Access the full text.
Sign up today, get DeepDyve free for 14 days.
(2014)
dm_dump
Rankl (2010)
Effing security Handbook thEdition
R. Raguram, A. White, D. Goswami, F. Monrose, Jan-Michael Frahm (2011)
iSpy: automatic reconstruction of typed input from compromising reflections
Shen
Attacking your trusted core Exploiting trustzone on android in Blackhat
Zhi Xu, Kun Bai, Sencun Zhu (2012)
TapLogger: inferring user inputs on smartphone touchscreens using on-board motion sensors
Felt (2012)
Android permissions User attention comprehension and behavior in SOUPS, 29
Jinyan Zang, Krysta Dummit, Jim Graves, Paul Lisker, and Sweeney (2015)
Who Knows What About Me? A Survey of Behind the Scenes Personal Data Sharing to Third Parties by Mobile Apps
Han (2013)
Launching Generic Attacks on iOS with Approved Third - Party in and Network SecAppl Applied
Richardson
XcodeGhost iOS malware : The list of affected apps and what you should do http blog lookout com blog xcodeghost apps
(2012)
Apps and privacy: More than half of app users have uninstalled or decided to not install an app due to concerns about their personal information
Beaupre
http theroot ninja disclosures TRUSTNONE pdf
Krumm (2004)
Inferring motion and location from signal strengths in
Arthur Amorim, Nathan Collins, A. DeHon, Delphine Demange, Catalin Hritcu, David Pichardie, B. Pierce, R. Pollack, A. Tolmach (2014)
A verified information-flow architectureProceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Patrick Kelley, Sunny Consolvo, L. Cranor, Jaeyeon Jung, N. Sadeh, D. Wetherall (2012)
A Conundrum of Permissions: Installing Applications on an Android Smartphone
Jia (2013)
Run - time enforcement of information - flow properties on android in -Computer Security ESORICS
Boyles (2012)
privacy More than half of app users have uninstalled or decided to not install an app due to concerns about their personal information http www pewinternet org main findings, 25
Hideaki Kawabata, T. Isohara, K. Takemori, A. Kubota, Junya Kani, Harunobu Agematsu, M. Nishigaki (2013)
SanAdBox: Sandboxing third party advertising libraries in a mobile application2013 IEEE International Conference on Communications (ICC)
Jun Han, Emmanuel Owusu, Le Nguyen, A. Perrig, J. Zhang (2012)
ACComplice: Location inference using accelerometers on smartphones2012 Fourth International Conference on Communication Systems and Networks (COMSNETS 2012)
Xuetao Wei, L. Gomez, Iulian Neamtiu, M. Faloutsos (2012)
Permission evolution in the Android ecosystem
N. Vallina-Rodriguez, J. Amann, C. Kreibich, N. Weaver, V. Paxson (2014)
A Tangled Mass: The Android Root Certificate StoresProceedings of the 10th ACM International on Conference on emerging Networking Experiments and Technologies
Fangda Cai, Hao Chen, Yuanyi Wu, Yuan Zhang (2014)
AppCracker: Widespread Vulnerabilities in User and Session Authentication in Mobile Apps *
David Archer, D. Bogdanov, Benny Pinkas, Pille Pullonen (2016)
Maturity and Performance of Programmable Secure ComputationIEEE Security & Privacy, 14
R. Watson (2011)
New approaches to operating system security extensibility
Ruef
Programming language theoretic sec in the real world mirage or the future in Cyber Warfare
Martin Georgiev, S. Iyengar, S. Jana, Rishita Anubhai, D. Boneh, Vitaly Shmatikov (2012)
The most dangerous code in the world: validating SSL certificates in non-browser softwareProceedings of the 2012 ACM conference on Computer and communications security
Watson (2012)
New approaches to operating system security extensibility University of Cambridge LaboratoryComputer Tech Rep
Sun (2010)
Activity recognition on an accelerometer embedded mobile phone with varying positions and orientations in Ubiquitous intelligence andcomputing, 11
Martina Lindorfer, M. Neugschwandtner, Lukas Weichselbaum, Y. Fratantonio, V. Veen, Christian Platzer (2014)
ANDRUBIS -- 1,000,000 Apps Later: A View on Current Android Malware Behaviors2014 Third International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS)
P. Mcdaniel (2012)
Bloatware Comes to the SmartphoneIEEE Security & Privacy, 10
Apple iOS 4 security evaluation
TrustKernel
Team Shanghai Info Co Ltd https www trustkernel comTech, 13
A. Yao (1982)
Protocols for Secure Computations (Extended Abstract)
(2010)
Exercising our remote application removal feature
Blase Ur, P. Leon, L. Cranor, Richard Shay, Yang Wang (2012)
Smart, useful, scary, creepy: perceptions of online behavioral advertising
Wang (2013)
on ios When benign apps become evil in SecAssociation
Gemplus (2010)
Oberthur Over the air technology ftp www gpp org tsg sa WG Povoa Docs PDF pdfSecurity
Reaves
Mo bile money mo bile problems analysis of branchless banking applications in the developing world in SecAssociation
Carmony (2014)
dm dump https github com fe dm dump
Zhang (2013)
isolating advertisements from mobile applications in android in
(2014)
New challenges in baseband exploitation: The hexagon architecture
Boneh (2011)
Functional encryption Definitions challenges in
Amrutkar
An empirical evaluation of security indicators in mobile web browsers Transactions on Mobile vol no, 14
Paul
Google s new highly targeted app ads react to how you use android apps http www pcworld com article google starts using your android appbehavior to deliver highly targeted app ads html
ETSI
Cards Application Release, 13
Li Li, Alexandre Bartel, Tegawendé Bissyandé, Jacques Klein, Yves Traon, Steven Arzt, Siegfried Rasthofer, E. Bodden, Damien Octeau, P. Mcdaniel (2015)
IccTA: Detecting Inter-Component Privacy Leaks in Android Apps2015 IEEE/ACM 37th IEEE International Conference on Software Engineering, 1
(2011)
Carrier IQ part 2
SMVHunter
hunter https github com utds lab
Zheng
apps threats using iOS enterprise and developer certificates inSecurity
McCormick (2014)
leaks hundreds of nude celebrity photos http www theverge com nude celebrity hack, 18
L. Chi, Jingwen Liang (2015)
Mobile phone addiction
(2015)
Google play developer program policies
Stewart (2016)
Look ma no permissions accessing private data on android In Submission
Jonathan Zdziarski (2014)
Identifying back doors, attack points, and surveillance mechanisms in iOS devicesDigit. Investig., 11
(2014)
Pakistani man indicted for selling stealthgenie spyware app
M. Ben-Or, S. Goldwasser, A. Wigderson (1988)
Completeness theorems for non-cryptographic fault-tolerant distributed computation
C. Apgar, G. Apple, L. Ayers, Mary Berntsen, R. Busch, Jennifer Childress, E. Curtis, N. Davis, M. Dawson, B. Hjort, G. Hughes, C. Lemery, D. Mancilla, David Mozie, J. O'Brien, H. Rhodes, T. Shewchuk, D. Sweet, M. White, Y. Zeltov (2008)
Mitigating medical identity theft.Journal of AHIMA, 79 7
Müller (2013)
in NetworkApplied Security
A. Felt, Matthew Finifter, Erika Chin, Steve Hanna, D. Wagner (2011)
A survey of mobile malware in the wild
K. Sullivan (2009)
But Doctor, I Still Have Both Feet! Remedial Problems Faced by Victims of Medical Identity TheftAmerican Journal of Law & Medicine, 35
DevTeam (2012)
iPhone of the iPhone Unlocks http old sebug net paper Meeting Documents hitbsecconf ams - MuscleNerd - Evolution of iPhone Baseband and Unlocks pdfEvolution, 20
Ben (1988)
Or Goldwasser Completeness theorems for non - cryptographic fault - tolerant distributed computation ( extended abstract in
Y. Gilad, A. Herzberg, A. Trachtenberg (2014)
Securing Smartphones: A µTCB ApproachIEEE Pervasive Computing, 13
O. Dunkelman, Nathan Keller, A. Shamir (2010)
A Practical-Time Attack on the A5/3 Cryptosystem Used in Third Generation GSM TelephonyIACR Cryptol. ePrint Arch., 2010
Cai
Widespread vulnerabilities in user and session authentication in mobile apps in MoST
(1923)
Snooping Samsung S6 calls with bogus base stations
Coogan (2014)
Android rats branch out with dendroid http www symantec com connect blogs android rats branchout dendroid
Trustonic
https www trustonic com
Yan Michalevsky, Aaron Schulman, Gunaa Veerapandian, D. Boneh, Gabi Nakibly (2015)
PowerSpy: Location Tracking Using Mobile Device Power Analysis
X8 mobile computing system
Manuel Egele, David Brumley, Y. Fratantonio, C. Kruegel (2013)
An empirical study of cryptographic misuse in android applicationsProceedings of the 2013 ACM SIGSAC conference on Computer & communications security
A. Felt, Elizabeth Ha, Serge Egelman, Ariel Haney, Erika Chin, D. Wagner (2012)
Android permissions: user attention, comprehension, and behavior
, 9
Miller (2012)
iOS Handbook
Thomas
metrics for the android ecosystem inSecurity
Oltrogge
To pin or not to pin ? Helping app developers bullet proof their TLS connections in USENIX SecAssociation
A. Felt, Erika Chin, Steve Hanna, D. Song, D. Wagner (2011)
Android permissions demystified
Nohl (2013)
Rooting Cards in Briefings Las
Yan Michalevsky, D. Boneh, Gabi Nakibly (2014)
Gyrophone: Recognizing Speech from Gyroscope Signals
(2015)
iOS Security: iOS 9.0 or later
(2015)
YiSpecter: First iOS Malware That Attacks Non-jailbroken Apple iOS Devices by Abusing Private APIs
Security
C. Wright, L. Ballard, Scott Coull, F. Monrose, G. Masson (2010)
Uncovering Spoken Phrases in Encrypted Voice over IP ConversationsACM Trans. Inf. Syst. Secur., 13
(2015)
iBackDoor: High-Risk Code Hits iOS Apps
Cluley
Graham The Hacking Team Android malware app that waltzed past Google Play s security checks https heatsoftware com security blog the hackingteam android malware app that waltzed past googleplays security checks
(2015)
We’ve given you tools to manage your privacy
(2015)
TMI? Some fitbit users’ sex stats on Google search
Bray (2010)
Exercising our remote application removal feature http android developers blogspot com exercising our remote application html
Enck (2014)
an information - flow tracking system for realtime privacy monitoring on smartphones
Soteris Demetriou, Whitney Merrill, Wei Yang, Aston Zhang, Carl Gunter (2016)
Free for All! Assessing User Data Exposure to Advertising Libraries on Android
Jie Zhang, F. Yuan, Q. Xu (2014)
DeTrust: Defeating Hardware Trust Verification with Stealthy Implicitly-Triggered Hardware TrojansProceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security
Gilbert
Amazon selling dollar android tablets that come with pre - installed malware http www ibtimes com amazon selling android tablets come pre installedmalware
John Hubbard, Ken Weimer, Yu Chen (2014)
A study of SSL Proxy attacks on Android and iOS mobile applications2014 IEEE 11th Consumer Communications and Networking Conference (CCNC)
Charlie Miller, Dionysus Blazakis, Dino DaiZovi, S. Esser, V. Iozzo, R. Weinmann (2012)
iOS Hacker's Handbook
Haogang Chen, Yandong Mao, Xi Wang, Dong Zhou, N. Zeldovich, M. Kaashoek (2011)
Linux kernel vulnerabilities: state-of-the-art defenses and open problems
Lucky Onwuzurike, Emiliano Cristofaro (2015)
Danger is my middle name: experimenting with SSL vulnerabilities in Android appsProceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks
SourceDNA
iOS apps caught using private https sourcedna com blog ios apps using privateapis html
(2015)
Creating better user experiences on google play
Gilad (2014)
Securing smartphones μtcb approach Pervasive vol no pp, 13
Xu (2012)
Inferring user inputs on smartphone touchscreens using on - board motion sensors in
Yi Xu, Jared Heinly, A. White, F. Monrose, Jan-Michael Frahm (2013)
Seeing double: reconstructing obscured typed input from repeated compromising reflectionsProceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Krten (2008)
Google android - IPC at the lowest levels http www embedded com print
Rosenberg (2014)
Reflections on trusting trustzone in Blackhat
(2012)
Evolution of the iPhone Baseband and Unlocks
Chaitrali Amrutkar, Patrick Traynor, P. Oorschot (2015)
An Empirical Evaluation of Security Indicators in Mobile Web BrowsersIEEE Transactions on Mobile Computing, 14
Sounthiraraj (2014)
Large scale automated detection of SSL / TLS man - in - the - middle vulnerabilities in android apps in
(2015)
Gemalto presents the findings of its investigations into the alleged hacking of sim card encryption keys by britain’s government communications headquarters and the U.S. National Security Agency
Li (2014)
iCryptoTracer : Dynamic analysis on misuse of cryptography functions in iOS Applications in Network and System Sec
S. Nakamoto (2008)
Bitcoin: A Peer-to-Peer Electronic Cash System
Harton (2008)
Formal program Encyclopedia ofverification Science Engineering
Yong Li, Yuanyuan Zhang, Juanru Li, Dawu Gu (2014)
iCryptoTracer: Dynamic Analysis on Misuse of Cryptography Functions in iOS Applications
Security
(2015)
XcodeGhost iOS malware: The list of affected apps and what you should do
security review
Verizon
Newly disclosed files detail partnerships with AT The New York Times, 20
Review
(2009)
ARM Sec. Technology: Building a Secure System using TrustZone Technology
A. White, Austin Matthews, Kevin Snow, F. Monrose (2011)
Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on Fon-iks2011 IEEE Symposium on Security and Privacy
(2015)
Attacking your trusted core: Exploiting trustzone on android
Apgar (2008)
Mitigating medical identity theft of vol noJournal American Health Information Management Association, 22
Zhang (2014)
Defeating hardware trust verification with stealthy implicitly - triggered hardware trojans in
Google history
iPhone 6s Technology
Zhui Deng, Brendan Saltaformaggio, X. Zhang, Dongyan Xu (2015)
iRiS: Vetting Private API Abuse in iOS ApplicationsProceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security
(2015)
Number of apps available in leading app stores as of july 2015
Yuvraj Agarwal, Malcolm Hall (2013)
ProtectMyPrivacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing
C. Xenakis, Christoforos Ntantogian (2015)
Attacking the baseband modem of mobile phones to breach the users' privacy and network security2015 7th International Conference on Cyber Conflict: Architectures in Cyberspace
Broz
dm crypt Linux kernel device - mapper crypto target https gitlab com cryptsetup cryptsetup wikis
Lindorfer (2014)
der apps later view on current android malware behaviors in BADGERS
Nakamoto (2011)
peer to peer electronic cash system https bitcoin org bitcoin pdf
Jin Han, Qiang Yan, Debin Gao, Jianying Zhou, R. Deng (2013)
Comparing Mobile Privacy Protection through Cross-Platform Applications
Terence Chen, Imdad Ullah, M. Kâafar, R. Boreli (2014)
Information leakage through mobile analytics servicesProceedings of the 15th Workshop on Mobile Computing Systems and Applications
M. Bucicoiu, Lucas Davi, R. Deaconescu, A. Sadeghi (2015)
XiOS: Extended Application Sandboxing on iOSProceedings of the 10th ACM Symposium on Information, Computer and Communications Security
Ernst Bovelander (1997)
Smart Card Security
Archer (1039)
Maturity and performance of programmable secure computation Cryptology ePrint Archive vol
Park (2005)
Mobile phoneaddiction Mobile Communications
Dyer (2012)
a - boo i still see you : Why efficient traffic analysis countermeasures fail in Symp on Sec and PrivacyIEEE
John Krumm, E. Horvitz (2004)
LOCADIO: inferring motion and location from Wi-Fi signal strengthsThe First Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services, 2004. MOBIQUITOUS 2004.
Zdziarski (2014)
Identifying back doors attack points and surveillance mechanisms in iOS devices Digital Investigation vol no pp
Lin Sun, Daqing Zhang, Bin Li, Bin Guo, Shijian Li (2010)
Activity Recognition on an Accelerometer Embedded Mobile Phone with Varying Positions and Orientations
(2014)
Android rats branch out with dendroid
Martin Azizyan, I. Constandache, Romit Choudhury (2009)
SurroundSense: mobile phone localization via ambience fingerprinting
Book (2013)
Longitudinal analysis of android ad library permissions in MoST
(2015)
Gartner says emerging markets drove worldwide smartphone sales to 15.5 percent growth in third quarter of 2015
Kincaid (1975)
Derivation of new readability formulas ( automated readability index fog count and flesch reading ease formula ) for navy enlisted personnel Naval Technical Training CommandTech Rep
Haoyu Wang, Jason Hong, Yao Guo (2015)
Using text mining to infer the purpose of permission use in mobile appsProceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing
R. Kumaresan, T. Moran, Iddo Bentov (2015)
How to Use Bitcoin to Play Decentralized PokerProceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security
Denis Kune, John Kölndorfer, Nicholas Hopper, Yongdae Kim (2011)
Location Leaks on the GSM Air Interface
(2015)
dm-crypt: Linux kernel device-mapper crypto target
Bucicoiu
Extended application sandboxing on iOS in
Glenn Wilkinson (2014)
Digital Terrestrial Tracking: The Future of Surveillance
Madden
Americans attitudes about privacy sec and surveillance http www pewinternet org americans attitudes about privacy securityand surveillance, 24
Sooel Son, Daehyeok Kim, Vitaly Shmatikov (2016)
What Mobile Ads Know About Mobile Users
Mallodroid
https github com sfahl mallodroid
Tielei Wang, Kangjie Lu, Long Lu, S. Chung, Wenke Lee (2013)
Jekyll on iOS: When Benign Apps Become Evil
(2015)
Amazon selling 40 dollar android tablets that come with pre-installed malware
C. Hoofnagle, Jennifer Urban (2014)
Alan Westin's Privacy Homo EconomicusInformation Privacy Law eJournal
Shashi Shekhar, Michael Dietz, D. Wallach (2012)
AdSplit: Separating Smartphone Advertising from Applications
Statistica
Number of apps available in leading app stores as of july http www statista com statistics number of apps available in leading app stores
Spensky
SmartCard https github com mit ll LL Smartcard
Daniel Thomas, A. Beresford, A. Rice (2015)
Security Metrics for the Android EcosystemProceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices
Ur (2012)
Smart useful scary creepy perceptions of online behavioral advertising in SOUPS
(2015)
Trustnone
Eckhart (2011)
IQ part https www youtube com watch v, 17
(2014)
Samsung galaxy back-door
Amorim (2014)
de verified information flow architecture in
(2013)
Rooting Sim Cards
Heather Harton, M. Sitaraman, J. Krone (2008)
Formal Program Verification
Shekhar (2012)
Separating smartphone advertising from applications in SecAssociation
(2015)
WIRELURKER: A new era in iOS and OS X malware
S. Fahl, M. Harbach, T. Muders, Matthew Smith, Lars Baumgärtner, Bernd Freisleben (2012)
Why eve and mallory love android: an analysis of android SSL (in)securityProceedings of the 2012 ACM conference on Computer and communications security
Michael Grace, Wu Zhou, Xuxian Jiang, A. Sadeghi (2012)
Unsafe exposure analysis of mobile in-app advertisements
J. Rao, P. Rohatgi, H. Scherzer, S. Tinguely (2002)
Partitioning attacks: or how to rapidly clone some GSM cardsProceedings 2002 IEEE Symposium on Security and Privacy
Xiao
new era in iOS and OS malware https www paloaltonetworks com content dam paloaltonetworks com en US assets pdf reports Unit unit wirelurker pdf
Yajin Zhou, Zhi Wang, Wu Zhou, Xuxian Jiang (2012)
Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets
(2014)
The target breach, by the numbers
Kawabata (2013)
Sandboxing third party advertising libraries in a mobile application in
Jialiu Lin, N. Sadeh, Shahriyar Amini, J. Lindqvist, Jason Hong, J. Zhang (2012)
Expectation and purpose: understanding users' mental models of mobile app privacy through crowdsourcingProceedings of the 2012 ACM Conference on Ubiquitous Computing
Cai (2011)
Inferring keystrokes on touch screen from smartphone motion in
(2008)
Apple’s Jobs confirms iPhone ‘kill switch
Qualcomm
sec platform https www qualcomm com products snapdragon security, 12
Wright (2007)
identification of encrypted VoIP traffic roberto or alice and bob in SecLanguage Association
Manuel Egele, Christopher Krügel, E. Kirda, G. Vigna (2011)
PiOS: Detecting Privacy Leaks in iOS Applications
Yajin Zhou, Xuxian Jiang (2012)
Dissecting Android Malware: Characterization and Evolution2012 IEEE Symposium on Security and Privacy
Jin Han, Su Kywe, Qiang Yan, F. Bao, R. Deng, Debin Gao, Yingjiu Li, Jianying Zhou (2013)
Launching Generic Attacks on iOS with Approved Third-Party Applications
(2015)
Americans’ attitudes about privacy, sec. and surveillance
Dionysus Blazakis (2011)
The Apple Sandbox
(2008)
Google android – IPC at the lowest levels
Guojun Qin, C. Patsakis, Mélanie Bouroche (2014)
Playing Hide and Seek with Mobile Dating Applications
Denis Kune, John Kölndorfer, Nicholas Hopper, Yongdae Kim (2012)
Location leaks over the GSM air interface
(2014)
iOS8 Containers, Sandboxes and Entitlements
Haven sec. platform
Andrew Ruef, Chris Rohlf (2015)
Programming Language Theoretic Security in the Real World: A Mirage or the Future?
(2010)
Over-the-air (OTA) technology
Zhou (2012)
Dissecting android malware Characterization evolution in on Sec and PrivacyProc IEEE, 31
(2015)
Samsung knox
Kevin Dyer, Scott Coull, T. Ristenpart, Thomas Shrimpton (2012)
Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail2012 IEEE Symposium on Security and Privacy
Lee (2014)
Smartphones privacy in FacebookNation
simhacks
Welton
Remote code execution as system user on samsung phones https www nowsecure com blog remote code execution as system user onsamsung phones
(2015)
Full trustzone exploit for msm8974
(2016)
A technical perspective on the apple iphone case
Liang Cai, Hao Chen (2011)
TouchLogger: Inferring Keystrokes on Touch Screen from Smartphone Motion
Sashank Narain, Amirali Sanatinia, G. Noubir (2014)
Single-stroke language-agnostic keylogging using stereo-microphones and domain specific machine learning
Sheng Wei, M. Potkonjak (2013)
The undetectable and unprovable hardware Trojan horse2013 50th ACM/EDAC/IEEE Design Automation Conference (DAC)
C. Patsakis, Athanasios Zigomitros, A. Solanas (2015)
Analysis of Privacy and Security Exposure in Mobile Dating Applications
Min Zheng, Hui Xue, Yulong Zhang, Tao Wei, John Lui (2015)
Enpublic Apps: Security Threats Using iOS Enterprise and Developer CertificatesProceedings of the 10th ACM Symposium on Information, Computer and Communications Security
Ryan Stevens, Jonathan Ganz, V. Filkov, Premkumar Devanbu, Hao Chen (2013)
Asking for (and about) permissions used by Android apps2013 10th Working Conference on Mining Software Repositories (MSR)
Pearce (2012)
in
(2015)
iOS apps caught using private APIs
Stevens (2013)
Asking for about permissions used by android apps in
(2014)
Android security 2014 year in review
history history
Iasonas Polakis, G. Argyros, Theofilos Petsios, Suphannee Sivakorn, A. Keromytis (2015)
Where's Wally?: Precise User Discovery Attacks in Location Proximity ServicesProceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security
Craig Gentry (2009)
Fully homomorphic encryption using ideal lattices
Egele (2013)
An empirical study of cryptographic misuse in android applications in New YorkUSA
Gemalto
presents the findings of its investigations into the alleged hacking of sim card encryption keys by britain s government communications headquarters and the National AgencySecurity
Ilias Leontiadis, Christos Efstratiou, Marco Picone, C. Mascolo (2012)
Don't kill my ads!: balancing privacy in an ad-supported mobile application market
D. Boneh, A. Sahai, Brent Waters (2011)
Functional Encryption: Definitions and Challenges
Butler
Koscher simhacks http simhacks github io
Zovi
Apple iOS evaluation https www trailofbits com resources ios security evaluation paper pdfsecurity
Dunkelman (2010)
practical - time attack on the cryptosystem used in third generation GSM telephony Cryptology ePrint Archive, 5
Azizyan (2009)
mobile phone localization via ambience fingerprinting in
(2014)
Entitlement Key Reference
Limin Jia, Jassim Aljuraidan, Elli Fragkaki, Lujo Bauer, Michael Stroucken, Kazuhide Fukushima, S. Kiyomoto, Yutaka Miyake (2013)
Run-Time Enforcement of Information-Flow Properties on Android - (Extended Abstract)
Philip Marquardt, A. Verma, Henry Carter, Patrick Traynor (2011)
(sp)iPhone: decoding vibrations from nearby keyboards using mobile phone accelerometers
C. Wright, L. Ballard, F. Monrose, G. Masson (2007)
Language Identification of Encrypted VoIP Traffic: Alejandra y Roberto or Alice and Bob?
(2015)
Smart Cards; Card Application Toolket (Release 13)
R. Weinmann (2012)
Baseband Attacks: Remote Exploitation of Memory Corruptions in Cellular Protocol Stacks
McDaniel (2012)
comes to the smartphone Sec PrivacyIEEE
Beaumont (2008)
Apple s Jobs confirms iPhone kill switch http www telegraph co uk technology Apples Jobs confirms iPhone kill switch html Aug
LL-SmartCard
Jan-Erik Ekberg, Kari Kostiainen, N. Asokan (2013)
Trusted execution environments on mobile devicesProceedings of the 2013 ACM SIGSAC conference on Computer & communications security
(2015)
Lockheimer, here at Google with the team that build Nexus 5X & 6P...Ask Us Anything!
Chen
iBackDoor High Risk Code Hits iOS https www fireeye com blog threat research ibackdoor high risk html, 11
Weinmann (2012)
attacks Remote exploitation of memory corruptions in cellular protocol stacks inAssociation
S. Fahl, M. Harbach, H. Perl, Markus Koetter, Matthew Smith (2013)
Rethinking SSL development in an appified worldProceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Blazakis (2011)
The apple sandbox in Black Hat
Qin (2014)
Playing hide and seek with mobile dating applications in Sec Privacy Protection
Egele (2011)
Detecting privacy leaks in iOS applications in
(2014)
3G security; Lawful Interception; Stage 2 (3GPP TS 43.033 version 12.0.0 Release 12)
(2014)
Reflections on trusting trustzone
Februrary (2014)
Kocialkowski Samsung galaxy back door http redmine replicant us projects replicant wiki SamsungGalaxyBackdoor
(1490)
Amazon appstore
Yang (2012)
language for automatically enforcing privacy policies in vol no ppSIGPLAN Notices
Rao (2002)
Partitioning attacks : or how to rapidly clone some GSM cards in Symp on Sec and PrivacyIEEE
Xiao Zhang, A. Ahlawat, Wenliang Du (2013)
AFrame: isolating advertisements from mobile applications in AndroidProceedings of the 29th Annual Computer Security Applications Conference
Li
Detecting inter - component privacy leaks in android apps in
, 26
Hiroshi Lockheimer
Lockheimer Hi here at Google with the team that build Nexus Ask Us Anything https www reddit com r IAmA comments mzrl hi im hiroshi lockheimer here at google with the cvjj, 5
(2015)
About privacy and Location Services for iOS 8 and iOS 9
White (2011)
reconstruction of encrypted VoIP conversations on fon iks in on Sec and PrivacyProc IEEE
Marten Oltrogge, Y. Acar, Sergej Dechand, Matthew Smith, S. Fahl (2015)
To Pin or Not to Pin-Helping App Developers Bullet Proof Their TLS Connections
, 8
Sophia Yakoubov, V. Gadepally, N. Schear, Emily Shen, Arkady Yerukhimovich (2014)
A survey of cryptographic approaches to securing big-data analytics in the cloud2014 IEEE High Performance Extreme Computing Conference (HPEC)
W. Enck, Peter Gilbert, Byung-Gon Chun, Landon Cox, Jaeyeon Jung, P. Mcdaniel, Anmol Sheth (2010)
TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones
Woods
der says emerging markets drove worldwide smartphone sales to percent growth in third quarter of http www gartner com newsroom id, 15
(2015)
Devices with trustonic tee
(2015)
The Hacking Team Android malware app that waltzed past Google Play’s security checks
Sullivan (2009)
But doctor still have both feet Remedial problems faced by victims of medical identity theft of vol noAmerican Journal Law Medicine, 21
(2015)
G data mobile malware report: Threat report q2/2015
Theodore Book, Adam Pridgen, D. Wallach (2013)
Longitudinal Analysis of Android Ad Library PermissionsArXiv, abs/1303.0857
(2014)
Hack leaks hundreds of nude celebrity photos
Bradley Reaves, Jasmine Bowers, Nolen Scaife, Adam Bates, Arnav Bhartiya, Patrick Traynor, Kevin Butler (2017)
Mo(bile) Money, Mo(bile) ProblemsACM Transactions on Privacy and Security (TOPS), 20
Zang
Who knows what about me survey of behind the scenes personal data sharing to third parties by mobile apps http techscience org a
(2015)
Remote code execution as system user on samsung phones
Jean Yang, Kuat Yessenov, Armando Solar-Lezama (2012)
A language for automatically enforcing privacy policies
P. Kincaid, R. Fishburne, R. Rogers, B. Chissom (1975)
Derivation of New Readability Formulas (Automated Readability Index, Fog Count and Flesch Reading Ease Formula) for Navy Enlisted Personnel
David Sounthiraraj, Justin Sahs, G. Greenwood, Zhiqiang Lin, L. Khan (2014)
SMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps
Hoofnagle (2014)
Urban s privacy homo economicusLaw Review, 23
(2015)
Google’s new, highly targeted app ads react to how you use android apps
Ravishankar Borgaonkar (2015)
Practical Attacks Against Privacy and Availability in 4G/LTE Mobile Communication SystemsArXiv, abs/1510.07563
Abstract Modern mobile devices place a wide variety of sensors and services within the personal space of their users. As a result, these devices are capable of transparently monitoring many sensitive aspects of these users’ lives (e.g., location, health, or correspondences). Users typically trade access to this data for convenient applications and features, in many cases without a full appreciation of the nature and extent of the information that they are exposing to a variety of third parties. Nevertheless, studies show that users remain concerned about their privacy and vendors have similarly been increasing their utilization of privacy-preserving technologies in these devices. Still, despite significant efforts, these technologies continue to fail in fundamental ways, leaving users’ private data exposed. In this work, we survey the numerous components of mobile devices, giving particular attention to those that collect, process, or protect users’ private data. Whereas the individual components have been generally well studied and understood, examining the entire mobile device ecosystem provides significant insights into its overwhelming complexity. The numerous components of this complex ecosystem are frequently built and controlled by different parties with varying interests and incentives. Moreover, most of these parties are unknown to the typical user. The technologies that are employed to protect the users’ privacy typically only do so within a small slice of this ecosystem, abstracting away the greater complexity of the system. Our analysis suggests that this abstracted complexity is the major cause of many privacy-related vulnerabilities, and that a fundamentally new, holistic, approach to privacy is needed going forward. We thus highlight various existing technology gaps and propose several promising research directions for addressing and reducing this complexity.
Proceedings on Privacy Enhancing Technologies – de Gruyter
Published: Jul 1, 2016
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.