be duplicated or moved to make them public or abuse them. Security over the data may be compromised as a result of unauthorised or unjustified data transmission to another party (NIST, 2023). When a smartphone's security features or apps are misconfigured, mobile data breaches may take place. Poor security of information and sanitization, obsolete technology, or an absence of personnel training are frequently to blame. Theft of identities, breaches of data, and ransomware installation might all result from data releases (NIST, 2023).

Figure SEQ Figure * ARABIC 3: Number of Malware attacks on smartphones between 2012-2023(Source: AVTest)

Malicious software can cause data leaking. Malware softwares may be installed on smartphones and used to capture personal information. These malicious programmes can track user data such as device location, browser history, and contact details. Malicious programmes can also steal data such as bank account details, passwords, and numbers from credit cards (The Economic Times, 2023). Although hacking assaults are the most typical source of data loss, it is usually weak or forgotten passwords that are used by the fortunate hackers. Permits for access that are overly complicated are a hacker's dream. Companies that do not maintain a close eye on those with permission to see what is inside their company are likely to have either provided the incorrect rights to the incorrect individuals or left out-of-date rights for an attacker to misuse.

Unsecured Wi-Fi networks can potentially cause data spillage. As per Lotfy, Zaki, Abd-El-Hafeez and Mahmoud, (2021), the use of public Wi-Fi can cause privacy issues. Unsecured Wi-Fi networks may be exploited to get access to sensitive data such as emails, banking data, and accounts on social media. 'Man-in-the-middle' attacks are a sort of data leaking. This sort of assault enables a hacker to get hold of data between the two gadgets and observe the data as it is provided. Lotfy, Zaki, Abd-El-Hafeez and Mahmoud, (2021), also added that people may now access data via the Internet more easily because of the greater use of hotspots and the proliferation of wireless electronic gadgets such as tablets and smartphones. While handy, these networks pose privacy and security problems. Nevertheless, many consumers are unaware of the risks associated with privacy since no means allow them to determine to which level their privacy is compromised. The study also shows that users are unaware of the fact of data leakage. They obtained actual information for 7295 customers from 3 public Wi-Fi hotspots spread over the Minia University campus, which spans a huge area. After the machine learning model, they discovered that 85% of internet users make use of unauthorised links, which could allow or their device's details and confidentiality to be revealed. 90% of consumers use the Social Network group, and 60% of consumers employ a search engine.

Unencrypted data communications can potentially cause data leaking. Whenever unencrypted portable media storage devices, notebooks, and other handheld gadgets containing private information go missing, the data may be released beyond the user's awareness (Salem, Taheri and Yuan, 2018). Data sent over a network that is accessible to everyone can be captured and viewed by third parties. Furthermore, unencrypted data transmissions might be subject to 'man-in-the-middle' assaults, allowing attackers to steal sensitive data. As per The Economic Times, (2023), data breaches have an impact on the economy of a nation. It has a short-term and spontaneous impact on the market and its partners and clients depending upon the business. The consequences lead to a halt in innovation, and productivity. The long-term impact of data leakage is more vulnerable when this information is used to reduce productivity while raising the cost of production. The cyber risk at the end of any related factor decreases the demand posing a negative impact on revenue and sales.

Assessment of how enabling camera, photographs, videos, and contacts permissions when downloading new applications increases the risk of data theft for Android users.As per Pistol et al. (2022), When installing new programmes, enabling camera, pictures, videos, and contacts permissions raises the danger of data theft for Android users. When downloading new software on an Android device, users are frequently prompted to provide access to particular phone functionalities. Users that accept this authorization allow the app to access their device's camera, images, videos, and contacts. Because these capabilities may be used to gather and distribute private information, users may be subject to data theft.

When harmful programmes are put on a device, data theft might occur. These malicious programmes can gather and exchange data with malicious individuals by gaining accessibility to the device's camera, pictures, videos, and contacts.

Furthermore, these malicious programmes might use the recording device without the consumer's awareness to shoot images or movies (Yadav et al. 2022). Private information, such as usernames, credit card numbers, and other protected data, can be stolen via this kind of data theft. In addition, theft of information may take place when an Android smartphone accesses a rogue website. Malicious websites can acquire and distribute personal data by using the device's camera, pictures, videos, and contact permissions. Furthermore, rogue websites might use the camera beyond the user's awareness to shoot images or videos.

According to The Economic Times (2023), to avoid identity theft, consumers should only provide authorization to access their cameras, images, videos, and contacts when essential. Furthermore, users should check that their device contains the most recent security updates and that antivirus and anti-malware software is running. Finally, consumers ought to become aware of the dangers of utilising free wireless networks and ought to prevent accessing important information through them.

The solutions for reducing such risks of exposing user's personal information and ensuring smartphone users' data securitySeveral measures may be used to decrease the dangers of revealing users' personal information. To strengthen data security, users should verify that their gadgets contain the most recent security patches and that antivirus and anti-malware software are installed. According to The Economic Times (2023), keeping the application current and up to date is one of the most critical things that can be done to increase the safety of the devices one uses. This covers the operating system as well as any applications or programmes one has downloaded (Raskar et al. 2020). Frequently upgrading the software assists eliminate any vulnerabilities that criminals may exploit.

Users should also use strong passwords and two-factor authentication to safeguard their accounts. When updating a new password, the users need to be sure that they are mixing the letters with the symbols and numbers in their various accounts (The Economic Times, 2023). Also, users should be aware of the hazards associated with utilising public Wi-Fi networks and should refrain from downloading sensitive information through these networks. Consider employing multiple layers of authentication wherever feasible. Multi-factor authorization is an authentication method that ensures only the appropriate individual has possession of the information (Manurung, 2020). Before access is authorised, at least two distinct forms of identity must be shown. For instance, one may utilise a password plus a unique code that is received by a text message.

According to Kaissis et al. (2020), Consumers of smartphones should verify that their mobile devices have the most recent security upgrades and that anti-malware and antivirus software have been downloaded to prevent data breaches. Customers should also be aware of the privileges they are granting while downloading new software on their device. Customers should avoid granting access to their cameras, photos, videos, and contacts unless it is absolutely necessary to do so because doing so could leave them vulnerable to data theft. Furthermore, according to Zou et al. (2019), in the case of enterprises, both employers and employees need to be able to spot dubious communications. They must look out for warning signs including foul language, time constraints, and money demands. As a result of new technologies, email attacks are becoming more complicated. A scam email may look to be from an established source. If they are unsure, contact the person who sent the message. There is another way to protect personal data. More enterprises rely on cloud services through utilising cloud-based services and apps. Security experts have the responsibility for protecting their businesses against advanced threats such as ransomware while maintaining the Internet of Things device-centric settings. Because individuals are still the primary source of potential risk for cloud-based enterprises, this might occur as a result of access to data modifications or unintentional platform modifications (Islam and Reza, 2019).

As per The Economic Times (2023), Despite the increase in data leakage, machine learning (ML) is fast expanding and giving new ways to combat these threats. ML technology, with its ability to collect and analyse enormous quantities of data, could assess past assaults, forecast the types of threats that might happen in the years to come, and construct countermeasures against them. As a result, via pattern recognition, real-time modelling of online crime, and thorough penetration tests, ML may reduce cyber risks and improve the structure of security.

Implementing mobile device management (MDM) technologies can help increase data security (Sisala and Othman, 2020). MDM systems allow businesses to manage their mobile devices, including data security policies and device management. Businesses should use secure cloud services to manage and protect their data since they may provide an additional layer of security. By utilising these solutions, consumers can reduce the risks associated with disclosing their personal information and ensure data protection. To preserve the security of their data, users must be vigilant and keep in mind that data security is a constant process.

In the end, this can be said that the users ought to additionally employ passwords that are secure and two-step verification to safeguard their accounts. In addition, users should be informed of the hazards associated with utilising public Wi-Fi networks and should refrain from accessing confidential data through these networks. Lastly, to guard against man-in-the-middle attacks, users ought to make sure that data communications are encrypted. At last, to guard against man-in-the-middle attacks, users ought to guarantee that all data transmissions are encrypted.

Chapter 3 Research Methodology

Research ApproachA research strategy is the method the researcher employs to collect, examine, and evaluate data. There are three types of research methodologies: mixed, qualitative, and quantitative. The qualitative research approach will be used in this study. Qualitative research is the best method for this study because it offers a thorough analysis of the information leakage problem related to mobile privacy and protective measures (Collins and Stockton, 2018). Qualitative investigation is an interpretative technique that concentrates on comprehending the study participants' significance, attitudes, and behaviours, or this will understand the trends and patterns related to the research questions, and objectives. Data can be obtained through focus groups, interviews, content analysis (secondary data) and observations. On the other hand, the quantitative data presents the relation among the research variables, attitudes, opinions and behaviours to accept or reject the premises of the research topic. In this case, such validation is not needed but to understand the view of users, hackers and lawmakers to help the society, consumers etc.

Subjective research is an excellent strategy to obtain insight into mobile security data leak issues and defensive solutions (Basias and Pollalis, 2018). It enables researchers to better study how users view and react to data leaks, as well as the steps they take to safeguard their confidential data.

Furthermore, qualitative research enables researchers to investigate the motives that lead users' decisions to provide specific rights while installing new programmes, in addition to the techniques people employ to secure their data against data theft.

Data collection methodTo safeguard confidential data and user storage on smartphones as well as during multi-way interactions, many organisations at various levels must implement mobile safety precautions. In this instance, this study will look at Android smartphones, but the same concept can be applied to iOS gadgets as well. This depicts how the Android application.apk file reaches the end user. Anybody may compile mobile app.apk packages to acquire the source code, which allows mobile app hosting providers or users to view or edit. To defend handheld devices from security assaults, producers, mobile application hosting companies including the Google Play Store, mobile phone operating system makers, and customer cell phones should work together. The researcher will concentrate on acquiring secondary data from papers and websites about such topics. As per Mohajan, (2018), the secondary data collection method is a way to collect information from the existing research which makes it easier than the primary data collection method. By doing this, primary data collection techniques like surveys, focus groups, interviews, polls, etc. may be conducted more quickly and inexpensively. It allows the researcher time for analysis. The information will be gathered from trustworthy sources including Google Scholar, university reports, company reports about their defence systems, newspapers, periodicals, and government reports and articles.

The CyBoK mapping is as follows:

2.6.3 Risk Evaluation and Management

5.1 Confidentiality and privacy

9.2.2. Data collection

6 Mobile and Web Security

The idea for this mapping is as follows:

Aside from data security, the mapping process aids in risk management. Furthermore, it aids in the selection and management of sources in order to conduct research in the proper direction.

Sample sizeThe sample size is the set of sources that presents data about the research topic and which helps to minimise data collection process from a large amount of data but possess the same information. In this research, the sample size of the secondary sources will be 20 among which 7-8 research papers, articles and company reports will be selected. A purposive sampling method will be used with some inclusion criterias (Andrade, 2021). To make sure the data is up to date, those research journals and sources will be selected that are published after 2018. The sources will be written in the English language.

Data AnalysisData analysis is the way to extract meaningful information from a range of raw data in this study, qualitative data will be collected, so the thematic data analysis method will be used to analyse the data. As a result, various types of information will be examined and contrasted, allowing for a qualitative study of the obtained data. Qualitative data analysis will help to understand the topic from a different perspective (Mohajan, 2018). The recent trends related to data leakage and the employer's perspective towards it can be assessed. It also enables researchers to comprehend the context of data leaking. This will also analyse the awareness among the consumers and various types of data leakage that can happen before the user comprehends. This is critical for comprehending the dangers and consequences of data leaking, as well as establishing effective defensive solutions. Qualitative research may also shed light on the efficacy of current data security procedures and tactics, as well as areas for development. Statistical data analysis is not appropriate in this case, as these possess the use of numerical to understand the intensity of the research variables but do not help the researcher to have in-depth research on the given topic.

Ethical considerationEthical consideration is a way to mitigate moral conflicts related to research. It makes research more reliable to be accepted by universities and researchers. It is vital to double-check information to ensure that it remains accurate and appropriate. This can be done by comparing the information to other resources or by running an error verification. Especially when dealing with quantitative data during the analysis stage. Using a range of data sources can help to reduce the risk of prejudice and boost the validity of the review. It may be helpful, for example, to collect qualitative information. Along with it, the data will be cited properly in the relevant context of the study. Through this research, no community will be harmed. To keep and preserve the research information, the researcher will utilise personal Google Drive in order to safeguard them only. Along with it, when the data has been used in a suitable context, it will be appropriately deleted.

ReferencesStatistics of attacks with malware applications on mobile phones with Android operating system between 2012 and 2023, in AVTest, The Independent IT-Security Institute. Available at: https://www.av-test.org/en/statistics/malware [Accessed on: 29th May 2023]

Andrade, C. (2021). The inconvenient truth about convenience and purposive samples. Indian Journal of Psychological Medicine, 43(1), 86-88. Available at: https://journals.sagepub.com/doi/pdf/10.1177/0253717620977000 [Accessed on: 29th May 2023]

Basias, N., and Pollalis, Y. (2018). Quantitative and qualitative research in business and technology: Justifying a suitable research methodology. Review of Integrative Business and Economics Research, 7, 91-105. Available at: https://sibresearch.org/uploads/3/4/0/9/34097180/riber_7-s1_sp_h17-083_91-105.pdf [Accessed on: 29th May 2023]

Cilliers, L. (2020). Wearable devices in healthcare: Privacy and information security issues. Health information management journal, 49(2-3), 150-156. Available at: https://www.researchgate.net/profile/Liezel-Cilliers/publication/333511479_Wearable_devices_in_healthcare_Privacy_and_information_security_issues/links/5cfa269f4585157d159912ff/Wearable-devices-in-healthcare-Privacy-and-information-security-issues.pdf [Accessed on: 29th May 2023]

Collins, C. S., and Stockton, C. M. (2018). The central role of theory in qualitative research. International journal of qualitative methods, 17(1), 1609406918797475. Available at: https://journals.sagepub.com/doi/pdf/10.1177/1609406918797475 [Accessed on: 29th May 2023]

Degenhard, J. (2023) Global: Number of smartphone users 2013-2028, Statista. Available at: https://www.statista.com/forecasts/1143723/smartphone-users-in-the-world [Accessed on: 29th May 2023]

Islam, M., and Reza, S. (2019). The rise of big data and cloud computing. Internet Things Cloud Comput, 7(2), 45. Available at: http://article.iotccjournal.org/pdf/10.11648.j.iotcc.20190702.12.pdf [Accessed on: 29th May 2023]

Kaissis, G. A., Makowski, M. R., Rckert, D., and Braren, R. F. (2020). Secure, privacy-preserving and federated machine learning in medical imaging. Nature Machine Intelligence, 2(6), 305-311. Available at: https://www.nature.com/articles/s42256-020-0186-1 [Accessed on: 29th May 2023]

Kul, G., Upadhyaya, S. and Chandola, V., 2018, August. Detecting data leakage from databases on android apps with concept drift. In 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE) (pp. 905-913). IEEE. Available at: https://arxiv.org/pdf/1805.11780 [Accessed on: 29th May 2023]

Lotfy, A. Y., Zaki, A. M., Abd-El-Hafeez, T., and Mahmoud, T. M. (2021, May). Privacy Issues of Public Wi-Fi Networks. In Proceedings of the International Conference on Artificial Intelligence and Computer Vision (AICV2021) (pp. 656-665). Cham: Springer International Publishing. Available at: https://www.academia.edu/download/67455496/Privacy_Issues_of_Public_Wi_Fi_Networks.pdf [Accessed on: 29th May 2023]

Manurung, D. T. (2020). Designing of user authentication based on multi-factor authentication on wireless networks. Jour of Adv Research in Dynamical & Control Systems, 12(1). Available at: https://www.researchgate.net/profile/Muchamad-Rusdan/publication/339209667_Designing_of_User_Authentication_Based_on_Multi-factor_Authentication_on_Wireless_Networks/links/5e440f09a6fdccd9659f8239/Designing-of-User-Authentication-Based-on-Multi-factor-Authentication-on-Wireless-Networks.pdf [Accessed on: 29th May 2023]

Michali (2021) Mobile security trends in 2022, Check Point Software. Available at: https://www.checkpoint.com/cyber-hub/threat-prevention/what-is-mobile-security/mobile-security-trends-in-2022/ [Accessed on: 29th May 2023]

Mohajan, H. K. (2018). Qualitative research methodology in social sciences and related subjects. Journal of economic development, environment and people, 7(1), 23-48. Available at: https://mpra.ub.uni-muenchen.de/85654/1/mpra_paper_85654.pdf

NIST (2023) The nccoe buzz: Is your phone leaking data?, NCCoE. Available at: https://www.nccoe.nist.gov/news-insights/nccoe-buzz-your-phone-leaking-data#:~:text=Data%20leaks%20happen%20when%20an,settings%20or%20applications%20are%20misconfigured. [Accessed on: 29th May 2023]

Paloalto (2023) Whats next in Cyber 2022 Global Survey, Whats Next in Cyber 2022 Global Survey. Available at: https://start.paloaltonetworks.com/whats-next-in-cyber-report?utm_source=google-jg-japac-portfolio&utm_medium=paid_search&utm_term=trends+in+cybersecurity&utm_campaign=google-portfolio-portfolio-japac-in-lead_gen-en&utm_content=gs-16988736225-146050049455-646913734522&sfdcid=7014u000001VQAEAA4&gclid=Cj0KCQjwmtGjBhDhARIsAEqfDEfmyujAZ9MzMf2M6ueynEDyxyo2W4RtscEL6r_fi4zgRc1k1sSQ_SIaAhkcEALw_wcB#Register [Accessed on: 29th May 2023]

Pistol, M. S., Popescu, F., Paun, M. A., and Paun, V. P. (2022). Simulation Of New Methods Using Applications Which Exflitrate Data From Android Phones. University Politehnica Of Bucharest Scientific Bulletin Series C-Electrical Engineering And Computer Science, 84(ARTICLE), 153-172. Available at: https://www.researchgate.net/profile/Florin-Popescu-5/publication/360938051_SIMULATION_OF_NEW_METHODS_USING_APPLICATIONS_WHICH_EXFLITRATE_DATA_FROM_ANDROID_PHONES/links/629468d888c32b037b5cfacd/SIMULATION-OF-NEW-METHODS-USING-APPLICATIONS-WHICH-EXFLITRATE-DATA-FROM-ANDROID-PHONES.pdf [Accessed on: 29th May 2023]

Raskar, R., Schunemann, I., Barbar, R., Vilcans, K., Gray, J., Vepakomma, P., ... and Werner, J. (2020). Apps gone rogue: Maintaining personal privacy in an epidemic. arXiv preprint arXiv:2003.08567. Available at: https://arxiv.org/pdf/2003.08567.pdf?fbclid=IwAR1k6b0UVyU0kK9-302c9fS7Hr_rZazDFGiL_ceB6UIMEacFsbYzVoHnFBc [Accessed on: 29th May 2023]

Salem, M., Taheri, S., and Yuan, J. S. (2018). Utilizing transfer learning and homomorphic encryption in a privacy preserving and secure biometric recognition system. Computers, 8(1), 3. Available at: https://www.mdpi.com/2073-431X/8/1/3/pdf [Accessed on: 29th May 2023]

Sisala, S., and Othman, S. H. (2020). Developing a Mobile device management (MDM) security metamodel for bring your own devices (BYOD) in hospitals. International Journal of Innovative Computing, 10(2). Available at: https://ijic.utm.my/index.php/ijic/article/download/273/186 [Accessed on: 29th May 2023]

Statista (2023) Mobile device security market worldwide 2030, Statista. Available at: https://www.statista.com/statistics/1300998/mobile-device-security-market-worldwide/ [Accessed on: 29th May 2023]

The Economic Times (2023) How to protect your personal and professional devices from cyber-attacks, The Economic Times. Available at: https://economictimes.indiatimes.com/news/how-to/how-to-protect-your-personal-and-professional-devices-from-cyber-attacks/articleshow/97373350.cms?from=mdr [Accessed on: 29th May 2023]

Yadav, C. S., Singh, J., Yadav, A., Pattanayak, H. S., Kumar, R., Khan, A. A., ... and Alharby, S. (2022). Malware Analysis in IoT & Android Systems with Defensive Mechanism. Electronics, 11(15), 2354. Available at: https://www.mdpi.com/2079-9292/11/15/2354/pdf [Accessed on: 29th May 2023]

Zou, Y., Danino, S., Sun, K., and Schaub, F. (2019, May). YouMight'Be Affected: An Empirical Analysis of Readability and Usability Issues in Data Breach Notifications. In Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems (pp. 1-14). Available at: https://www.ftc.gov/system/files/documents/public_events/1415032/privacycon2019_yixin_zou.pdf [Accessed on: 29th May 2023]

Appendix A Gantt Chart and Timetable of Dissertation

University of Gloucestershire School of Computing and Engineering

MSc in Cyber Security

DATA LEAK PROBLEM OF MOBILE SECURITY AND DEFENSIVE METHODSStudent name: Dhara Desai

Student number:4218788

Supervisor: Jordan Allison

Date:10.07.2023

Abstract

The future of technology will be comprised of the mobile, and so it becomes a mandate to remove data leakage issues. In the present era, people are more habituated to conducting the majority of operations via mobile marketing, such as economic transactions, email marketing, and the transaction of confidential documents. The scope of this research is that it has not compared the data leakage with other countries. Technology Acceptance Model and Open Innovation Theory have been selected here to provide clear and concise understandings regarding the research topic. The future of mobile security is the key literature gap of this research. This research intends to provide fruitful solutions for removing data leakage threats regarding mobile security.

Table of Contents

TOC o "1-3" h z u Chapter 1: Introduction PAGEREF _Toc139725917 h 51.1 Research Background PAGEREF _Toc139725918 h 51.2 Research Rationale and Problem PAGEREF _Toc139725919 h 51.3 Research Aim and Objectives PAGEREF _Toc139725920 h 71.4 Research Questions PAGEREF _Toc139725923 h 71.5 Significance of the Research PAGEREF _Toc139725924 h 71.6 Scope of the research PAGEREF _Toc139725925 h 81.7 Chapter Summary PAGEREF _Toc139725926 h 8Chapter 2: Literature Review PAGEREF _Toc139725927 h 92.1 Introduction PAGEREF _Toc139725928 h 92.2 Safety Cases and the Elaboration of safety architecture in the Legacy of mobile webs PAGEREF _Toc139725929 h 92.3Network deployment processes and the Influence on safety architecture and protection evolution PAGEREF _Toc139725930 h 102.4 Studies comprehended from the protective caseswith the enhancement of 1G and 5G for 6G safety PAGEREF _Toc139725931 h 122.5 Theoretical paradigm PAGEREF _Toc139725932 h 122.6 Conceptual Framework PAGEREF _Toc139725933 h 152.7 Literature Gap PAGEREF _Toc139725934 h 152.8 Chapter Summary PAGEREF _Toc139725935 h 16References PAGEREF _Toc139725936 h 17Chapter 1 PAGEREF _Toc139725937 h 17Chapter 2 PAGEREF _Toc139725938 h 17Appendices PAGEREF _Toc139725939 h 19Appendix 1: Literature Matrix PAGEREF _Toc139725940 h 19

List of Figures

TOC h z t "Heading 5" c Figure 1.2.1: IoT connection to the Smartphone PAGEREF _Toc139725941 h 6Figure 2.5.1: Benefit of Technology Acceptance Model PAGEREF _Toc139725942 h 13Figure 2.5.2: Benefit of Open Innovation Theory PAGEREF _Toc139725943 h 14Figure 2.6.1: Conceptual framework PAGEREF _Toc139725944 h 15

Chapter 1: Introduction1.1 Research BackgroundThis research has focused on collecting information regarding the importance of mobile security and the process of minimizing data leak problems. According to the information of Ameen et al. (2020), including multi-devices in mobile gadgets enhanced the cyber security risks. Hence, mobile security means adopting the procedure to protect the sensitive and confidential information of the user. Nowadays, the majority of people are operating their entire technological operations by using Smartphones only. Using excessive mobile apps can be one of the major reasons behind data leakage from mobile or smart devices. The lack of proper knowledge regarding the usage of mobile applications is one of the major reasons behind data leakage. Poor encryption also increases the threat of data leakage of smart devices. The procedure of gaining root access to the operation of the mobile app also causes data leakage. Insecure network connectivity also enhances the risk of data leakage. In this situation, if cybercriminals are able to hack the mobile device, then it becomes easy for hackers to get entire information easily. Based on the opinion of Johns (2020), almost 32% of UK businesspersons are suffering from data leakage. In this regard, this research intends to highlight the area of smart devices from where cyber criminals can leak data. This research also unfolds the reason behind data leakage, such as providing cameras, videos, and contact permission while downloading any application. In this situation, the mobile company needs to provide security support for at least five years to minimize the threat of data leakage.

1.2 Research Rationale and ProblemData leakage issues have become one of the more concerning areas for businesspersons and even for laymen. Based on the opinion of Mosteiro-Sanchez et al. (2020), encrypting data can be one of the defensive methods for people to save data from breaches. Data encryption is divided into two main categories such as symmetric-key encryption and public-key encryption. However, data encryption cannot be the sole solution for people to prevent data leakage while using smart devices. Hacking and malware are the most common reason in the UK behind data breaches. Data breaches can be one of the most concerning problems for organizations and people about data leak. Hence, a lack of mobile security can be the cause of the loss of confidential and private information. The installation of excessive apps often enhances the chance of data leakage.It can be predicted that within 2025 more than 75 billion things will be installed in the Smartphone so that people can operate their daily life activities with the Smartphone (IBM, 2023). Outdating the operating system is one of the key reasons behind the data leakage. Moreover, the user needs to focus on managing the security of Wi-Fi to minimize the chance of data security. It has been observed that British Airways, Boots and Aer Lingus, and BBC have faced massive data breaches. Hence, the UK government, along with the UK people, needs to be concerned about removing this issue. As per the opinion of Alazab et al. (2020), phishing, crypto-jacking, and excessive application permission can enhance the chance of data leakage in smart devices. The future of technology can be operated by smart devices such as laptops, smartphones, and tab with the help of the Internet of Things. It is worth mentioning that an increase in mobile applications equally increases the chance of data leakage.

Figure 1.2.1: IoT connection to the Smartphone(Source: Statista, 2023)

Figure 1.2.1 shows the number of things has been connected to smartphones in daily life. The IoT's impact on daily life and the IoT has increased noticeably. The figure indicates that the IoT has increased by almost 2.7 billion in 2020 (Statista, 2023).

1.3 Research Aim and ObjectivesAimThis research aims to investigate the data leakage problem of mobile security and effective solution based on defensive methods.

ObjectivesTo investigate the factors that cause data leaks in Smartphones, exposing users' private data

To examine the safety measures for minimizing data leakage while enabling camera, photographs, videos, and contacts permissions to download new applications increases the risk of data theft for Android users

To determine the solutions for reducing such risks of exposing users' personal information and ensuring Smartphone users' data security

1.4 Research QuestionsRQ1: What are the factors that cause data leaks in Smartphones, exposing users' private data?

RQ2: What are the safety measures for minimizing data leakage while enabling camera, photographs, video, and contacts permissions to download new programmes to increase the risk of data theft for Android users?

RQ3: What are the solutions for reducing such risks of exposing users' personal information and ensuring Smartphone users' data security?

1.5 Significance of the ResearchThis research has highlighted the reason behind data leakage while using smart devices such as mobile phones, laptops, and tabs. Moreover, this research also has provided information regarding the solution to this concerning issue. It has been observed that the lack of knowledge regarding the usage of smart devices is a significant reason behind data leakage. Thus, the significance of this research is that it helps the reader or Smartphone user to understand how cyber criminals leak confidential information. This research has discovered the future of mobile security and the responsibilities of companies to remove the chance of data leakage. Thus, mobile companies can get fruitful and effective ideas to enhance the support system in the devices. Executives of the entire world, along with the UK, are facing more issues related to this data leakage. This research consists of defensive methods that can help those businesspersons to avoid such issues and to protect confidential information.

1.6 Scope of the researchThis research has focused on collecting key information regarding data leak problems by mobile security and providing defensive methods to remove this threat. This research has the scope to investigate the reason behind the enhancement of data leakage of mobile security. This research has investigated the increase of data leakage in the UK, and the defensive method that can help this country to m manage this threat. The scope of this research is to find out solutions to minimize the risks behind the leak of personal information along with businesspersons. However, the research has not investigated the information of other counties regarding the same factor. The research has not compared the current situation of the UK regarding the same factors as other countries' situations.

1.7 Chapter SummaryThis section of the research has provided thorough information regarding the areas which have been covered in this research. The significant problem regarding data leakage by using a Smartphone has been investigated in this section. This research also has unfolded challenges faced by people in protecting information while operating information. Moreover, this research has revealed the significance and scope of the research. The excessive use of applications can be the reason behind the loss of confidential information from smart devices.

Chapter 2: Literature Review2.1 IntroductionThis section of the report has critically discussed the literature regarding the research topic. This section has focused on providing information regarding security issues and the evolution of security structure. This section also reveals the necessity of managing mobile security architecture to remove the threat of data leaks. This section has highlighted the challenges faced by users to protect confidential information while operating Smartphones by critically evaluating the existing literature. Moreover, in this section, to provide a clear idea regarding the research subject, some relevant theories have been developed and discussed. This section also consists of some lessons learned by people regarding data leakage, which can help them to operate smart devices safely. This section also has highlighted the literature gap, which have been identified while conducting this research.

2.2 Safety Cases and the Elaboration of safety architecture in the Legacy of mobile websThe architectures of safety for earlier network epochs consisting of 3G and 4G networks fall transient for 5G networks. In certain, it does not apprehend diverse safety points that initiate from any of the technologies employed in 5G as well as the further service issues arising from the latest industry circumstances proposed by 5G. For instance, the existing matter of safety architectures does not stand to develop for a multi-occupancy procedure such as transmitted material infrastructure employed by various providers, even if it cannot discriminate conviction links between the various inhabitants. Zhao et al. (2019) said likewise mounting for networks with virtualization and network slicing, like committing analytical networks for remote applications and others, is considered as something that may not be the portion of their essentials. Thus, considering these extant matters of safety, architectures require to be corrected as well as developed to possess assets for such operation with a proper set of technologies in this new age of 5G networks. Chochliouros et al. (2021) state that a better way to comprehend better about network-related security and safety issues is to check for early years and gather knowledge from experiences. This is the preferable way to comprehend the 6G network and data security with privacy policy is to peek at the matters that helped to comprehend from would be utilized for the current safety architectures along with a legacy of technologies if used to help 6G necessities (Abdel Hakeem et al. 2022).

The safety of diverse mobile data and networks with their transmission assistance poses a vital importance in the field of network and communication. Mobile security apps depict the process of protecting smart devices from external threats or hackers. In the present era, people are more dependable in storing confidential information on smart devices. As per the observation of Ali et al. (2021), this practice increases the threat of data breaches, and the adoption of mobile security apps is essential. Some software can help the user to save confidential and private information while storing them in smart devices. Some mobile security apps are Avast Mobile Security, Applock, and Sophos Antivirus and Security.However, there exist several phases that can be preached, which are primarily because of the networks' vibrant circumstances as well as the attribute that the safety conditions stand as considerably additional rigorous than in earlier network generations since it started to serve the multifarious network assistance from different verticals this existed as the mission of critical aspects. Chochliouros et al. (2021) also point out that 5G will permit the installation of new interaction prototypes with unique activators and elements in the mobile demand. This will provide an upgrade to a requirement to bring unique varieties of syndicate associations between partaking elements into interpretation in the safety configuration.

This will further proceed with a clear view of who can be depended on, in which concern, as well as to what breadth. Additionally, as per the views of Al Hayajneh et al. (2020), the service of the latest technologies like web and network virtualization, which is decoupling analytic networks along with networking hardware and "Software Defined Networking" (SDN), may carry revived trust points. In this circumstance, faith between application proprietors with calculates or compute and storage process includes resource providers. In the trust, concerns will exemplify themselves in demanding safety essentials to implement necessary assistance status arrangements and to safeguard information transmission between different activators.

2.3Network deployment processes and the Influence on safety architecture and protection evolutionCommunication is an important element of society, and in today's life, most of the communication process is done digitally, which includes man to apparatus and "machine-to-machine" transmission. Over the past few decades, it has also encountered a deploying impact on security management. Sardiet al. (2020) said the development of mobile webs and networks is proposed to fulfil the latest markets for improved implementation, elasticity, portability, and power efficiency of untried network assistance. "5G mobile networks" and other networks of the digital industry embrace pristine networking ideas to proceed with the additional enhancement of these components. The standardization of telecommunication elements is operating on combining unexplored networking visions such as creating "Software Defined Networking", "Network Function Virtualization", "Multi-access Edge Computing", cloud computing, and "Network Slicing" ideas to telecommunication service of networks. The mark of such endeavours is to develop a fresh software transportable network that helps in innovating and designing unique network assistance to meet the need for developing the forthcoming mobile networks.

The concept of "Software Defined Networking" offers to differentiate the management along with the data structure of networking elements and gadgets. The network control and measures the intelligence of an SDN-established network that is set in the process of a logically centralized regulator (Al Hayajneh et al. 2020). Moreover, this process enables the proposal of an abstract format for the infrastructure of the underlying network to control operations and industry application coating.

"Network Function Virtualization" offers a new strategy to make, deploy and control networking assistance. This vision seeks to differentiate the network operations from the prospect of proprietary hardware to drive them as a software representative. Ali et al. (2021) claim that cloud computing and "Multi-access Edge Computing" desire to deliver on need scalability for the web. Network slicing enhances the asset for additional gridlock categories in the 5G Network. Safeguarding protection and privacy control evolve the immediate situations in this contemporary telecommunication grid as threats can include strong influences.

Due to high effective costs, the operators seem to choose these two deployment methods: "Standalone (SA) vs. Non-Standalone (NSA)". As this NSA furnishes managing signalling of an unknown measure to the ground groups of ancient norms, in SA, the ground groups of an untried measure are straight associated with the root network without any medium to bear the ancient infrastructure (Nguyen et al. 2021). This deployment is a strategy that falls in an NSA method, which has two benefits such as considerably more inferior expense than SA and re-utilizing current aptitudes. By distinction, "deployment in the SA design" demands increased CAPEX while this can deliver assistance with a full capability of pristine usefulness.

2.4 Studies comprehended from the protective caseswith the enhancement of 1G and 5G for 6G safetyWireless mobile networks or portable transmission networks execute the communication of transmission via many different web facilities like radio waves, and with the accumulation of wireless web connectivity, it can be observed that massive advancements in the methods emanate a seamless venture of slick connectivity to day-to-day movements. Liao et al. (2020) said it could be seen that the "first generation", which was named "1G" wireless networks, has developed to the current day "4G" within a few decades. Wang et al. (2020) suggest that every generation of networks poses imperfections. Though many strategies enclose and live to design a mitigate exploitation, several susceptibilities stay because of the sophistication of substituting epicentre of the protocols.

As this networking process has gradually elevated with advancing usability along with applications, The process of the roll-out of "5G" networks worldwide in these years has already begun, ultimately evolving as a portion of daily activity. It can be seen that the duration and differences between these two generations are correspondingly declining. Therefore, it can be anticipated that the tendency will persist to B5G/6G along with producing invariant more additional swiftness spreading further opportunities to a comprehensive spectrum of associated technologies (Wang et al. 2020). The volume of B5G/6G fibs in its consequence on today's lifestyle of the masses. According to many researchers, the inhabitants and generations will be established at the mid epicentre of the "next-generation" connectivity of the internet. As with the increasing number of users and the credentials of network and technology for all elements of existence with human interchanges, it is majorly assumed that the networks of 6G will be admiringly scalable.

2.5 Theoretical paradigmThis section has highlighted the most relevant theories based on the research topic to get a clear understanding of mobile security.

Technology Acceptance ModelThis model helps the user to define whether the new technology is acceptable or useful for the users. This model also hypothesizes that the approval of technology can be predicted by the users' behavioural preferences. As per the opinion of Rafique et al. (2020), this model can help to define the behaviour and attitudes of the users. In this regard, it can be said that Smartphone companies can define strategies to remove the threat of data leakage based on the attitudes of consumers.

Figure 2.5.1: Benefit of Technology Acceptance Model(Source: Self-developed)

The benefit of using this theory to remove data leaks is that it is easy to understand and implement. Moreover, this theory can be beneficial for predicting and demonstrating the future of technology. Thus, the future of mobile security can be evaluated with the help of this theory. IT companies can adopt this theory as they have a high chance of facing data breaches.

Open Innovation TheoryThis theory defines the process of gathering external existing resources to collect information regarding the issues faced by the companies regarding the technology. This research has indicated an increase in the threat of data leakage due to the excessive use of an application via mobile.

Figure 2.5.2: Benefit of Open Innovation Theory(Source: Self-developed)

Based on the observation of Singh et al. (2021), open innovation theory can be beneficial to collect diverse knowledge to manage any issues regarding the technologies. Hence, Smartphone manufacturing companies need to evaluate existing information to point out the reason behind the data leakage. This practice can help the company to generate the idea of providing security systems for smart devices.

2.6 Conceptual FrameworkData Leak Problem Of Mobile Security And Defensive Methods

Strategies

Safety Cases

Theory

Network-related Security

Privacy Policy

Software Defined Networking

Cloud Computing

Technology Acceptance Model

Open Innovation Theory

Figure 2.6.1: Conceptual framework(Source: Self-developed)

2.7 Literature GapThis section of the research intends to provide essential information regarding data leakage and problems faced by users while operating Smartphones. This section also has focused on discussing the key solution to the issues that can be effective in minimizing the threat of data leakage. The importance of security architecture has been analysed in this research, and the evolution of the security structure has been discussed. However, this research has not provided information regarding the importance of mobile security, which can be considered one of the gaps of this research. Moreover, this research has not focused on the strategies that can be gained by the smart device companies to manage this risk. This area is one of the major concerning areas regarding mobile security. Smartphone devices can be considered the future of technology because smart devices can do the majority of operations. Thus, the future of mobile security needs to be enhanced, but this research does not focus on covering this key part. This area seems to be one of the literature gaps in this research. Therefore, further studies can focus on investigating these particular topics to get better ideas regarding the subject of the research.

2.8 Chapter SummaryThis chapter has provided information regarding the problem related to data leakage of mobile security and the defensive method to remove threats. This section has highlighted the network deployment strategies and security structure. "Software Defined Networking", "Network Function Virtualization", and "Multi-access Edge Computing" are some key areas regarding the network deployment process. The technological acceptance model and open innovation theory have been used in this section to provide a clear and concise idea regarding the research topic. This research has not covered topics such as the future of mobile security and strategies for Smartphone manufacturers to enhance security, which can be considered the literature gap.

ReferencesChapter 1Journal articles

Alazab, M., Alazab, M., Shalaginov, A., Mesleh, A. and Awajan, A., 2020. Intelligent mobile malware detection using permission requests and API calls. Future Generation Computer Systems, 107, pp.509-521.

Ameen, N., Tarhini, A., Shah, M.H., Madichie, N., Paul, J. and Choudrie, J., 2021. Keeping customers' data secure A cross-cultural study of cybersecurity compliance among the Gen-Mobile workforce. Computers in Human Behavior, 114, p.106531.

Johns, E., 2020. Cyber security breaches survey 2020. London: Department for Digital, Culture, Media & Sport.

Mosteiro-Sanchez, A., Barcelo, M., Astorga, J. and Urbieta, A., 2020. Securing IIoT using defence-in-depth: towards an end-to-end secure industry 4.0. Journal of Manufacturing Systems, 57, pp.367-378.

Websites

IBM, (2023). What is mobile security? Available at: https://www.ibm.com/topics/mobile-security [Accessed on: 30.06.2023]

Statista, (2023). Connecting IoT to the Smartphone. Available at: https://www.statista.com/chart/14115/india-connecting-iot-to-the-smartphone/ [Accessed on: 30.06.2023]

Chapter 2Journal articles

Abdel Hakeem, S.A., Hussein, H.H. and Kim, H., 2022. Security requirements and challenges of 6G technologies and applications.Sensors,22(5), p.1969.

Al Hayajneh, A., Bhuiyan, M.Z.A. and McAndrew, I., 2020. Improving Internet of Things (IoT) security with software-defined networking (SDN).Computers,9(1), p.8.

Ali, B., Gregory, M.A. and Li, S., 2021. Multi-access edge computing architecture, data security and privacy: A review.IEEE Access,9, pp.18706-18721.

Chochliouros, I.P., Spiliopoulou, A.S., Lazaridis, P.I., Zaharis, Z.D., Spada, M.R., Prez-Romero, J., Blanco, B., Khalife, H., Ebrahimi Khaleghi, E. and Kourtis, M.A., 2021. 5G for the support of public safety services.Wireless Personal Communications,120(3), pp.2321-2348.

Liao, B., Ali, Y., Nazir, S., He, L. and Khan, H.U., 2020. Security analysis of IoT devices by using mobile computing: a systematic literature review.IEEE Access,8, pp.120331-120350.

Nguyen, V.L., Lin, P.C., Cheng, B.C., Hwang, R.H. and Lin, Y.D., 2021. Security and privacy for 6G: A survey on prospective technologies and challenges.IEEE Communications Surveys & Tutorials,23(4), pp.2384-2428.

Rafique, H., Almagrabi, A.O., Shamim, A., Anwar, F. and Bashir, A.K., 2020. Investigating the acceptance of mobile library applications with an extended technology acceptance model (TAM). Computers & Education, 145, p.103732.

Sardi, A., Rizzi, A., Sorano, E. and Guerrieri, A., 2020. Cyber risk in health facilities: A systematic literature review. Sustainability, 12(17), p.7002.

Singh, S.K., Gupta, S., Busso, D. and Kamboj, S., 2021. Top management knowledge value, knowledge sharing practices, open innovation and organizational performance. Journal of Business Research, 128, pp.788-798.

Wang, M., Zhu, T., Zhang, T., Zhang, J., Yu, S. and Zhou, W., 2020. Security and privacy in 6G networks: New areas and new challenges.Digital Communications and Networks,6(3), pp.281-291.

Zhao, Q., Zuo, C., Pellegrino, G. and Zhiqiang, L., 2019. Geo-locating Drivers: A Study of Sensitive Data Leakage in Ride-Hailing Services. InAnnual Network and Distributed System Security Symposium, February 2019 (NDSS 2019).

AppendicesAppendix 1: Literature MatrixNo. Author and Year Main aspects discussed in the article Comments

1 Abdel Hakeem, S.A., Hussein, H.H. and Kim, H., 2022. Security requirements and challenges of 6G technologies and applications. Sensors, 22(5), p.1969. Adoption of 6G security can help the user to minimize the threat of data leakage while using smart devices. The security Evolution of Mobile Cellular Networks can minimize eavesdropping attacks, encryption issues, and physical attacks. The adoption of 6G security can help the user to install the required application in devices to protect confidential data.

2 Al Hayajneh, A., Bhuiyan, M.Z.A. and McAndrew, I., 2020. Improving Internet of Things (IoT) security with software-defined networking (SDN). Computers, 9(1), p.8. Some devices, such as wireless sensors, medical devices, and sensitive home sensors, enhance the issues of data leakage of users. The usage of many applications via smart devices is the major reason behind data security.

3 Ali, B., Gregory, M.A. and Li, S., 2021. Multi-access edge computing architecture, data security and privacy: A review. IEEE Access, 9, pp.18706-18721 Technological advancement is directly connected to the highly sophisticated threat. The adoption of Multi-Access Edge Computing can help the user to bridge between cloud computing and end-users. The usage of Multi-Access Edge Computing can help the user to encrypt the data properly to minimize the data leakage threat.

4 Chochliouros, I.P., Spiliopoulou, A.S., Lazaridis, P.I., Zaharis, Z.D., Spada, M.R., Prez-Romero, J., Blanco, B., Khalife, H., Ebrahimi Khaleghi, E. and Kourtis, M.A., 2021. 5G for the support of public safety services. Wireless Personal Communications, 120(3), pp.2321-2348. Next-generation mobile safety app enhances public safety while using smart devices for personal reason. 5G communication can help to build the public safety community

5 gLiao, B., Ali, Y., Nazir, S., He, L. and Khan, H.U., 2020. Security analysis of IoT devices by using mobile computing: a systematic literature review. IEEE Access, 8, pp.120331-120350. IoT has entered various sectors to operate activities properly, such as healthcare.

Environment, smart cities, smart homes, transportation, and smart grid system.

The data stored in the IoT often enhances the risks and threats of data leakage.

6 Nguyen, V.L., Lin, P.C., Cheng, B.C., Hwang, R.H. and Lin, Y.D., 2021. Security and privacy for 6G: A survey on prospective technologies and challenges. IEEE Communications Surveys & Tutorials, 23(4), pp.2384-2428. 6G mobile network has the intention to cope with the new challenges and to provide safety measures to remove challenges and risks. The 6G mobile network can minimize issues based on

Prospective technologies.

7 Rafique, H., Almagrabi, A.O., Shamim, A., Anwar, F. and Bashir, A.K., 2020. Investigating the acceptance of mobile library applications with an extended technology acceptance model (TAM). Computers & Education, 145, p.103732. The low acceptance of smart devices is the major concern of the user of the present time. However, mobile usage is one of the key supports of educational institutes. The educational institute is based on smart devices in the present era. However, the low acceptance issue is the major concern of the educational institute.

8 Sardi, A., Rizzi, A., Sorano, E. and Guerrieri, A., 2020. Cyber risk in health facilities: A systematic literature review. Sustainability, 12(17), p.7002. During Covid-19, healthcare has adopted devices and online media to conduct operations. Hence, cybercrime in healthcare has enhanced on a large scale. The healthcare industry needs to focus on the area of cyber threats to minimize the issues.

9 Singh, S.K., Gupta, S., Busso, D. and Kamboj, S., 2021. Top management knowledge value, knowledge sharing practices, open innovation and organizational performance. Journal of Business Research, 128, pp.788-798. Open innovation can help SMEs to prevent the threat of cybercrime. The adoption of open innovation model can help SMEs to manage and transfer information via smart devices. SMEs can get benefits in transferring and storing information in devices.

10 Wang, M., Zhu, T., Zhang, T., Zhang, J., Yu, S. and Zhou, W., 2020. Security and privacy in 6G networks: New areas and new challenges. Digital Communications and Networks, 6(3), pp.281-291. The limitations of the 5G network indicate the necessity of the adoption of a 6G network. G network system has failed to cope with the current trends of artificial intelligence. The benefit of 6G networks is that it helps to conduct real-time intelligent edge computing, distributed artificial intelligence, and intelligent radio.

11 Zhao, Q., Zuo, C., Pellegrino, G. and Zhiqiang, L., 2019. Geo-locating Drivers: A Study of Sensitive Data Leakage in Ride-Hailing Services. InAnnual Network and Distributed System Security Symposium, February 2019 (NDSS 2019). Protection of information or identity of both the rider and the driver is essential. Privacy issues need to be prevented. Large-scale data harvesting was done here. Countermeasures are needed so that attacks on ride-hailing services are prevented. Sensitive information like number of rides, utilization of cars, and presence on the territory might be utilized for attacking.