Security Evaluation of IOS and Android

Abstract

In the race of smartphone operation systems, IOS and Android seem to have the big part of pie. Both platforms have grown more enterprise-friendly since about one decade. Their adaptable functionalities make people' lives easy and give them a reputation in the current competitive technology world. We all have our personal thoughts it comes to features, usability and design. However, what about security? Mobile devices, smartphone operation systems run on, hold valuable, sensitive and classified information or content. So, that increases their attractiveness as targets for cybercriminals. The security of these devices is a growing concern and focus point for smartphone users. Eventually, the security technology of the smartphones becomes one of the prime research and these smartphone vendors have increasingly focused on security in their design efforts. In this paper, factors that influence security within IOS and Android are studied to promote the discussion. Security technologies of IOS and Android are briefly presented. And, varies factors are considered such as methods of application distribution, reduced attack surface, privilege separation, permission-based access control, sandboxing, data encryption, data execution prevention and address space layout randomization, geo-location and auto-erase. Then, brief information is given about malicious apps. Lastly, discussion is concluded to answer that tight question in the light of security models investigation and evidences collected from current life.

Keywords

• mobile security,mobile device,mobile OS,IOS,Android

References

1. [1] Canalys Report, http://www.canalys.com/newsroom/mobile-device-market-reach-26-billion-units-2016, 2013.
2. [2] Gartner Report Press Release, http://www.gartner.com/newsroom/id/3270418, 2016.
3. [3] Gartner Report Press Release, http://www.gartner.com/newsroom/id/2996817, 2015.
4. [4] Bhattacharya P., Yang L., Guo M., Qian K. and Yang M., Learning Mobile Security with Labware, IEEE Security & Privacy, vol. 12, no. 1, 2014, pp. 69-72.
5. [5] Al-Qershi F., Al-Qurishi M., Md Mizanur Rahman S. and Al-Amri A., Android vs. iOS: The security battle, Computer Applications and Information Systems (WCCAIS), 2014 World Congress on, Hammamet, 2014, pp. 1-8.
6. [6] Mohamed I. and Patel D., Android vs. IOS Security: A Comparative Study, Information Technology - New Generations (ITNG), ), 2015 12th International Conference on, Las Vegas, NV, 2015, pp. 725-730.
7. [7] Li Q. and Clark G., Mobile Security: A Look Ahead, in IEEE Security & Privacy, vol. 11, no. 1, 2013, pp. 78-81.
8. [8] Nachenberg C., A window into mobile device security, Symantec Security Response, Symantec, 2011, pp.4-9.

9. [9] Kazmi Z., Toni F., Vila J. A. and Marcos M. M., TASAM-Towards the Smart Devices App-Stores Applications Security Management Related Best Practices, in New Technologies, Mobility and Security (NTMS), 2012 5th International Conference on, IEEE, 2012, pp. 1-5.
10. [10] Miller C., Blazakis D., DaiZovi D., Esser S. , Lozzo V. and Weinmann R., iOS Hacker's Handbook, John Wiley & Sons, 2012.
11. [11] Luo T. , Jin X., Ananthanarayanan A. and Du W., Touchjacking Attacks on Web in Android, iOS, and Windows Phone?, Syracuse University, Syracuse NY, USA, 2012.
12. [12] IOS Security in Apple Docs, https://www.apple.com/business/docs/iOS_Security_Guide.pdf, 2016.
13. [13] Penning N., Hoffman M., Nikolai J. and Wang Y., Mobile malware security challenges and cloud-based detection, Collaboration Technologies and Systems (CTS), 2014 International Conference on, Minneapolis, MN, 2014, pp. 181-188.
14. [14] Oh, Tae, Stackpole B., Cummins E., Gonzalez C., Ramachandran R. and Lim S., Best security practices for android, blackberry, and iOS, In Enabling Technologies for Smartphone and Internet of Things (ETSloT), 2012 First IEEE Workshop on, IEEE, 2012, pp. 42-47.
15. [15] Internet security threat report 2014, Symantec, http://www.symantec.com/content/en/us/ enterprise/other_resources/b- istr_main_report_v19_21291018.en-us.pdf, 2014.
16. [16] McAfee 3rd Quarter 2013 Threat Report, McAfee, http://malwarelist.net/2013/11/20/mcafee-3rd-quarter-threat-report- released/, 2013.