EconPapers    
Economics at your fingertips  
 

A Markov adversary model to detect vulnerable iOS devices and vulnerabilities in iOS apps

Christian J. D'Orazio, Rongxing Lu, Kim-Kwang Raymond Choo and Athanasios V. Vasilakos

Applied Mathematics and Computation, 2017, vol. 293, issue C, 523-544

Abstract: With the increased convergence of technologies whereby a user can access, store and transmit data across different devices in real-time, risks will arise from factors such as lack of appropriate security measures in place and users not having requisite levels of security awareness and not fully understanding how security measures can be used to their advantage. In this paper, we adapt our previously published adversary model for digital rights management (DRM) apps and demonstrate how it can be used to detect vulnerable iOS devices and to analyse (non-DRM) apps for vulnerabilities that can potentially be exploited. Using our adversary model, we investigate several (jailbroken and non-jailbroken) iOS devices, Australian Government Medicare Expert Plus (MEP) app, Commonwealth Bank of Australia app, Western Union app, PayPal app, PocketCloud Remote Desktop app and Simple Transfer Pro app, and reveal previously unknown vulnerabilities. We then demonstrate how the identified vulnerabilities can be exploited to expose the user's sensitive data and personally identifiable information stored on or transmitted from the device. We conclude with several recommendations to enhance the security and privacy of user data stored on or transmitted from these devices.

Keywords: Mobile device vulnerability; Mobile security and privacy; Mobile threats; Vulnerability discovery; Vulnerability exploitation; iOS device vulnerability (search for similar items in EconPapers)
Date: 2017
References: View references in EconPapers View complete reference list from CitEc
Citations:

Downloads: (external link)
http://www.sciencedirect.com/science/article/pii/S0096300316305549
Full text for ScienceDirect subscribers only

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:eee:apmaco:v:293:y:2017:i:c:p:523-544

DOI: 10.1016/j.amc.2016.08.051

Access Statistics for this article

Applied Mathematics and Computation is currently edited by Theodore Simos

More articles in Applied Mathematics and Computation from Elsevier
Bibliographic data for series maintained by Catherine Liu ().

 
Page updated 2025-03-19
Handle: RePEc:eee:apmaco:v:293:y:2017:i:c:p:523-544