Android or iOS for Better Privacy Protection?
With the rapid growth of the mobile market, security of mobile platforms is receiving increasing attention from both research community as well as the public. In this paper, we make the first attempt to establish a baseline for security comparison between the two most popular mobile platforms. We in...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2014
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/2632 https://ink.library.smu.edu.sg/context/sis_research/article/3632/viewcontent/skm14.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-3632 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-36322015-11-13T13:29:31Z Android or iOS for Better Privacy Protection? Han, Jin Yan, Qiang GAO, Debin Zhou, Jianying DENG, Huijie Robert With the rapid growth of the mobile market, security of mobile platforms is receiving increasing attention from both research community as well as the public. In this paper, we make the first attempt to establish a baseline for security comparison between the two most popular mobile platforms. We investigate applications that run on both Android and iOS and examine the difference in the usage of their security sensitive APIs (SS-APIs). Our analysis over 2,600 applications shows that iOS applications consistently access more SS-APIs than their counterparts on Android. The additional privileges gained on iOS are often associated with accessing private resources such as device ID, camera, and users’ contacts. A possible explanation for this difference in SS-API usage is that privileges obtained by an application on the current iOS platform are invisible to end users. Our analysis shows that: 1) third-party libraries (specifically advertising and analytic libraries) on iOS invoke more SS-APIs than those on Android; 2) Android application developers avoid requesting unnecessary privileges which will be shown in the permission list during application installation. Considering the fact that an Android application may gain additional privileges with privilege-escalation attacks and iOS provides a more restricted privilege set accessible by third-party applications, our results do not necessarily imply that Android provides better privacy protection than iOS. However, our evidence suggests that Apple’s application vetting process may not be as effective as Android’s privilege notification mechanism, particularly in protecting sensitive resources from third-party applications. 2014-12-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/2632 https://ink.library.smu.edu.sg/context/sis_research/article/3632/viewcontent/skm14.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Databases and Information Systems Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Databases and Information Systems Information Security |
| spellingShingle |
Databases and Information Systems Information Security Han, Jin Yan, Qiang GAO, Debin Zhou, Jianying DENG, Huijie Robert Android or iOS for Better Privacy Protection? |
| description |
With the rapid growth of the mobile market, security of mobile platforms is receiving increasing attention from both research community as well as the public. In this paper, we make the first attempt to establish a baseline for security comparison between the two most popular mobile platforms. We investigate applications that run on both Android and iOS and examine the difference in the usage of their security sensitive APIs (SS-APIs). Our analysis over 2,600 applications shows that iOS applications consistently access more SS-APIs than their counterparts on Android. The additional privileges gained on iOS are often associated with accessing private resources such as device ID, camera, and users’ contacts. A possible explanation for this difference in SS-API usage is that privileges obtained by an application on the current iOS platform are invisible to end users. Our analysis shows that: 1) third-party libraries (specifically advertising and analytic libraries) on iOS invoke more SS-APIs than those on Android; 2) Android application developers avoid requesting unnecessary privileges which will be shown in the permission list during application installation. Considering the fact that an Android application may gain additional privileges with privilege-escalation attacks and iOS provides a more restricted privilege set accessible by third-party applications, our results do not necessarily imply that Android provides better privacy protection than iOS. However, our evidence suggests that Apple’s application vetting process may not be as effective as Android’s privilege notification mechanism, particularly in protecting sensitive resources from third-party applications. |
| format |
text |
| author |
Han, Jin Yan, Qiang GAO, Debin Zhou, Jianying DENG, Huijie Robert |
| author_facet |
Han, Jin Yan, Qiang GAO, Debin Zhou, Jianying DENG, Huijie Robert |
| author_sort |
Han, Jin |
| title |
Android or iOS for Better Privacy Protection? |
| title_short |
Android or iOS for Better Privacy Protection? |
| title_full |
Android or iOS for Better Privacy Protection? |
| title_fullStr |
Android or iOS for Better Privacy Protection? |
| title_full_unstemmed |
Android or iOS for Better Privacy Protection? |
| title_sort |
android or ios for better privacy protection? |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2014 |
| url |
https://ink.library.smu.edu.sg/sis_research/2632 https://ink.library.smu.edu.sg/context/sis_research/article/3632/viewcontent/skm14.pdf |
| _version_ |
1770572530603524096 |