{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,10]],"date-time":"2024-09-10T13:40:54Z","timestamp":1725975654894},"publisher-location":"Cham","reference-count":41,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319788159"},{"type":"electronic","value":"9783319788166"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-78816-6_21","type":"book-chapter","created":{"date-parts":[[2018,4,24]],"date-time":"2018-04-24T03:02:48Z","timestamp":1524538968000},"page":"301-319","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Sensitive Data in Smartphone Applications: Where Does It Go? Can\u00a0It\u00a0Be Intercepted?"],"prefix":"10.1007","author":[{"given":"Eirini","family":"Anthi","sequence":"first","affiliation":[]},{"given":"George","family":"Theodorakopoulos","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,4,25]]},"reference":[{"key":"21_CR1","unstructured":"RFC 5246 - The Transport Layer Security (TLS) Protocol Version 1.2. https:\/\/tools.ietf.org\/html\/rfc5246 . Accessed 05 Jan 2017"},{"key":"21_CR2","unstructured":"Diquet, A.: iOS SSL Kill Switch (2016). https:\/\/github.com\/iSECPartners\/ios-ssl-kill-switch . Accessed 20 Apr 2017"},{"key":"21_CR3","unstructured":"AlFardan, N.: On the Security of RC4 in TLS. http:\/\/www.isg.rhul.ac.uk\/tls\/ . Accessed 25 Apr 2017"},{"key":"21_CR4","unstructured":"Appanalysis. Realtime Privacy Monitoring on Smartphones (2016). http:\/\/www.appanalysis.org\/index.html\/ . Accessed 9 Apr 2017"},{"key":"21_CR5","unstructured":"Apple. Ad for Developers. Apple Developer. https:\/\/developer.apple.com\/iad\/ . Accessed 03 May 2017"},{"key":"21_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"216","DOI":"10.1007\/3-540-48166-4_14","volume-title":"Software Engineering \u2014 ESEC\/FSE 99","author":"T Ball","year":"1999","unstructured":"Ball, T.: The concept of dynamic analysis. In: Nierstrasz, O., Lemoine, M. (eds.) ESEC\/SIGSOFT FSE -1999. LNCS, vol. 1687, pp. 216\u2013234. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48166-4_14"},{"key":"21_CR7","unstructured":"Blanchou, M.: iSECPartners\/Android-SSL-TrustKiller. Bypass SSL certificate pinning for most applications. https:\/\/github.com\/iSECPartners\/Android-SSL-TrustKiller . Accessed 03 May 2017"},{"key":"21_CR8","unstructured":"Boneh, D., Inguva, S., Baker, I.: SSL, MITM Proxy (2007). http:\/\/crypto.stanford.edu\/ssl-mitm"},{"key":"21_CR9","unstructured":"Boyles, J.L., Smith, A., Madden, M.: Privacy and data management on mobile devices. Pew Internet Am. Life Project 4 (2012)"},{"key":"21_CR10","unstructured":"Carnegie Mellon University. Knowledge of Location Sharing by Apps Prompts Privacy Action (2015). https:\/\/www.sciencedaily.com\/releases\/2015\/03\/150323132846.html . Accessed 4 Apr 2017"},{"key":"21_CR11","unstructured":"Cohen, A.: The iPhone Jailbreak: A Win Against Copyright Creep. Time.com (2010)"},{"key":"21_CR12","unstructured":"Elenkov, N.: Certificate Pinning in Android 4.2 (2012)"},{"key":"21_CR13","unstructured":"ENISA. Top Ten Smartphone Risks (2016). https:\/\/www.enisa.europa.eu\/activities\/Resilience-and-CIIP\/critical-applications\/smartphone-security-1\/top-ten-risks . Accessed 4 Apr 2017"},{"key":"21_CR14","unstructured":"MIT Laboratory for Computer Science and RSA Data Security. RFC 1321 - The MD5 Message-Digest Algorithm. https:\/\/tools.ietf.org\/html\/rfc1321 . Accessed 25 Apr 2017"},{"key":"21_CR15","unstructured":"Fox, M.A., King, P.F., Ramasubramani, S.: Method and apparatus for maintaining security in a push server. US Patent 6,421,781, 16 July 2002"},{"key":"21_CR16","unstructured":"FTC. Federal Trade Commission (2016). https:\/\/www.ftc.gov\/search\/site\/fitness~app . Accessed 9 Apr 2017"},{"key":"21_CR17","unstructured":"Google. Monetize and Promote with Google Ads.Google Developers. https:\/\/developers.google.com\/ads\/?hl=en . Accessed 03 May 2017"},{"key":"21_CR18","unstructured":"Google. Rebooting Responsible Disclosure: A Focus on Protecting End Users. https:\/\/security.googleblog.com\/2010\/07\/rebooting-responsible-disclosure-focus.html . Accessed 30 Apr 2017"},{"key":"21_CR19","unstructured":"Internet Engineering Task Force (IETF). RFC 7465 - Prohibiting RC4 Cipher Suites. https:\/\/tools.ietf.org\/html\/rfc7465#section-1 . Accessed 25 Apr 2017"},{"key":"21_CR20","unstructured":"Zang, J., Dummit, K., Graves, J., Lisker, P., Sweeney, L.: Who knows what about me? A survey of behind the scenes personal data sharing to third parties by mobile apps (2015). http:\/\/techscience.org\/a\/2015103001\/ . Accessed 14 Feb 2017"},{"key":"21_CR21","first-page":"41","volume":"221","author":"A Mense","year":"2016","unstructured":"Mense, A., Steger, S., Sulek, M., Jukic-Sunaric, D., M\u00e9sz\u00e1ros, A.: Analyzing privacy risks of mhealth applications. Stud. Health Technol. Inform. 221, 41 (2016)","journal-title":"Stud. Health Technol. Inform."},{"key":"21_CR22","unstructured":"Cooney, M.: 10 Common Mobile Security Problems to Attack (2012). http:\/\/www.pcworld.com\/article\/2010278\/10-common-mobile-security-problems-to-attack.html . Accessed 4 Apr 2017"},{"key":"21_CR23","unstructured":"mitmproxy. About certificates (2016). Accessed 20 Apr 2017"},{"key":"21_CR24","unstructured":"mitmproxy. How mitmproxy works (2016). Accessed 20 Apr 2017"},{"key":"21_CR25","doi-asserted-by":"crossref","unstructured":"Moeller, B., Langley, A.: RFC 7507: TLS fallback signaling cipher suite value (SCSV) for preventing protocol downgrade attacks (2015)","DOI":"10.17487\/RFC7507"},{"key":"21_CR26","volume-title":"Wireshark & Ethereal Network Protocol Analyzer Toolkit","author":"A Orebaugh","year":"2006","unstructured":"Orebaugh, A., Ramirez, G., Beale, J.: Wireshark & Ethereal Network Protocol Analyzer Toolkit. Syngress, Rockland (2006)"},{"key":"21_CR27","unstructured":"OWASP. Man-in-the-Middle Attack (2016). https:\/\/www.owasp.org\/index.php\/Man-in-the-middle_attack\/ . Accessed 18 Apr 2017"},{"key":"21_CR28","unstructured":"OWASP. O-Saft (2016). https:\/\/www.owasp.org\/index.php\/O-Saft\/ . Accessed 20 Apr 2017"},{"key":"21_CR29","unstructured":"OWASP. Transport Layer Protection Cheat Sheet (2016). https:\/\/www.owasp.org\/index.php\/Transport_Layer_Protection_Cheat_Sheet . Accessed 18 Apr 2017"},{"key":"21_CR30","unstructured":"Pangu. Pangu Jailbreak (2016). http:\/\/en.pangu.io . Accessed 20 Apr 2017"},{"key":"21_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/11935230_5","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2006","author":"S Paul","year":"2006","unstructured":"Paul, S., Preneel, B.: On the (in)security of stream ciphers based on arrays and modular addition. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 69\u201383. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11935230_5"},{"key":"21_CR32","unstructured":"Raoa, A., Kakhkib, A.M., Razaghpanahe, A., Tangc, A., Wangd, S., Sherryc, J., Gille, P., Krishnamurthyd, A., Legouta, A., Misloveb, A., et al.: Using the middle to meddle with mobile. Technical report, Northeastern University (2013)"},{"key":"21_CR33","volume-title":"SSL and TLS: Designing and Building Secure Systems","author":"E Rescorla","year":"2001","unstructured":"Rescorla, E.: SSL and TLS: Designing and Building Secure Systems, vol. 1. Addison-Wesley Reading, Boston (2001)"},{"key":"21_CR34","unstructured":"Smith, A.: Us Smartphone Use in 2015. Pew Research Center, pp. 18\u201329 (2015). Accessed 1 Apr 2017"},{"key":"21_CR35","unstructured":"Statista. The Hidden Dangers of Public WiFi (2016). http:\/\/www.privatewifi.com\/wp-content\/uploads\/2015\/01\/PWF_whitepaper_v6.pdf\/ . Accessed 5 Apr 2017"},{"key":"21_CR36","unstructured":"Statista. Number of Smartphone Users Worldwide from 2014 to 2019 (2016). http:\/\/www.statista.com\/statistics\/330695\/number-of-smartphone-users-worldwide\/ . Accessed 1 Apr 2017"},{"key":"21_CR37","unstructured":"Stuttard, D.: Burp Suite (2007)"},{"key":"21_CR38","first-page":"1","volume":"17","author":"S Thurm","year":"2010","unstructured":"Thurm, S., Kane, Y.I.: Your apps are watching you. Wall Str. J. 17, 1 (2010)","journal-title":"Wall Str. J."},{"key":"21_CR39","volume-title":"The Mobile Application Hacker\u2019s Handbook","author":"D Chell","year":"2015","unstructured":"Chell, D., Erasmus, T., Colley, S., Whitehouse, O.: The Mobile Application Hacker\u2019s Handbook, 1st edn. Wiley, Hoboken (2015)","edition":"1"},{"issue":"3","key":"21_CR40","doi-asserted-by":"publisher","first-page":"185","DOI":"10.1023\/A:1014570512129","volume":"7","author":"U Varshney","year":"2002","unstructured":"Varshney, U., Vetter, R.: Mobile commerce: framework, applications and networking support. Mob. Netw. Appl. 7(3), 185\u2013198 (2002)","journal-title":"Mob. Netw. Appl."},{"key":"21_CR41","unstructured":"Victor, H.: Android\u2019s Google play beats app store with over 1 million apps, now officially largest (2013). Accessed 16 Jan 2014"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-78816-6_21","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,16]],"date-time":"2019-10-16T22:47:30Z","timestamp":1571266050000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-78816-6_21"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319788159","9783319788166"],"references-count":41,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-78816-6_21","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2018]]}}}