{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,30]],"date-time":"2025-12-30T23:29:00Z","timestamp":1767137340178,"version":"build-2238731810"},"publisher-location":"Cham","reference-count":27,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030223113","type":"print"},{"value":"9783030223120","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-22312-0_12","type":"book-chapter","created":{"date-parts":[[2019,6,16]],"date-time":"2019-06-16T19:02:48Z","timestamp":1560711768000},"page":"165-179","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["ESARA: A Framework for Enterprise Smartphone Apps Risk Assessment"],"prefix":"10.1007","author":[{"given":"Majid","family":"Hatamian","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0893-7856","authenticated-orcid":false,"given":"Sebastian","family":"Pape","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kai","family":"Rannenberg","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,6,5]]},"reference":[{"key":"12_CR1","unstructured":"Google play scraper. https:\/\/github.com\/facundoolano\/google-play-scraper\/"},{"key":"12_CR2","unstructured":"Mobile application security scanner. https:\/\/www.ostorlab.co\/"},{"key":"12_CR3","unstructured":"Mobile top 10 2016-top 10. https:\/\/www.owasp.org\/index.php\/mobile_top_10_2016-top_10\/"},{"key":"12_CR4","unstructured":"Nviso. apkscan. https:\/\/apkscan.nviso.be\/"},{"key":"12_CR5","unstructured":"Quick android review kit. https:\/\/github.com\/linkedin\/qark"},{"key":"12_CR6","unstructured":"Quixxi integrated app management system. https:\/\/quixxisecurity.com\/"},{"key":"12_CR7","unstructured":"Sanddroid - an automatic android application analysis system. http:\/\/sanddroid.xjtu.edu.cn"},{"key":"12_CR8","unstructured":"Veracode mobile app top 10. http:\/\/www.veracode.com\/directory\/mobileapp-top-10\/"},{"key":"12_CR9","unstructured":"Protection of sensitive data and services (2012). https:\/\/www.sit.fraunhofer.de\/en\/bizztrust\/"},{"key":"12_CR10","unstructured":"NowSecure mobile security report (2016). https:\/\/www.nowsecure.com\/blog\/2016\/02\/11\/2016-nowsecure-mobile-security-report-now-available\/"},{"key":"12_CR11","unstructured":"Arxan\u2019s 5th annual state of application security report (2016). https:\/\/www.arxan.com\/press-releases\/arxans-5th-annual-state-of-application-security-report-reveals-disparity-between-mobile-app-security-perception-and-reality"},{"key":"12_CR12","unstructured":"Framework for app security tests (2016). https:\/\/www.sit.fraunhofer.de\/en\/appicaptor\/"},{"key":"12_CR13","unstructured":"Most vulnerable os of the year 2017 (2017). https:\/\/www.cybrnow.com\/10-most-vulnerable-os-of-2017\/"},{"key":"12_CR14","doi-asserted-by":"crossref","unstructured":"Agarwal, Y., Hall, M.: Protectmyprivacy: detecting and mitigating privacy leaks on IOs devices using crowdsourcing. In: Proceedings of MobiSys, pp. 97\u2013110 (2013)","DOI":"10.1145\/2462456.2464460"},{"key":"12_CR15","doi-asserted-by":"crossref","unstructured":"Beresford, A., Rice, A., Sohan, N.: Mockdroid: trading privacy for application functionality on smartphones. In: The Proceedings of the 12th Workshop on Mobile Computing Systems and Applications, Phoenix, Arizona, USA, pp. 49\u201354 (2011)","DOI":"10.1145\/2184489.2184500"},{"issue":"9","key":"12_CR16","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1109\/MC.2012.36","volume":"45","author":"M Chandramohan","year":"2012","unstructured":"Chandramohan, M., Tan, H.B.K.: Detection of mobile malware in the wild. Computer 45(9), 65\u201371 (2012). https:\/\/doi.org\/10.1109\/MC.2012.36","journal-title":"Computer"},{"key":"12_CR17","unstructured":"Enck, W., et al.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: The Proceedings of the the 9th ACM USENIX Conference on Operating Systems Design and Implementation, Vancouver, BC, Canada, pp. 393\u2013407 (2010)"},{"key":"12_CR18","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-319-64483-7_1","volume-title":"Trust, Privacy and Security in Digital Business","author":"Majid Hatamian","year":"2017","unstructured":"Hatamian, M., Serna, J., Rannenberg, K., Igler, B.: Fair: fuzzy alarming index rule for privacy analysis in smartphone apps. In: The Proceedings of the 14th International Conference on Trust and Privacy in Digital Business (TrustBus), Lyon, France, pp. 3\u201318 (2017)"},{"key":"12_CR19","doi-asserted-by":"crossref","unstructured":"Hatamian, M., Serna-Olvera, J.: Beacon alarming: Informed decision-making supporter and privacy risk analyser in smartphone applications. In: Proceedings of the $$35^{\\text{th}}$$ IEEE International Conference on Consumer Electronics (ICCE), USA (2017)","DOI":"10.1109\/ICCE.2017.7889399"},{"key":"12_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"198","DOI":"10.1007\/978-3-319-95729-6_13","volume-title":"Data and Applications Security and Privacy XXXII","author":"M Hatamian","year":"2018","unstructured":"Hatamian, M., Kitkowska, A., Korunovska, J., Kirrane, S.: \u201cIt\u2019s Shocking!\u201d: analysing the impact and reactions to the A3: Android Apps behaviour analyser. In: Kerschbaum, F., Paraboschi, S. (eds.) DBSec 2018. LNCS, vol. 10980, pp. 198\u2013215. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-95729-6_13"},{"key":"12_CR21","doi-asserted-by":"publisher","first-page":"332","DOI":"10.1016\/j.cose.2019.02.010","volume":"83","author":"Majid Hatamian","year":"2019","unstructured":"Hatamian, M., Serna, J., Rannenberg, K.: Revealing the unrevealed: mining smartphone users privacy perception on app markets. Comput. Secur. (2019). https:\/\/doi.org\/10.1016\/j.cose.2019.02.010. http:\/\/www.sciencedirect.com\/science\/article\/pii\/S0167404818313051","journal-title":"Computers & Security"},{"key":"12_CR22","doi-asserted-by":"crossref","unstructured":"Maggi, F., Valdi, A., Zanero, S.: Andrototal: a flexible, scalable toolbox and service for testing mobile malware detectors. In: Proceedings of the 3rd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 49\u201354 (2013)","DOI":"10.1145\/2516760.2516768"},{"issue":"1","key":"12_CR23","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10916-014-0181-3","volume":"39","author":"B Mart\u00ednez-P\u00e9rez","year":"2015","unstructured":"Mart\u00ednez-P\u00e9rez, B., De La Torre-D\u00edez, I., L\u00f3pez-Coronado, M.: Privacy and security in mobile health apps: a review and recommendations. J. Med. Syst. 39(1), 1\u20138 (2015)","journal-title":"J. Med. Syst."},{"key":"12_CR24","doi-asserted-by":"crossref","unstructured":"Nauman, M., Khan, S., Zhang, X.: Apex: extending android permission model and enforcement with user-defined runtime constraints. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 328\u2013332 (2010)","DOI":"10.1145\/1755688.1755732"},{"key":"12_CR25","first-page":"2825","volume":"12","author":"F Pedregosa","year":"2011","unstructured":"Pedregosa, F., et al.: Scikit-learn: machine learning in python. J. Mach. Learn. Res. 12, 2825\u20132830 (2011)","journal-title":"J. Mach. Learn. Res."},{"key":"12_CR26","doi-asserted-by":"crossref","unstructured":"Plachkinova, M., Andres, S., Chatterjee, S.: A taxonomy of mhealth apps - security and privacy concerns. In: 2015 48th HICSS, pp. 3187\u20133196, January 2015","DOI":"10.1109\/HICSS.2015.385"},{"key":"12_CR27","doi-asserted-by":"crossref","unstructured":"Zhou, Y., Zhang, X., Jiang, X., Freech, V.W.: Taming information-stealing smartphone applications (on android). In: the Proceedings of the 4th International Conference on Trust and Trustworthy Computing, Pittsburgh, PA, USA, pp. 39\u2013107 (2011)","DOI":"10.1007\/978-3-642-21599-5_7"}],"updated-by":[{"DOI":"10.1007\/978-3-030-22312-0_27","type":"correction","label":"Correction","source":"publisher","updated":{"date-parts":[[2019,7,7]],"date-time":"2019-07-07T00:00:00Z","timestamp":1562457600000}}],"container-title":["IFIP Advances in Information and Communication Technology","ICT Systems Security and Privacy Protection"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-22312-0_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,12]],"date-time":"2024-03-12T11:35:25Z","timestamp":1710243325000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-22312-0_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030223113","9783030223120"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-22312-0_12","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"value":"1868-4238","type":"print"},{"value":"1868-422X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"5 June 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"7 July 2019","order":2,"name":"change_date","label":"Change Date","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"Correction","order":3,"name":"change_type","label":"Change Type","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"By mistake the originally published version of this chapter did not include the acknowledgement text. This has been corrected so that the updated version of the chapter now contains the following acknowledgement:  This research was supported by the European Union\u2019s Horizon 2020 Research and Innovation program under the Marie Sk\u0142odowska-Curie \u201cPrivacy&Us\u201d project (GA No. 675730).","order":4,"name":"change_details","label":"Change Details","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on ICT Systems Security and Privacy Protection","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Lisbon","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Portugal","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 June 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 June 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"34","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"sec2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.ifipsec.org\/2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"76","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"34% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}