Smartphone and tablets are personal devices that have diffused to near universal ubiquity in recent years. As Smartphone users become more privacy-aware and -conscious, research is needed to understand how “leakage” of private information (personally identifiable information – PII) occurs. This study explores how leakage studies in Droid devices should be adapted to Apple iOS devices. The OWASP Zed Attack Proxy (ZAP) is examined for 50 apps in various categories. This study confirms that: (1) most apps transmit unencrypted sensitive PII, (2) SSL is used by some recipient websites, but without corresponding app compliance with SSL, and (3) most apps in iOS environments reveal (leak) smartphone version. The paper concludes that much additional work is needed to assess the privacy dominance between platforms and to raise user awareness of smartphone privacy intrusions
|Publication status||Published - Apr 2016|
|Event||11th Annual ADFSL Conference on Digital Forensics, Security and Law - Daytona Beach, United States|
Duration: 24 May 2016 → 26 May 2016
Conference number: 11
|Conference||11th Annual ADFSL Conference on Digital Forensics, Security and Law|
|Period||24/05/16 → 26/05/16|
Bibliographical noteThis paper is not available in Pure.
Hintea, D., Taramonli, S., Bird, B., & Yusuf, R. (2016). Forensic Analysis of Smartphone Applications for Privacy Leakage. Paper presented at 11th Annual ADFSL Conference on Digital Forensics, Security and Law, Daytona Beach, United States.