New comprehensive taxonomies on mobile security and malware analysis

Abstract

Taxonomies are known to provide a systematic classification of elements in a particular domain and can be efficiently used to express concepts in a structural manner. Unfortunately, security literature witnesses a few taxonomies having about 40 nodes on average in mostly a narrowed scope and maximum of 25 nodes on mobile scope only. This study surveyed security related taxonomies with quality criteria and proposes new comprehensive mobile security taxonomy and mobile malware analysis subtaxonomy having over 1,300 nodes from not only defensive but also offensive point of view. We have developed new leveling scheme and taxonomic enumeration notation for taxonomies in general and proposed a new definite method to build security taxonomies. We have also visualized our taxonomies for researchers, security professionals, practitioners and even common end users to provide comprehensible, well structured, and handy maps and provided two real-case examples illustrating their application. As privacy and security threats and vulnerabilities dynamically increase and diversify, these new taxonomies would help to see the entire perspective of mobile security without losing any details and present new practical perspective to bring mobile computing and cyber security disciplines closer.