Delegate the smartphone user? Security awareness in smartphone platforms

Alexios Mylonas, Anastasia Kastania, Dimitris Gritzalis

Research output: Contribution to journalArticlepeer-review

149 Citations (Scopus)

Abstract

Smartphone users increasingly download and install third-party applications from official application repositories. Attackers may use this centralized application delivery architecture as a security and privacy attack vector. This risk increases since application vetting mechanisms are often not in place and the user is delegated to authorize which functionality and protected resources are accessible by third-party applications. In this paper, we mount a survey to explore the security awareness of smartphone users who download applications from official application repositories (e.g. Google Play, Apple's App Store, etc.). The survey findings suggest a security complacency, as the majority of users trust the app repository, security controls are not enabled or not added, and users disregard security during application selection and installation. As a response to this security complacency we built a prediction model to identify users who trust the app repository. The model is assessed, evaluated and proved to be statistically significant and efficient.

Original languageEnglish
Pages (from-to)47-66
Number of pages20
JournalComputers and Security
Volume34
DOIs
Publication statusPublished - May 2013

Keywords

  • Application markets
  • Security awareness
  • Security survey
  • Smartphone platforms
  • Smartphone security

Fingerprint

Dive into the research topics of 'Delegate the smartphone user? Security awareness in smartphone platforms'. Together they form a unique fingerprint.

Cite this