In the mobile domain, Operating Systems (OS), such as mobile OS, the security model is generally much more protective than of that of a traditional OS of desktop systems. In such an OS, programs, also referred to as “apps” may be executed with lower privilege levels and have limited ability to interact and influence the OS as well as other programs. Such a security model may limit the capabilities of security and privacy solutions that are developed for mobile devices, making the device protection task challenging in particular. For example, an iOS™ app cannot monitor and make decisions based on requests sent from other apps on the device.
There are a variety of security and privacy threats (also referred to as threats) that are addressed by security programs. Some of these threats may allow a third party, such as a malicious user, to be able to view the content of a packet sent by the mobile device. Many communication channels used by mobile devices are unsecured, such as use of an unsecured, unencrypted Wi-Fi network, usage of unencrypted protocols such as HTTP and FTP. There may be a variety of threats that result from Man in The Middle (MiTM) attacks. The threats may also be applicable to encrypted networks, such as encrypted Wi-Fi networks, through attacks such as ARP poisoning or the like.
Another potential threat is a threat of content spoofing. A MiTM attacker can not only sniff (e.g., monitor) the traffic of plaintext protocols, it can also meddle with the traffic and present to the victim fraudulent content.
Some applications may implement a functionality that poses a privacy threat, in particular threat to an organization by revealing confidential or sensitive information. This can be due to sending of sensitive information, such as contact lists, calendar meetings, location and/or documents to external servers, in an unsecured manner.