Abstract
As mobile devices and applications continue to grow in popularity worldwide, so do the rise of cybersecurity attacks and threats to daily users of both Android and iOS devices on a widespread basis. These attacks not only target mobile devices at the application level but also at the Operating System (OS) device level and Application Programming Interface (API) level extending the Internet of Things (IoT). This paper will address the security vulnerabilities in Android Operating System at the intersection of APIs, device OS, and application-level vulnerabilities by identifying an intersection of commonalities to create mitigation strategies and best practices for securing mobile devices for organizations. The study recommends the adoption of processes of authentication on mobile devices and web-based log-ins as well as access control mechanisms that can mitigate the overlapping security challenges of APIs, mobile devices OS and applications using optimal resources to enhance security. This was achieved by analyzing the threats and vulnerabilities of API.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
O’Dea, S.: Number of mobile devices worldwide 2020–2024 (18 December 2020). https://www.statista.com/statistics/245501/multiple-mobile-device-ownership-worldwide/. Accessed 23 Apr 2021
Mobile Operating System Market Share Worldwide: StatCounter Global Stats. https://gs.statcounter.com/os-market-share/mobile/worldwide. Accessed 17 Apr 2021
OWASP API Security Project: OWASP. https://owasp.org/www-project-api-security/. Accessed 17 Apr 2021
Girma, A.: Analysis of security vulnerability and analytics of Internet of Things (IOT) platform. In: Latifi, S. (ed.) Information Technology – New Generations. AISC, vol. 738, pp. 101–104. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-77028-4_16
Burkhalter, M.: Top IoT security vulnerabilities: 2020 and beyond (16 June 2020). https://www.perle.com/articles/top-iot-security-vulnerabilities-2020-and-beyond-40189357.shtml. Accessed 3 Dec 2020
Craven, C.: How Is the Internet of Things (IoT) Vulnerable? (2 June 2020). https://www.sdxcentral.com/5g/iot/definitions/how-is-internet-of-things-iot-vulnerable/. Accessed 4 Dec 2020
Shueh, P.: Mobile App Security vs. Web App Security: How They Differ. Zimperium Mobile Security Blog (24 June 2020). https://blog.zimperium.com/mobile-app-security-vs-web-app-security-how-they-differ/. Accessed 17 Apr 2021
Common Intents: Android Developers. Android Developers. https://developer.android.com/guide/components/intents-common. Accessed 17 Apr 2021
Oversecured Secure Place, Oversecured, and R. More: Android: Access to app protected components. News, Techniques & Guides (05 August 2020). https://blog.oversecured.com/Android-Access-to-app-protected-components/. Accessed 17 Apr 2021
Doffman, Z.: Why You Should Stop Using SMS Security Codes-Even on Apple iMessage. Forbes (11 October 2020). https://www.forbes.com/sites/zakdoffman/2020/10/11/apple-iphone-imessage-and-android-messages-sms-passcode-security-update/?sh=5bd4af2c2ede. Accessed 17 Apr 2021
Sinha, S.: One-Third of Global Smartphones Sold in 2019 Had Embedded Hardware Security, Apple leads with 42% Market Share. Counterpoint Research (12 February 2020). https://www.counterpointresearch.com/one-third-global-smartphones-sold-2019-embedded-hardware-security-apple-leads-42-market-share/. Accessed 17 Apr 2021
Kaspersky: Mobile Security: Android vs iOS - which one is safer?. www.kaspersky.com (26 April 2021). https://www.kaspersky.com/resource-center/threats/android-vs-iphone-mobile-security. Accessed 17 Apr 2021
Mobile OS Vulnerabilities: The Lurking Culprits In Your Mobile Fleet: Mobliciti (24 March 2021). https://www.mobliciti.com/mobile-os-vulnerabilities-mobile-fleet/. Accessed 17 Apr 2021
Safdia, E.: Mobile security threats against organizations and how to mitigate them. Palo Alto Networks Blog (01 October 2019). https://blog.paloaltonetworks.com/2019/10/cloud-mobile-security-threats/. Accessed 17 Apr 2021
Wheeler, T., Simpson, D.: Why 5G requires new approaches to cybersecurity. Brookings (25 October 2019). https://www.brookings.edu/research/why-5g-requires-new-approaches-to-cybersecurity/. Accessed 17 Apr 2021
Vijayan, J.: Insecure APIs a growing risk for organizations (09 November 2020). https://www.darkreading.com/application-security/insecure-apis-a-growing-risk-for-organizations/d/d-id/1339402. Accessed 17 Apr 2021
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Girma, A., Guo, M.A., Irungu, J. (2023). Identifying Shared Security Vulnerabilities and Mitigation Strategies at the Intersection of Application Programming Interfaces (APIs), Application-Level and Operating System (OS) of Mobile Devices. In: Arai, K. (eds) Proceedings of the Future Technologies Conference (FTC) 2022, Volume 2. FTC 2022 2022. Lecture Notes in Networks and Systems, vol 560. Springer, Cham. https://doi.org/10.1007/978-3-031-18458-1_34
Download citation
DOI: https://doi.org/10.1007/978-3-031-18458-1_34
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-18457-4
Online ISBN: 978-3-031-18458-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)