TY - JOUR
T1 - Delegate the smartphone user? Security awareness in smartphone platforms
AU - Mylonas, Alexios
AU - Kastania, Anastasia
AU - Gritzalis, Dimitris
PY - 2013/5
Y1 - 2013/5
N2 - Smartphone users increasingly download and install third-party applications from official application repositories. Attackers may use this centralized application delivery architecture as a security and privacy attack vector. This risk increases since application vetting mechanisms are often not in place and the user is delegated to authorize which functionality and protected resources are accessible by third-party applications. In this paper, we mount a survey to explore the security awareness of smartphone users who download applications from official application repositories (e.g. Google Play, Apple's App Store, etc.). The survey findings suggest a security complacency, as the majority of users trust the app repository, security controls are not enabled or not added, and users disregard security during application selection and installation. As a response to this security complacency we built a prediction model to identify users who trust the app repository. The model is assessed, evaluated and proved to be statistically significant and efficient.
AB - Smartphone users increasingly download and install third-party applications from official application repositories. Attackers may use this centralized application delivery architecture as a security and privacy attack vector. This risk increases since application vetting mechanisms are often not in place and the user is delegated to authorize which functionality and protected resources are accessible by third-party applications. In this paper, we mount a survey to explore the security awareness of smartphone users who download applications from official application repositories (e.g. Google Play, Apple's App Store, etc.). The survey findings suggest a security complacency, as the majority of users trust the app repository, security controls are not enabled or not added, and users disregard security during application selection and installation. As a response to this security complacency we built a prediction model to identify users who trust the app repository. The model is assessed, evaluated and proved to be statistically significant and efficient.
KW - Application markets
KW - Security awareness
KW - Security survey
KW - Smartphone platforms
KW - Smartphone security
UR - http://www.scopus.com/inward/record.url?scp=84891843335&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2012.11.004
DO - 10.1016/j.cose.2012.11.004
M3 - Article
AN - SCOPUS:84891843335
SN - 0167-4048
VL - 34
SP - 47
EP - 66
JO - Computers and Security
JF - Computers and Security
ER -