Assessment of Palm OS Susceptibility to Malicious Code Threats

  • Tom Goovaerts
  • Bart De Win
  • Bart De Decker
  • Wouter Joosen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3677)


The Palm OS operating system for Personal Digital Assistants (PDAs) and mobile phones has a weak security architecture, which introduces all sorts of security problems. This paper specifically targets the problem of malicious code. The main contribution of this work is the in-depth analysis of different vulnerabilities in Palm OS and the ways in which they can be exploited by malicious code. Furthermore, the key reasons for this problem are discussed and some suggestions for improvement are formulated.


malicious code worms mobile operating systems Palm OS 


  1. 1.
    Kingpin, M.: Security analysis of the palm operating system and its weaknesses against malicious code threats. In: Proceedings of the 10th USENIX Security Symposium, USENIX, pp. 135–152 (2001)Google Scholar
  2. 2.
    Murmann, T., Rossnagel, H.: How secure are current mobile operating systems? In: Proceedings of the Eighth IFIP TC-6 TC-11 Conference on Communications and Multimedia Security, IFIP, pp. 47–58 (2004)Google Scholar
  3. 3.
    Ghosh, A.K., Swaminatha, T.M.: Software security and privacy risks in mobile e-commerce. Communications of the ACM 44, 51–57 (2001)CrossRefGoogle Scholar
  4. 4.
    Pfitzmann, A., Pfitzmann, B., Schunter, M., Waidner, M.: Trustworthy user devices. In: Multilateral Security in Communications, pp. 137–156. Addison-Wesley, Reading (1999)Google Scholar
  5. 5.
    Symantec Security Response: The WinCE.Duts.A virus for Windows CE (2004),
  6. 6.
    Symantec Security Response: The SymbOS.Cabir worm for Symbian,
  7. 7.
    Symantec Security Response: The Palm.Phage.Dropper virus for Palm OS (2000),
  8. 8.
    Vanhoof, J., Goovaerts, T.: Studie van de wormproblematiek op het Palm OS platform (Dutch). Master’s thesis, Katholieke Universiteit Leuven (2004)Google Scholar
  9. 9.
    PalmSource: Palm OS Garnet (2004),
  10. 10.
    PalmSource: Palm OS Cobalt 6.1 (2004),
  11. 11.
    Software, N.: Filez 6.7 (2005),

Copyright information

© IFIP International Federation for Information Processing 2005

Authors and Affiliations

  • Tom Goovaerts
    • 1
  • Bart De Win
    • 1
  • Bart De Decker
    • 1
  • Wouter Joosen
    • 1
  1. 1.DistriNet Research GroupKatholieke Universiteit LeuvenLeuvenBelgium

Personalised recommendations