Computer Science Review 40 (2021) 100372

Contents lists available at ScienceDirect

Computer Science Review

journal homepage: www.elsevier.com/locate/cosrev

Review Article

Comparative analysis of Android and iOS from security viewpoint

∗
Shivi Garg a,b , Niyati Baliyan b ,
a
Faculty of Computer Engineering, J.C. Bose University of Science and Technology, YMCA, Faridabad, India
b
Information Technology Department, Indira Gandhi Delhi Technical University for Women, Delhi, India

article info a b s t r a c t

Article history: Smartphone usage has increased exponentially in the recent years. Android and iOS are the most
Received 5 May 2020 popular smartphone platforms, while the ease of use along with the computational power to handle
Accepted 23 January 2021 a wide array of applications attracts millions of users worldwide, also raises the security concerns
Available online xxxx
on these platforms. This paper presents a comparative analysis between Android and iOS on a wide
Keywords: range of security aspects. It analyzes data for the period 2015-2019 and gives a detailed snapshot
Android of not only the quantum of vulnerabilities, but also their impact. In addition, the paper leverages
iOS the well-established security triad i.e. CIA (Confidentiality, Integrity, Availability) to compare both the
Malware operating systems. The comprehensive and pragmatic approach taken in the paper makes it easier to
Security infer that Android is more susceptible to security breaches and malware attacks as compared to iOS.
Smartphones
Hence, researchers should divert their efforts and focus on finding solutions to problems pertaining to
Vulnerabilities
Android. The paper concludes by laying down future research directions and scope of work, which can
be leveraged not only by application developers, but also by researchers. This will help make Android
safer for users and will further increase its demand as a mobile operating system.
© 2021 Elsevier Inc. All rights reserved.

Contents

1. Introduction......................................................................................................................................................................................................................... 1
2. Related work ....................................................................................................................................................................................................................... 2
3. Comparison between Android and iOS............................................................................................................................................................................ 3
3.1. System architecture ............................................................................................................................................................................................... 3
3.2. Security ................................................................................................................................................................................................................... 5
3.3. Isolation mechanism.............................................................................................................................................................................................. 5
3.4. Encryption mechanism.......................................................................................................................................................................................... 5
3.5. App permissions..................................................................................................................................................................................................... 5
3.6. Auto erase mechanism .......................................................................................................................................................................................... 6
3.7. Application provenance......................................................................................................................................................................................... 6
4. Software vulnerabilities common in Android and iOS .................................................................................................................................................. 7
5. Data collection .................................................................................................................................................................................................................... 7
6. Vulnerability trends in Android vs. iOS ........................................................................................................................................................................... 7
7. Malware attacks in Android and iOS ............................................................................................................................................................................... 11
8. Research directions and future scope .............................................................................................................................................................................. 11
9. Conclusion ........................................................................................................................................................................................................................... 12
Declaration of competing interest.................................................................................................................................................................................... 13
References ........................................................................................................................................................................................................................... 13

1. Introduction

Technological advancements in smartphones are at par with

personal computers. With increased computing power, smart-
∗ Corresponding author. phones are becoming ubiquitous part of daily life. Hence, number
E-mail addresses: shivi002phd16@igdtuw.ac.in (S. Garg), of smartphone users has exponentially risen in the last five years.
niyatibaliyan@igdtuw.ac.in (N. Baliyan). The fact is established with the help of Statista [1], where the

https://doi.org/10.1016/j.cosrev.2021.100372
1574-0137/© 2021 Elsevier Inc. All rights reserved.
S. Garg and N. Baliyan Computer Science Review 40 (2021) 100372

years, mean severity score and vulnerability assessment

based on confidentiality, integrity and availability triad
3. Thorough investigation of strengths and weaknesses of re-
lated works are also discussed
4. Discussion on various research challenges along with fu-
ture work presented for academicians and application de-
velopers in order to cope with increasing vulnerabilities

The paper is structured as follows: Section 2 discusses the

approaches for the smartphone security from the past with their
strengths and weaknesses. Section 3 presents the comparative
analysis of Android and iOS based on architecture, security model,
isolation mechanism, encryption mechanism, app permissions,
and auto-erase mechanism. Section 4 describes common vulnera-
bilities prevalent in Android and iOS. Section 5 discusses the data
Fig. 1. Number of Smartphone users by year. collection methodology along with the preprocessing. Section 6
presents the vulnerability trends of Android and iOS over the
years, mean severity score and vulnerability assessment on con-
fidentiality, integrity and availability triad. In Section 7, malware
attacks on Android and iOS are discussed in the time period
of 2015–2019. Furthermore, Section 8 explains future directions
that should be adopted by the researchers and app developers
to avoid growing hazards. Finally, the conclusion is provided in
Section 9 of the paper.

2. Related work

Research work carried out in the domain of smartphone se-

curity deals with issues like vulnerabilities in smartphones, mal-
ware impact, security procedures in mobile platforms, and differ-
ent policies used for safety and privacy of users.
Hidhaya and Geetha [5] detected web view vulnerabilities,
Fig. 2. Market share of different Mobile OS from 2009–2020. which can cause malicious attacks on smartphones. They used
static analysis techniques to analyze the apps. They achieved a
detection accuracy of 85%, however, run time/dynamic behavior
world smartphone users has exceeded three billion and is pre- of the apps was not analyzed. Zhuang [6] studied smartphone
dicted to further increase by several hundred million by 2021 as security vulnerabilities based on the apps using SSL protocol for
shown in Fig. 1. secure communication, WebView technology, and HTML5-based.
There are multiple mobile platforms for smartphones, e.g. Author was able to demonstrate SSL validation, WebView code
injection and HTML5-based application attacks in an accurate and
Symbian, Blackberry, Windows, Android, iOS, etc. Fig. 2 shows
explicit way. However, the work was not very comprehensive
the market share of different mobile operating system (OS) from
since they used only function to analyze SSL vulnerabilities. Ah-
2009–2020. Android (72.95%) and iOS (26.27%) are prominent
vanooey et al. [7] surveyed on smartphone security and studied
due to their enhanced capabilities and popularity among users.
the attacks on mobile applications from 2011–2017. The survey
Even though there are other smartphone platforms available,
was not very comprehensive and does not provide a clear idea
the combined market share of Google’s Android and Apple’s iOS
of the mobile platform vulnerabilities. Talal et al. [8] work com-
forms 99% by the year 2020 [2], therefore this study focuses on
prehensively illustrated the smartphone security in four different
Android and iOS. categories — mobile security aspects, solutions related to smart-
It is also seen that Android is more popular than iOS. According phone security, studies related to threats posed by smartphone
to ZDNet [3], Google revealed that it has ∼2.5 billion active malware and malware classification into families. The first cat-
Android devices in 2019, making the largest mobile OS by user egory reviewed survey articles related to smartphone security.
numbers. On the other hand, Apple has 1.4 billion users across The second category discussed articles on solutions related to
all products, including macOS and iOS devices. smartphone security. Malware related studies and threats posed
Fig. 3 depicts the statistics for the mobile application down- by malware are included in the third category, and lastly the
loads from 2018 to 2024 worldwide, sorted by app store. In ranking and classification of malware into families is discussed
2024, it is predicted that mobile users will download 139 billion in the fourth category.
mobile applications from the Google Play Store, up from 102 There are different concerns related to Android and iOS se-
billion applications downloaded from Google Play in 2019 [4]. curity. In [9] authors introduced a Tap-Wave-Rub, which is a
Aforementioned reasons account for Android’s prominence in the lightweight permission enforcement approach for smartphone
smartphone marketplace. malware prevention. The approach was based on two
The key contributions of this paper are: mechanisms — acceleration-based phone tapping detection; and
proximity-based finger tapping, rubbing or hand waving detec-
1. Comparative analysis of Android and iOS based on archi- tion. This approach proved to be effective with low false positive
tecture, security model, isolation mechanism, encryption rate for malware detection. Li and Ju [10] assessed malicious
mechanism, app permissions, and auto-erase mechanism applications in Android using permission sets. They estimated
2. Listing of common vulnerabilities prevalent in both An- the required permissions of the applications and performed Max-
droid and iOS, their distribution pattern over the recent imum Severity Rating (MSR) classification of the applications.
2
S. Garg and N. Baliyan Computer Science Review 40 (2021) 100372

Fig. 3. Mobile application downloads from 2018 to 2024 by store worldwide.

Then, MSR classification was analyzed based on the user ex- 3.1. System architecture
periences. These steps were then combined into an application
installation procedure. The discussed approaches fail to enforce Android is a Linux-based mobile OS with different layers,
access control mechanisms to access a resource or data in the namely, kernel, hardware abstraction layer, Android runtime,
permission sets, thereby bypassing the permissions once the root libraries, application framework and applications as shown in
privilege is obtained. The customized Linux kernel of Android Fig. 4. The application architecture of Android is designed in
can make it vulnerable when the root privileges are obtained. such a way that it simplifies the reuse of components. Modular
Code-signing method is used by Android, which contains the system components and services allow the applications to use
each other’s capabilities. It also allows components to be replaced
self-signed certificates of developers without verifying the certi-
by the user [17]. Functionality of these layers is described as
fication authority [11]. Cho and Seo [12] demonstrated a method
follows:
to mount a malware by exploiting the code-signing process used
Kernel — It supports and manages core system services like
in Android. They also proposed a countermeasure to prevent this process, memory, security, network, etc.
attack. Due to this, repackaged malware can be easily distributed. Hardware Abstraction Layer (HAL) — It acts as an inter-
The security mechanisms in iOS are stronger as compared to face for communicating the Android application/framework with
Android. However, researches in the past have shown how iOS hardware-specific device drivers such as camera, Bluetooth, etc.
is vulnerable to malware attacks. The studies [13–15] revealed HAL is hardware-specific and implementation varies from vendor
that when SSH server is actively running, iOS can be easily jail- to vendor.
broken. Teufl et al. [14] also analyzed that backup stored on Android Runtime (ART) — ART is introduced as a new runtime
the iTunes can be easily attacked by using different techniques. environment in newer Android versions (version 5.0 onwards).
Brute-force attack can be performed on the encrypted backup. During app installation, it uses ahead-of-time (AOT) and just-in-
If the backup is not encrypted, the attacker can gain access and time (JIT) compilation, which compiles the Dalvik bytecode into
manipulate with the backup files. Zdziarski [16] also detected native binaries (ELF format). This optimizes garbage collection
various attack points, back doors, and surveillance mechanisms and power assumption and achieves high runtime performance.
in iOS devices. He identified that iOS can be easily accessed Native Libraries — Core system services and different com-
via Universal Serial Bus (USB), Wi-fi or when paired with the ponents of Android like ART and HAL are built from the na-
compromised system. An attacker can target the iOS device on a tive libraries, which are written in C/C++. There are different
libraries, which provide support in building user interface appli-
Wi-Fi network by scanning TCP:62078 and can authenticate this
cation framework, drawing graphics and accessing database.
pairing record. Moreover, the attacker can steal sensitive user
Application framework — Android SDK provides tool and API
information when a trusted relationship between a system and
libraries to develop applications on Android java. This framework
iOS device is established. is known as Android Application Framework. Important features
The discussed approaches are not comprehensive enough to are database for storing data, support for audio, video and image
present all the security aspects of Android and iOS. Most of the re- formats, debugging tools, etc.
search articles lack the holistic view of smartphone vulnerabilities System applications — Applications are located at the top
and impact in terms of confidentiality, integrity and availability. most layer of the Android stack. These consist of both native
This study is first of its kind, which covers all the security aspects and third-party applications such as web browser, email, SMS
of mobile platforms. messenger, etc., which are installed by the user.
The iOS is OS X based mobile OS, which is a variant of a BSD
UNIX kernel running on top of a micro kernel called Mach. iOS has
3. Comparison between Android and iOS
a layered architecture. There is no direct communication since
it has an intermediate layer between the applications and the
Android and iOS are the most popular mobile platforms avail- hardware. Basics services in iOS are handled by the lower layers,
able in the market. The on-going Android vs. iOS battle seems to namely, Core Services layer and Core OS layer, whereas upper
be never ending. Section 3 elaborates this in terms of different layers like Media layer and Cocoa Touch layer provide the user
parameters, with more focus on security aspects. interface and sophisticated graphics [18]. The layered architecture
3
S. Garg and N. Baliyan Computer Science Review 40 (2021) 100372

Fig. 4. Android architecture.

Fig. 5. iOS architecture.

of iOS is shown in Fig. 5. The different layers of iOS architecture Media Layer — This layer is responsible for graphics, au-
are described as follows:
dio and video capabilities. Media layer consists of three differ-
Hardware — This layer contains the physical chips, which are
soldered to the iOS circuitry. ent frameworks — Graphic framework, Audio framework and
Core OS Layer — It is the bottommost layer, which interacts video framework. These frameworks help in accessing photos and
directly with the hardware. It has the operating system above
which the other layers reside. This layer takes care of memory videos stored on the device, to manipulate the images through
management (allocation and de-allocation once the application filters and provide support for 2D drawings.
has finished using it), file management, network management,
etc. Cocoa Touch Layer — It provides key frameworks for building
Core Services Layer — This forms the foundation layer on iOS apps and defines their appearance. This layer is responsi-
which above layers are built. It provides several features like
ble for fundamental technologies like multitasking, touch-based
data protection, iCloud storage, file sharing support, XML Support
features, SQLite database, In-App purchases, etc. input, push notifications, and many high-level system services.
4
S. Garg and N. Baliyan Computer Science Review 40 (2021) 100372

Fig. 7. iOS security model.

various types of attacks and can access some of the device’s

Fig. 6. Android security model.
subsystems, depending on the set of permissions given.
iOS isolation mechanism is similar to Android. Applications
running in iOS do not need user’s permissions to access system
3.2. Security resources. Application sandboxing enforced in iOS architecture
isolates all applications from each other and restrains the third
Android is an open-source mobile OS, i.e., its code is available party applications from accessing iOS kernel [22]. As a result,
to all and can be used by anyone. Linux kernel in Android pro- applications can neither interact with each other nor they know
vides user protection, where it restricts the users to access system about the kernel [23]. This makes the iOS systems more secured
resources and prevents them from exhausting. This mechanism as compared to Android.
of user protection helps in creating Application Sandbox, where
each Android application is assigned with unique user ID [19]. 3.4. Encryption mechanism
The processes are run in a separate space, thereby having user
permission access control as shown in Fig. 6. Data on the mobile devices can be easily lost or stolen. There-
iOS security model is more restrictive as compared to Android. fore, data stored on the mobile devices should be encrypted to
iOS is a closed system, where developers can develop their own ensure safety and security.
apps but its source code is not released, as in case of Android [20]. Previous versions of Android provide Full Disk Encryption
Device level security includes a device-level locking mechanisms (FDE). Recent Android versions support hardware encryption,
like passcode or Personal Identification Number (PIN) and remote also known as Trusted Execution Environment (TEE) and File-
wipe using Mobile Device Management (MDM). System-level se- based Encryption (FBE). In FBE, different files are encrypted with
curity implements a secure boot chain process, Secure Enclave, different keys so that they can be unlocked independently [24],
Touch ID and authorizes system software updates. Data level as shown in Fig. 8.
security encompasses file encryption methodology through data- In iOS, combinations of hardware and software keys are iter-
protection classes and using hardware and software components. ated to encrypt every file to ensure only offline brute-force attack
Another level of comparison is that iOS is not easy to jailbreak. can carry out. Data protection class is associated with every file,
This means both the hardware and software is controlled by which allows developers to define under what circumstances the
Apple. Data encryption in iOS is not configurable; therefore it is data is accessible [25], as shown in Fig. 9.
not disabled by the users. Fig. 7 illustrates the security model of
iOS. 3.5. App permissions

3.3. Isolation mechanism Permissions control and regulate the access to device re-
sources, once an app is downloaded on the device. In most of the
Sandbox environment is provided for each and every appli- cases users are not aware about the permissions which applica-
cation executing in the device, i.e., every application executes tions are accessing, thereby causing serious security concerns.
in its own environment. In this way they cannot modify other In Android, list of all permissions which an app needs are
application. shown to the users while installing the app. User can then decide
In Android, applications are separated from each other and whether that app needs that particular permission or not. In some
from the system’s kernel; however, permissions are given to the cases, if the user denies certain permissions to an app, then it
applications to access the system resources. Isolation mecha- stops installing. Attackers can misuse the permissions in Android.
nism does not allow to access resources beyond the approved They can force the users to allow certain permissions, which
permissions. Isolation from kernel prevents gaining access to can steal their sensitive information. Different types of attacks
the administrative control. As a result, attacker is not able to can be performed using permissions, namely, data loss attacks,
compromise with other applications running on the Android. data integrity attacks, Denial of Service (DoS) and Distributed DoS
However, an application can neither launch other applications (DDoS) attacks. The permission system in Android is not effective
on the system using certain permissions nor they can check the since security decisions are handled by the device users. This
programming logic of other applications [21]. An app can launch may compromise with the security aspect of Android as majority
5
S. Garg and N. Baliyan Computer Science Review 40 (2021) 100372

Fig. 8. Encryption model used in Android.

the authenticity and provenance before uploading the app into

the app store. Once the app is verified, author stamps it with
the identity, which is then signed digitally with a vendor-issued
digital certificate to make it tamper resistant.
In Android, app developers are not required to register with
the Google play store. They do not require Google-issued signing
certificates. Android App developers can easily upload their apps
on the play store without being monitored by Google. Google asks
the app developers to pay a fee of $25 using credit card to get
Fig. 9. Encryption model used in iOS.
their apps certified. This process is used by Google to link an app
with developer’s digital certificate. There is no assurance of this
linking since the attackers can use stolen credit card to pay the
of the users are not capable enough to take correct security fee. Another security issue is that Google play store is not the
decisions [26]. single place to distribute the apps designed by the developers.
In iOS, permissions that an app needs to access are not shown Android app developers can distribute their app to third party,
to the users. All the apps are isolated from each other in Ap-
where these apps are not verified by the Google, thereby making
ple, thereby blocking access to most of the device’s sensitive
the system more vulnerable.
subsystems. Users are not responsible for making any kind of
Unlike Android, iOS developers can distribute their apps only
security decisions. This isolation policy used by iOS grants the
on official app market place call App Store. iOS developers are
permissions, which an app requires without users’ consent [27].
However, in some cases users can grant permissions to access the first required to register with Apple to distribute their apps
device’s resources like initiating an outgoing phone call, sending via app store. Apple follows a vetting process. It is a licensing
an email message or an outgoing SMS, accessing location using agreement where each app submitted by the developer, is verified
GPS, receiving push notifications from the Internet, etc. for its security and privacy. The app is digitally signed and then
published on the app store, if it does not violate the licensing
3.6. Auto erase mechanism agreement. The digital signing process guarantees that both the
app and its developers are not tampered by a third-party distrib-
Smartphone can carry huge sensitive and private information. utor or download site. The vetting process prevents the hackers
Attackers are capable of causing fraud and identity thefts. Auto- from uploading malicious apps in the App Store or attacking pub-
erase [28] feature is helpful when the smartphone is lost or lished app. App developers are required to provide their identities
stolen. Personal and sensitive information can be wiped off from while registering with Apple and obtaining a signing certificate.
the smartphone using auto erase feature. This acts as another defensive measure against any malicious
Android native apps do not provide auto erase mechanism, activity. Table 1 summarizes the differences between Android and
however third-party applications can be used for auto erase.
iOS.
In iOS, if an attacker tries to attempt failed passcode attempts
Apart from aforementioned parameters there are other secu-
ten times, all the data on the device is automatically erased using
rity concerns. Android lacks the control over device manufac-
this feature.
turers. Android has high device manufactures count; therefore,
3.7. Application provenance it is difficult for Google to lay common set of protocols for
its partnered OEMs. Apple has much more concentrated control
Application provenance [29] is defined as a process in which over device manufactures. Android has high device fragmenta-
third-party applications are analyzed for their intended function- tion, meaning both the number of device variants and OS versions
ality and security. Every mobile platform vendor has to validate are very high, which provides an ecosystem for security breaches.
6
S. Garg and N. Baliyan Computer Science Review 40 (2021) 100372

Table 1
Summary of differences between Android and iOS.
Feature Sub feature Android iOS
Source model Open-source Closed, but iOS components are open source
Architecture Kernel Linux OS X, UNIX
Language Dalvik (Java) Objective C
Layers Kernel — management of core system services — process, Hardware — contains the physical chips
memory, security, network Core OS — layer takes care of memory management
HAL— interface for communicating the Android application/ (allocation and de-allocation once the application has
framework with hardware-specific device drivers such as finished using it), file management, network management,
camera, Bluetooth, etc. etc
Libraries — helps in building user interface, graphics drawing Core services — provides several features like data
and database access protection, iCloud storage, file sharing support, XML Support
Application framework — features are database for storing features, SQLite database, In-App purchases, etc.
data, support for audio, video and image formats, debugging Media — responsible for graphics, audio and video
tools capabilities
Applications — native and third-party applications such as Cocoa touch — provides key frameworks for building iOS
web browser, email, SMS messenger, etc., which are installed apps and defining their appearance.
by the user.
Security Application Individual sandbox for each app with user’s permission to Shared sandbox for all apps; no permission required from
isolation access system resources the users
Encryption Previous versions support FDE, later versions support TEE and Hardware encryption + Data protection class
FBE
App permissions Shown to the users Not shown to the users
Auto erase No Yes
Application App distribution Google play store + third party app markets Official App store
provenance Vetting process Partial Yes
Digital signature Yes Yes

Table 2
Common vulnerabilities in Android and iOS.
Vulnerability Description
Gain information This vulnerability exposes sensitive information to the unauthorized attackers. Attackers can gain information using malicious scripts in the
applications.
Gain privileges It can occur when an attacker gains root or administrative rights, as a result of which normal security checks by OS are disabled.
Bypass something This vulnerability occurs when attackers can evade authentication mechanisms. Attackers can access unprotected file and can attack
protected applications by evading the authentication system.
Overflow This vulnerability occurs when the buffer is overwritten by extra data, which is inserted by some malicious script. It can lead to serious
crashes in the system, which can damage files and information.
Memory corruption Memory corruption vulnerability occurs when software tries to read/ write to memory location, which is outside the bounded buffer. As a
result of this, attacker can access sensitive and private information and can alter the control flow.
Denial of Service Attackers can exploit this vulnerability by making the resources unavailable to the legitimate users. Improper handling of the resources like
(DoS) memory, file, and database storage can result in denial of service.
Code execution Malicious code can be implanted in the user’s input, which can execute arbitrary code. Arbitrary code can then alter the control flow of
software, thereby changing or deleting the important data.
SQL Injection Attacker inserts controlled data in the SQL query, which can alter the database, access the sensitive information or can bypass the security
checks in the system. SQL injection is commonly seen in database driven websites.
Cross site scripting XSS vulnerability occurs when a malicious data is inserted in the web application via a web request. The malicious script can change the
(XSS) HTML content of a web page, access tokens of the sessions, cookies, or any other sensitive information used by the browser.
Directory traversal Directory traversal or path traversal vulnerability occurs when the attacker constructs a pathname using a controlled input to access
directory or file located outside the restricted directory. As a result, the attacker is able to read arbitrary files on the target system.
HTTP response This vulnerability arises when the data from the HTTP request enters a web application. HTTP requests may contain CRLF (carriage return
splitting (\r) and line feed (\n)) characters, which are inserted in the HTTP response header and sent to the web user without validating for malicious
characters.

4. Software vulnerabilities common in Android and iOS and extracts corresponding details. Web-based scraper was able
to extract all vulnerabilities in the iOS and Android category from
Vulnerability can be defined as a weakness, which an attacker CVE details. We collected 1655 CVE IDs of iOS and 2563 CVE IDs
can exploit potentially to carry out unauthorized actions in a of Android, with a total of 4218 CVE IDs. Fig. 10 explains the
network or a system [30]. Vulnerabilities in mobile devices can process of web-based scraping. After scraping the data, data is
arise due to lack of security practices by users and from poor preprocessed, where the unnecessary data elements (number of
technical controls. Software vulnerabilities are analyzed based on exploits, update date, etc.) are removed.
different technical parameters like causes, techniques, severity
levels and software systems [31]. Common vulnerabilities seen
in Android and iOS are shown in Table 2. 6. Vulnerability trends in Android vs. iOS

5. Data collection Smartphones are prone to cyber-attacks and can compromise

the confidentiality, integrity and availability of the data saved on
The main source of data for this study is CVE details [32]. the mobile devices. Risk levels are indicated by the number of
Web-based scraper tool Web Scraper 0.4.0 is used to collect this vulnerabilities and number of reported malware. The number of
data. The web scraper looks for the CVE IDs for vulnerabilities vulnerabilities determines the flaws found in the platform that
7
S. Garg and N. Baliyan Computer Science Review 40 (2021) 100372

Fig. 10. Snapshot of a web-based scraping process.

Fig. 11. Trend of Android & iOS vulnerabilities for 2007–2019.

can potentially compromise it, whereas the number of malware

indicates the number of actual threats that are detected.
According to CVE details, the number of vulnerabilities re-
ported for Android and iOS from 2000 to 2019 are 2563 and
1655 respectively. It is seen in Fig. 11 that there is a continuous
increase in the number of vulnerabilities till 2017 and later on
there is a steep decrease in the vulnerabilities in the year 2018
and 2019 for both Android and iOS.
It is also seen that percentage distribution of vulnerabilities for
both Android and iOS is varying significantly as shown in Fig. 12.
The percentage distribution of iOS vulnerabilities has decreased
(from 100 to 27%) over the duration 20117–2019, whereas the
trend is opposite for Android. Percentage distribution of Android
vulnerabilities has considerably increased from 2014 to 2016 and
then dipped in 2017 and again risen in 2018–2019. Before 2014,
iOS was popular among the smartphone users but Android gained
Fig. 12. Distribution of Android & iOS vulnerabilities (in %) from 2007–2019.
its popularity 2014 onwards, thereby increasing the number of
vulnerabilities. So, we would be comparing Android and iOS 2015
onwards when Android came into the picture.
This decrease in the number of vulnerabilities is due to the On analyzing the year wise vulnerability distribution of An-
better detection rates using ML and DL algorithms. Table 3 shows droid and iOS (2015–2019), it is evident that there is rise in
detection rates of ML/DL algorithms 2016 onwards. Android vulnerabilities like unidentified vulnerabilities in An-
It is seen that Android is dominated by 61% of vulnerabilities droid have increased from 4% to 55% and DoS (3% to 7%), whereas
while in iOS it is 39%. Most of the major vulnerabilities like gain most of the iOS vulnerabilities have decreased. Stacked area graph
information, code execution, DoS, overflow and gain privilege are is plotted for both Android and iOS as shown in Figs. 13 and
common in Android, while in iOS bypass and overflow memory 14 respectively. A 100% stacked area graph shows how the single
corruption constitute large share. Table 3 shows the vulnerability vulnerability of all the vulnerabilities has changed over the years.
types distribution between Android and iOS. The y-axis scale is always 100%. Each colored area of represents a
8
S. Garg and N. Baliyan Computer Science Review 40 (2021) 100372

Fig. 13. Year wise vulnerability distribution for Android.. (For interpretation of the references to color in this figure legend, the reader is referred to the web version
of this article.)

Fig. 14. Year wise vulnerability distribution for iOS.. (For interpretation of the references to color in this figure legend, the reader is referred to the web version of
this article.)

Table 3 maintain same color coding and order. Table 4 shows the increase
Distribution of Android & iOS vulnerability types. and decrease for both Android and iOS.
Vulnerability type(s) Android iOS Total Android % iOS % On analyzing the mean severity scores of Android and iOS,
Unidentified 836 212 1048 80% 20% it is evident that Android vulnerabilities are more severe (mean
DoS exec code overflow Mem. Corr. 66 561 627 11% 89%
score 6.9) as compared to iOS vulnerabilities (mean score 6.2).
Info 259 181 440 59% 41%
Exec code 310 56 366 85% 15% Fig. 15 shows the mean severity score of both Android and iOS
DoS 191 95 286 67% 33% from 2015–2019.
Overflow 256 7 263 97% 3% Another level of comparison is the access level. Access level
Priv 215 9 224 96% 4%
is defined as how the vulnerability is exploited. Access levels can
Bypass 97 105 202 48% 52%
Bypass +Info 40 55 95 42% 58% be local, remote or local network. Table 5 shows the percentage
Exec code overflow 56 26 82 68% 32% distribution of different access levels of the vulnerabilities in both
Overflow Mem. Corr. 9 72 81 11% 89% Android and iOS. It is evident that 25% vulnerabilities in Android
DoS exec code Mem. Corr. 10 66 76 13% 87% are exploited locally, while iOS vulnerabilities are 85% exploited
Others 218 210 428 51% 49%
Total 2563 1655 4218 61% 39%
remotely.
Access complexity is another parameter for comparing An-
droid and iOS vulnerabilities. Access complexity measures the
complexity of the attack, which is required to exploit the vulner-
unique vulnerability. The parts are stacked up, usually vertically. ability once an attacker has gained access to the target system.
The height of each colored stack represents the percentage pro- Access complexity can be low, medium and high. Low value
means that specialized access conditions or extenuating circum-
portion of that vulnerability at a given point in year. We have
stances do not exist, medium specifies the access conditions are
sorted vulnerabilities according to the starting year for Android; somewhat specialized and high means specialized access condi-
however, this is not applicable for iOS stack area graph so as to tions exist. Table 6 shows the access complexity levels for both
9
S. Garg and N. Baliyan Computer Science Review 40 (2021) 100372

Table 4
Distribution of Android & iOS vulnerability types.
Vulnerability type(s) Android iOS Remarks
Unidentified 4% to 55% ↑ 10% to 38% ↑ • Open source nature of Android
• Jailbreaking in iOS
Exec code 12% to 14% ↑ 4% to 0% ↓ • Buffer overflow in OpenJPEG 2.1.1 in Android
• Use-after-free issue addressed with improved memory management in iOS
Others 9% to 7% ↓ 11% to 3% ↓ • Regular software upgrades in Android and iOS
DoS 3% to 7% ↑ 5% to 3% ↓ • Unhandled Java-level Null Pointer Exceptions (NPEs) in Android
• Frequent software upgrades in iOS
Bypass 5% to 6% ↑ 7% to 0% ↓ • Weak security policies in Android
• Improved checks in iOS
Exec code overflow 9% to 4% ↓ 2% to 1% ↓ • Isolation mechanism improved in Android
• Improved input validation in iOS
Info 2% to 3% ↑ 11% to 8% ↓ • Crafted libstagefright file in Media server applications in Android
• Stack overflow addressed with improved input validation in iOS
Overflow ↔ 0% to 1% ↑ • Small allocated stacks in iOS
Bypass +Info 10% to 0% ↓ 4% to 0% ↓ • Better encryption mechanisms in Android
• Improved checks in iOS
Priv 9% to 0% ↓ ↔ • Better encryption mechanisms in Android
Overflow Mem. Corr. ↔ 0% to 46% ↑ • Jailbreaking, small allocated stacks iOS
DoS exec code overflow 34% to 0% ↓ 39% to 0% ↓ • Improved validation, improved memory management, improved checks in Android and
Mem. Corr. iOS
DoS exec code Mem. Corr. 1% to 0% ↓ 7% to 0% ↓ • Improved input validation, improved memory management in Android and iOS
↑ Increase, ↓ Decrease, ↔ Constant.

Table 5 Table 7
Access levels of Android and iOS vulnerabilities. Impact score on confidentiality.
OS Local (%) Local network (%) Remote (%) Complexity Complete (%) None (%) Partial (%)
Android 25 2 73 Android 48 11 40
iOS 14 1 85 iOS 22 18 60

Table 6 Table 8
Access complexity of Android and iOS vulnerabilities. Impact score on integrity.
OS High (%) Low (%) Medium (%) Complexity Complete (%) None (%) Partial (%)
Android 5 47 49 Android 46 31 22
iOS 2 26 71 iOS 22 27 51

information confidential. Password attacks, ping sweeps, phish-

ing, key-logging, packet sniffing, etc. are some of the common
attacks on confidentiality.
Integrity — It ensures protection of information from any
unauthorized alteration. Only the authorized parties have the
ability to modify the information once. Cyclic Redundancy Check
(CRC) provides integrity protection against accidental or non-
malicious errors. Man-in-the-middle attack, session hijacking,
salami attack, trust relationship attack, etc. are included in the
integrity attacks.
Availability — It guarantees that information should be acces-
sible to authorized users only. DoS and DDoS attacks, SYN flood
attack, etc. are most common availability attacks.
Fig. 15. Mean severity scores of Android & iOS vulnerabilities.
CIA triad is the backbone of information security system;
therefore, it is important to understand the impact of vulnerabil-
ities on CIA. Table 7 shows the impact of vulnerability scores on
Android and iOS. It is evident that 71% of iOS vulnerabilities are
confidentiality. It is seen that 48% vulnerabilities in Android have
medium-level complex while in Android, access complexity lies complete impact on confidentiality, whereas in iOS it is only 22%.
in the extremes-high (5%) and low (47%). iOS vulnerabilities either have partial (60%) or none (18%) impact
The confidentiality, integrity and availability (CIA) triad [33] is on confidentiality levels.
the core foundation of information security. Security vulnerabili- Table 8 shows the impact of vulnerability scores on integrity.
ties can have serious impact on CIA triad. For a comprehensive It is seen that 46% vulnerabilities in Android have a complete im-
pact on integrity, whereas 51% vulnerabilities in iOS have partial
and complete security program, CIA triad must be addressed
impact on integrity.
adequately.
Table 9 shows the impact of vulnerability scores on availabil-
Confidentiality — It ensures that information should not be ity. It is seen that 52% vulnerabilities in Android have a complete
accessible to unauthorized users, applications or processes. Cryp- impact on availability, whereas 45%vulnerabilities in iOS account
tography, passwords, PIN numbers, etc. can be used to keep the for partial impact on availability.
10
S. Garg and N. Baliyan Computer Science Review 40 (2021) 100372

Table 9 — malicious software designed to gain access to or damage your

Impact score on availability. computer, often without your knowledge. Spyware gathers your
Complexity Complete (%) None (%) Partial (%) personal information and relays it to advertisers, data firms, or
Android 52 24 24 external users. Spyware infection in the mobile device can be
iOS 24 31 45 viewed differently in Android and iOS. In Android, social engi-
neering attack can used to trick the users to download an app
from the Google play store or from a third-party app store. Man-
7. Malware attacks in Android and iOS in-the-Middle (MitM) attack is used to perform remote infection,
where the attacker intercepts the user’s mobile communications
Malware is malicious software that is designed to cause un- to inject the malware. In iOS, spyware needs a physical access to
intentional harm to the system [34]. Malware can evade security the device or through exploitation of JailbreakME exploit [38].
mechanisms, collect sensitive user information, display unneces- Adware — Adware displays unwanted advertisements, which
can alter the browser settings, steal personal information or can
sary advertisements, or can interrupt with the normal functioning
execute an arbitrary code [39].
of the mobile device. Different types of mobile malware are
Fig. 16 shows the timeline of Android and iOS malware from
the Trojans, backdoors, ransomware, spyware, adware, etc. These
2015–2019. The description of these malware is listed in Table 10.
malware are briefly described as follows:
Fig. 17 depicts the growth of Android malware worldwide as
Trojan — It is a type of malware, which does not self-replicate.
of May 2019 [40]. It is seen that the total number of Android
To avoid detection, Trojans are generally masked as legitimate
malware detections amounted to over 10.5 million programs by
software. Trojan can enter into the system via numerous vectors,
May, 2019. There is a steep decline in the growth of malware from
such as navigating untrusted websites (drive-by-download), by
2018 to 2019 due to the deployment of effective machine learning
clicking attachments in phishing emails, other forms of social
and deep learning malware detection techniques.
engineering, etc [35]. Trojan can steal sensitive user information,
or can alter the data. 8. Research directions and future scope
Ransomware — It is type of malicious software, which re-
stricts the access to the system resources and extorts money from Android’s market share will continue to grow and it is evident
the victims [36]. Most popular ransomware in mobile platform that there would be no cross over between Android and iOS in
is crypto-ransomware, which encrypts files of a system thereby the near future. Increasing market share and open-source nature
restricting the users to access the files. Attackers then demand of Android owes to its increasing vulnerabilities as compared to
ransom for the key used to decrypt the files so as to resume the the closed nature of iOS. Therefore, we have chosen Android as
access. our research area, where we will address the major problems
Backdoor — It is a malware that evades the authentication encountered in Android. With the growing vulnerabilities, An-
mechanism of the system. As a result, it can remotely access the droid malware is continuously emerging at an alarming rate. This
database and file systems. Backdoor installation requires admin- calls for more efficient malware detection techniques with less
istrator privileges by rooting Android devices and jailbreaking human intervention. We have proposed a novel parallel classifier
Apple devices [37]. scheme for malware detection in Android [41], which achieved an
Spyware — Spyware is unwanted software that infiltrates accuracy of 98.27%. Data related to this study can be found in [42].
your computing device, stealing your internet usage data and Detected malware are then classified into 71 malware families
sensitive information. Spyware is classified as a type of malware using ensemble classifiers [43]. Last part of the research includes

Table 10
Malware description.
Year Targeted Malware Malware Description
OS type
2015 Android Acecard Trojan A type of Trojan Banker, which steals banking information of the user
2015 Android AdDown Adware Shows ads to infected users, collects personal data on its victims, and secretly installs apps without the
user’s knowledge
2015 iOS XcodeGhost Trojan Collects information on the device and upload it to the C2 servers
2015 iOS YiSpecter Adware Attacks both jailbroken and non-jailbroken iOS devices through unique and harmful malicious behaviors
2016 Android Triada Backdoor Evades anti-virus by executing DroidPlugin open-source sandbox to hide malicious Android application
package (APK) plugins in its asset directory
2016 Android Switcher Trojan It hacks the WiFi router, when the device is connected to a WiFi network
2016 iOS AceDeceiver Trojan AceDeceiver manages to install itself without any enterprise certificate at all. It does so by exploiting
design flaws in Apple’s DRM mechanism
2016 iOS Fusob Ransomware Demands ransom for illegal actions
2017 Android ToastAmigo Backdoor Installs additional malware on an affected device using the toast overlay attack
2017 Android ViperRAT Trojan Allows the attacker to access device data, SMS, WhatsApp database and encryption keys, browsing and
search histories, documents and archives found in storage, and photos taken.
2017 iOS Safari JavaScript Ransomware Blocks the Safari browser on iOS until the victim pays the attacker money in the form of an iTunes
pop-up scareware Gift Card
2018 Android BianLian Trojan Requests permissions that allows it to read, send, and receive text messages; monitor and make calls;
insert overlays on banking applications; lock the device screen
2018 Android Emotet Trojan Persuades users to click the malicious files by using tempting language about ‘‘Your Invoice’’, ‘‘Payment
Details’’, or possibly an upcoming shipment from well-known parcel companies.
2018 iOS Pegasus Spyware Pegasus has multiple spying modules such as taking screenshots, recording calls, accessing messenger
applications, keylogging and exfiltrating browser history
2018 iOS Roaming Mantis Trojan Targets iOS devices with phishing attacks, and desktops and laptops with the Coinhive cryptomining
script
2019 Android Cerberus Trojan Intercepts the calls, forwards the SMSs, locks the device and key logger
2019 Android XHelper Trojan Displays popup ads, which redirects users to the Google play store and prompts users to install other
apps, indicating that the actors behind the Trojan make profits off pay-per-install commissions

11
S. Garg and N. Baliyan Computer Science Review 40 (2021) 100372

Fig. 16. Timeline of Android and iOS malware from 2015–2019.

Fig. 17. Growth of Android malware from 2016 to 2019..

the mapping of the malware with the known vulnerabilities auto- Table 11
Future research directions.
matically. The aim is that in near future if a new Android malware
Issues with Android (vs. iOS) Category Severity
variant appears, developers can know at prior which vulnerability
Provides infrequent updates for OS Device integrity High
it will exploit and appropriate measures can be taken timely and
Triggers auto erase under illegal action Device integrity Medium
in a cost effective manner. Provides low level face recognition; gets Authentication High
Major challenges in this domain and forthcoming research tricked by photo
Allows third party apps Application privacy High
directions are divided into main buckets — device integrity, au-
Takes permissions from user; iOS itself Application privacy Medium
thentication mechanism, application privacy, and source code and does thorough check
hardware security along with the severity level of each problem, Allows app Interaction in sandbox Application privacy Medium
environment
as discussed in Table 11.
Exempts application provenance Application privacy Low
Apart from the aforementioned challenges, other problems Allows distribution of source code Source code High
which prevail in Android security domain is the unavailability Lacks control over hardware security Hardware security High
Provides number of device variants and OS Hardware security Low
of comprehensive malware dataset. There is a need of standard,
versions
structured and updated datasets since the Android malware are Leverages multiple device manufacturers; Hardware security Medium
increasing at a striking rate. Existing malware datasets are not affects standardization and control
Prevailing code coverage problem Source code Medium
comprehensive, thereby lacking up to date information. Such
Evades zero-day attack detection Application privacy High
datasets can be helpful to perform malware detection analysis in Tampers reverse engineering techniques Application privacy Medium
an efficient manner. Also, large data volume poses difficulty to
develop robust and efficient detection techniques. ML approaches
have proved to be fruitful as compare to conventional malware 9. Conclusion
detection techniques, however, Machine learning (ML) algorithms
fail while dealing with large data volume. A shift from ML to Deep
Learning (DL) is required to handle issues like large data volume Android and iOS being the most popular among all the smart-
and high false positive rate. phone platforms, also attracts large number of attackers with
12
S. Garg and N. Baliyan Computer Science Review 40 (2021) 100372

malicious intentions. The pragmatic approach used for compar- [17] J. Wang, Introduction to Computing Applications in Forestry and Natural
ing Android and iOS helps to understand that Android is more Resource Management, CRC Press, 2017.
[18] T.M. Grønli, J. Hansen, G. Ghinea, M. Younas, Mobile application platform
susceptible to security breaches and malware attacks. There-
heterogeneity: Android vs Windows phone vs iOS vs Firefox OS, in: IEEE
fore, in the research domain Android becomes the first choice. 28th International Conference on Advanced Information Networking and
The paper also presents forthcoming challenges and research Applications, 2014, pp. 635–641.
directions, which are bucketed in the different categories along [19] R. Loftus, M. Baumann, R. van Galen, R. de Vries, Android 7 file based
with the severity of each problem. These problems do not seem encryption and the attacks against it, 2017.
[20] S. Diaz, IOS security - iOS 11, 2020, Available from: https://www.readkong.
to be solvable in next coming years and continue to stay for com/page/ios-security-ios-11-january-2018-8964944.
long. The major buckets are device integrity, application privacy, [21] L. Davi, A. Dmitrienko, A.R. Sadeghi, M. Winandy, Privilege escalation
hardware security, source code and authentication mechanisms, attacks on android, in: Information Security, Springer, 2011, pp. 346–360.
which should be focused by the researchers and academicians. [22] A.J. Bhatt, C. Gupta, Comparison of static and dynamic analyzer tools for
iOS applications, Wirel. Pers. Commun. 96 (3) (2017) 4013–4046.
These research directions can prove to be fruitful in smoothening
[23] T. Werthmann, R. Hund, L. Davi, A.R. Sadeghi, T. Holz, PSiOS: bring
the Android security domain, where application developers will your own privacy & security to iOS devices, in: Proceedings of the 8th
be able to develop a more accurate, efficient, robust and scalable ACM SIGSAC Symposium on Information, Computer and Communications
mechanisms. Security, ACM, 2013, pp. 13–24.
[24] T. Groß, M. Ahmadova, T. Müller, Analyzing Android’s file-based encryp-
tion: Information leakage through unencrypted metadata, in: Proceedings
Declaration of competing interest of the 14th International Conference on Availability, Reliability and
Security, 2019, pp. 1–7.
The authors declare that they have no known competing finan- [25] Y. Shen, H. Wang, Enhancing data security of iOS client by encryption
cial interests or personal relationships that could have appeared algorithm, in: IEEE 2nd Advanced Information Technology, Electronic and
Automation Control Conference (IAEAC), 2017, pp. 366–370.
to influence the work reported in this paper.
[26] J.K. MacDuffie, P.A. Morreale, Comparing android app permissions, in:
International Conference of Design, User Experience, and Usability, 2016,
References pp. 57–64.
[27] M. Lutaaya, Rethinking app permissions on iOS, in: Extended Abstracts of
[1] S. O’Dea, Number of mobile phone users worldwide from 2016 to 2021 (in the 2018 CHI Conference on Human Factors in Computing Systems, 2018,
billions), 2020, Available from: https://www.statista.com/statistics/330695/ pp. 1–6.
number-of-smartphone-users-worldwide/. [28] H. Pieterse, M. Olivier, R. van Heerden, Detecting manipulated smartphone
[2] Statcounter GlobalStats, Mobile operating system market share worldwide, data on Android and iOS devices, in: International Information Security
2020, Available from: https://gs.statcounter.com/os-market-share/mobile/ Conference, 2018, pp. 89–103.
worldwide. [29] M. Opoku, J.G. Davis, P. Nimbe, Security evaluation of the smartphone
[3] Liam Tung, Bigger than Windows, bigger than iOS: Google now platforms: A case study with Android, iOS and Windows phones, Asian
has 2.5 billion active Android devices, 2020, Available from: J. Math. Comput. Res. (2016) 234–259.
https://www.zdnet.com/article/bigger-than-windows-bigger-than-ios- [30] R. Kumar, R.R. Goyal, On cloud security requirements, threats, vulner-
google-now-has-2-5-billion-active-android-devices-after-10-years/. abilities and countermeasures: A survey, Comp. Sci. Rev. 33 (2019)
[4] J. Clement, Mobile app downloads worldwide from 2018 to 2024, by store, 1–48.
2020, Available from: https://www.statista.com/statistics/1010716/apple- [31] S. Garg, R.K. Singh, A.K. Mohapatra, Analysis of software vulnerability
app-store-google-play-app-downloads-forecast/. classification based on different technical parameters, Inform. Secur. J.:
[5] S.F. Hidhaya, A. Geetha, Detection of vulnerabilities caused by webview ex- Glob. Perspect. 28 (2019) 1–19.
ploitation in smartphone, in: Ninth International Conference on Advanced [32] CVE details, 2020, Available from: https://www.cvedetails.com/.
Computing (ICoAC), 2017, pp. 357–364. [33] I. Popescu, The influence of vulnerabilities on the information systems and
[6] L. Zhang, Smartphone App Security: Vulnerabilities and Implementa- methods of prevention, Int. J. Inform. Secur. Cybercrime (IJISC) 7 (2) (2018)
tions Doctoral dissertation, 2018. 25–32.
[7] M.T. Ahvanooey, Q. Li, M. Rabbani, A.R. Rajput, A survey on smart- [34] S.S. Chakkaravarthy, D. Sangeetha, V. Vaidehi, A survey on malware
phones security: Software vulnerabilities, malware, and attacks, 2020, analysis and mitigation techniques, Comp. Sci. Rev. 32 (2019) 1–23.
arXiv preprint arXiv:2001.09406. [35] P. Yan, Z. Yan, A survey on dynamic mobile malware detection, Softw.
[8] M. Talal, A.A. Zaidan, B.B. Zaidan, O.S. Albahri, M.A. Alsalem, A.S. Albahri, Qual. J. 26 (3) (2018) 891–919.
M. Alaa, Comprehensive review and analysis of anti-malware apps for [36] A. Cimitile, F. Mercaldo, V. Nardone, A. Santone, C.A. Visaggio, Talos: no
smartphones, Telecommun. Syst. 72 (2) (2019) 285–337. more ransomware victims with formal methods, Int. J. Inform. Secur., 17(6)
[9] B. Shrestha, D. Ma, Y. Zhu, H. Li, N. Saxena, Tap-wave-rub: Lightweight pp. 719–738.
human interaction approach to curb emerging smartphone malware, IEEE [37] A. Qamar, A. Karim, V. Chang, Mobile malware attacks: Review, taxonomy
Trans. Inf. Forensics Secur. 10 (2015) 2270–2283. & future directions, Future Gener. Comput. Syst. 97 (2019) 887–909.
[10] S. Lee, D.Y. Ju, Assessment of malicious applications using permissions and [38] F. Pierazzi, G. Mezzour, Q. Han, M. Colajanni, V.S. Subrahmanian, A data-
enhanced user interfaces on android, in: IEEE International Conference on driven characterization of modern Android Spyware, ACM Trans. Manage.
Intelligence and Security Informatics (ISI), 2013, p. 270. Inform. Syst. (TMIS) 11 (1) (2020) 1–38.
[11] B. Rashidi, C.J. Fung, A survey of Android security threats and defenses, [39] J. Lim, J.H. Yi, Structural analysis of packing schemes for extracting hidden
JoWUA 6 (3) (2015) 3–35. codes in mobile malware, EURASIP J. Wireless Commun. Networking 1
[12] T. Cho, S.H. Seo, A strengthened Android signature management method, (2016) 221.
KSII Trans. Internet Inform. Syst. 9 (3) (2015). [40] J. Clement, Development of new Android malware worldwide from 2016
[13] C. Szongott, B. Henne, M. Smith, Evaluating the threat of epidemic mobile to 2019 (in millions), 2020, Available from: https://www.statista.com/
malware, in: IEEE 8th International Conference on Wireless and Mobile statistics/680705/global-android-malware-volume/.
Computing, Networking and Communications (WiMob), 2012, pp. 443–450. [41] S. Garg, N. Baliyan, A novel parallel classifier scheme for vulnerability
[14] P. Teufl, T. Zefferer, C. Stromberger, Mobile device encryption systems, in: detection in android, Comput. Electr. Eng. 77 (2019) 12–26.
IFIP International Information Security Conference, 2013, pp. 203–216. [42] S. Garg, N. Baliyan, Data on vulnerability detection in android, Data Brief
[15] S. Salerno, A. Sanzgiri, S. Upadhyaya, Exploration of attacks on current 22 (2019) 1081–1087.
generation smartphones, Procedia Comput. Sci. 5 (2011) 546–553. [43] S. Garg, N. Baliyan, Android malware classification using ensemble classi-
[16] J. Zdziarski, Identifying back doors attack points and surveillance fiers, in: Cloud Security: Concepts, Applications and Perspectives, Chapter
mechanisms in iOS devices, Digit. Invest. 11 (2014) 3–19. 13, CRC Press, 2021, In Press.

13