Security Risks and Their Prevention Capabilities in Mobile Application Development

• Autorzy: Aneta Michalska , Aneta Poniszewska-Maranda
• Języki publikacji: EN

Abstrakty

EN

Mobile applications fulfill the more and more significant role in everyday life of the rapidly growing number of Smartphone users. IT companies try to establish new standards of data management as well as create mobile applications extending the functionalities of existing systems to enable the users to benefit from the newest technological advances. The paper presents a review of the known mobile application vulnerabilities for the two most popular mobile platforms, Apple's iOS and Google's Android, and proposes the secure development model to overcome the existing threats faced by mobile application developers. (original abstract)

Słowa kluczowe

EN

Mobile technologies; Security; Information Technology (IT); Mobile applications

PL

Technologie mobilne; Bezpieczeństwo; Technologia informacyjna; Aplikacje mobilne

• Czasopismo: Information Systems in Management
• Rocznik: 2015
• Tom: 4
• Numer: nr 2
• Strony: 123--134

Twórcy

autor

Aneta Michalska

• Lodz University of Technology, Poland

autor

Aneta Poniszewska-Maranda

• Lodz University of Technology, Poland

Bibliografia

• [1] Porter Felt A., Finifter M., Chin E., Hanna S., Wagner D. (2011) A survey of mobile malware in the wild, 1st ACM workshop on Security and privacy in smartphones and mobile devices, 3-14.
• [2] Apple (2014) iOS Security.
• [3] Souppaya M. P., Scarfone K. A. (2013) Guidelines for Managing the Security of Mobile Devices in the Enterprise, NIST.
• [4] Agarwal Y., Hall M. (2013) ProtectMyPrivacy: Detecting and Mitigating Privacy Leaks on iOS Devices Using Crowdsourcing, 1th Annual International Conference on Mobile systems, applications, and services, 97-110.
• [5] Zhou Y., Jiang X. (2012) Dissecting Android Malware: Characterization and Evolution, 33rd IEEE Symposium on Security and Privacy.
• [6] Vidas T., Votipka D., Christin N. (2011) All Your Droid Are Belong to Us: A Survey of Current Android Attacks, 5th USENIX Workshop on Offensive Technologies.
• [7] Seriot N. (2010) iPhone Privacy, In Black Hat DC, USA.
• [8] Enck W., Ongtang M., McDaniel P. (2009) Understanding Android Security, Security & Privacy, IEEE, Vol. 7, Issue 1, 50-57.
• [9] Porter Felt A., Wang H. J., Moshchuk A., Hanna S., Chin E. (2011) Permission Re-Delegation: Attacks and Defenses, 20th USENIX Security Symposium.
• [10] Ongtang M., McLaughlin S., Enck W., McDaniel P. (2009) Semantically Rich Application-Centric Security in Android, Computer Security Applications Conference.
• [11] Enck W., Octeau D., McDaniel P., Chaudhuri S. (2011) A Study of Android Application Security, 20th USENIX Security Symposium.
• [12] Park M. (2012) Mobile Application Security: Who, How and Why, Trustwave SpiderLabs.
• [13] Fitzgerald W. M., Neville U., Foley S. N. (2013) MASON: Mobile autonomic security for network access controls, Journal of Information Security and Applications, Vol. 18, Issue 1, 14-29.
• [14] Zdziarski J. (2012) Hacking and Securing iOS Applications. Stealing Data, Hijacking Software, and How to Prevent It, O'Reilly Media.
• [15] Alhamed M., Amir K., Omari M., Le W. (2013) Comparing Privacy Control Methods for Smartphone Platforms, Engineering of Mobile-Enabled Systems, MOBS.
• [16] Gianchandani P. (2013) IOS Application Security Part 12 - Dumping Keychain Data. Keychanin basics, Infosec Institute.
• [17] Benedict C. (2012) Under the Hood: Reversing Android Applications, Infosec.
• [18] Khan S., Nauman M., Othman A. T., Musa S. (2012) How secure is your smartphone: an analysis of smartphone security mechanisms, International conference on cyber security, cyber warfare and digital forensic, 76-81.