Professional Documents
Culture Documents
ISSN: 2278-0181
ICCCS - 2017 Conference Proceedings
I. INTRODUCTION
Mobile Operating System (MOS) which is a handheld Figure 1: Android-architecture
operating system. This is a software podium for mobile
devices which facilitates mobile devices to run the iOS was derived from OS X . This iOS is only used by
application and program. Mobile devices enable us to send Apple Inc. for iPhone and iPad [8]. There are 4 abstraction
text messages, browse the web, access emails and even make layers which are Core OS layer, Core Services Layer, Media
monetary transactions. This MOS coalesce features of a Layer and Cocoa touch layer. Core OS layer is the base layer
personal computer operating system and control all hardware of the iOS stack and assemble directly on the hardware. This
and optimizes the efficiency. There are so many MOS in the layer serves a wide variety of services including low-level
market. The two well-known MOS nowadays is Android and network access to peripheral accessories and common
iPhone Operating System (iOS). Android OS is an open operating system services such as memory management
source, its source code was released by Google under the policy, and thread handling file system. The iOS Core
Apache license which makes it accessible for everyone. The Services layer serves the establishment on which several
operating system is a linux based and the application software earlier layers referenced constructed and consists of the
running on an application framework combining with following framework. Media layer contains the graphics,
Javacompatible [12] libraries based on Apache Harmony. audio, video and technology geared towards creating the
Android is intended primarily for touch screen devices and finest multimedia familiarity available on a mobile device.
the user interface is based on direct manipulation using the Technology in this layer were designed to make it easy for
touch screen. The first Android phone sold in the year,2008 you to build applications that appears and sound enormous.
and the latest version is Nougat 7.1.1. The Cocoa Touch layer serves the key structure for
constructing iOS applications. It explains the fundamental
application infrastructure and hold up for key technologies
such as multitasking, touch-based input, push notifications,
and many high-level system services. Some of the application
can be freely downloaded. For iOS application cannot
directly communicate with other apps. The first iphone sold
in the year,2007 and the latest version is iOS 10. Why we
need security on MOS is to make sure all the user
information is not hacked, to make sure sensitive data is not
exposed to other persons and to recognize, prevent, correct
and eliminate viruses.
Cream Sandwich 4.0”. Encryption is based on dm-encrypt audit traces. Their work is based on the hypothesis that
(disk encryption) for Android operating system. You must privilege programs are more likely to deed susceptibilities.
have encryption pin or password [11] to read the encrypted They have presented the Program Policy Specification
file in Android [7]. Encryption is also a new security method Language based on a modest predicate logic and regular
in iOS too. Hardware encryption was introduced with the expressions.
IPhone 3GS. Encryptions secure all our data in an Apple
product. Encryption allows remote wipe by removing the III. METHODOLOGY
encryption key for the device. Once the hardware key is
removed, the device is useless for iOS operating system This study used the descriptive method of research using
mobile devices. Full MDM API’s available in iOS [7]. You documentary examination to gather significant information
should have passcode to study the encrypted file in iOS. and to meet up the goals of the study. For this purpose, the
Apple iOS device protection API is more robust than proponent used the Internet, scientific articles, threat reports
Android. While designing the developers does not take and recorded presentations as sources. To get some base
benefit of the encryption method although both Android and knowledge about risks and threats for applications the
iOS operating system supports the storage of secrets in the proponent looked into security motivation, architecture,
cipher text mode on disks. All encrypted data can be stored in malicious history, malicious approaches, threats and
the form of plain text but cannot be accessed by the vulnerabilities.The proponent used a questionnaire checklist
developers without knowing the encryption codes. as a survey instrument to determinethe level of security
awareness and practices of Android and iOS users.
Built-in Antivirus In general there are 3 types of popular Apple has a good reputation for staying on top of security.
malware that affects mobile such as Virus, Spyware and The company strictly reviews all of the apps available
Trojan [10]. A Virus is a true piece of malicious software. through the App Store to avoid allowing malware through.
The Virus is usually transmitted through email. Spyware is They also work hard to ensure devices have the most recent
software that gathers information about users without their version of the iOS installed (which usually includes security
knowledge. Meanwhile Trojan serves a desirable function but updates) and encourage mass upgrades. Because of their
actually the purpose of the Trojan is malicious. Both Android reputation and overall popularity, breaching Apple’s iOS
and iOS mobile was introduced with built-in antivirus would be an impressive feat for any hacker. But still last year,
features to avoid malware such as viruses, spyware and security researchers found a vulnerability that had the
Trojan from affecting our mobile operating system. Android potential to allow fake versions of apps to get into iOS
mobile does not have a vigorous vetting process. Android devices. More recently, the company discovered 39 malware-
users can install thousands of applications from Google Play infected apps in the App Store; this was considered to be
safely. The antivirus features weren’t actually found on Apple’s first major cyber attack. Additionally, in September,
Android devices but actually found in Google Play [8]. This 2016 it was discovered that more than 225,000 iPhone users
means the apps downloaded from outside web source beside had their Apple account information compromised by
Google Play is very risky. The outside source is much easier malware. This attack only targeted individuals with
for malicious applications to turn the developed software into jailbroken iPhones. Jailbreaking allows people to customize
a virus. The Android operating system will prompt a window their phones in many ways, but it also makes them vulnerable
to allow downloading some applications from untrusted web. to hackers and voids Apple’s warranty.
Once permission is given, some application will download
viruses into the Android operating system. The extra antivirus
solution needs to be installed in the Android operating system
to avoid popular malware affects our mobile operating system
[6] . iOS is Apple’s mobile operating system developed
by Apple. Apple has done additional design work to enhance
security without comprising usability. Apple does not need
anti-virus program for iOS because it does not leave room for
viruses to get into the system. The only place to get apps
download is from the App store. Apple does not allow Built on an “open” philosophy, Android makes it easy for
installation from an outside source. Everything through the users to configure the OS to their personal preferences. Many
Apps Store is rigorously checked to make sure it does not Android users say they love the flexibility and the option to
contain malicious codes. The iOS operating system is less customize their devices.
likely to virus attacks than the Android operating system. Unfortunately, keeping things “open” is also what keeps
Apple iOS has put forth authentication procedures to ensure Android more vulnerable. Android-based phones are more
safety for its users. As an open source and social network, widely used across the world, and studies have shown that a
Android is more prone to virus attached and other security much larger percentage of mobile malware targets Android
threats. Recovery measures include fraud proof over iOS.
susceptibilities in privileged programs by implementation When it comes to OS updates, Android is notorious for being
monitoring (ARSP) inconsistent. It is not uncommon to find an Android owner
ARSP project [2] worked on recognition of susceptibility running an old version of the OS on their device, making
misuses in privileged programs by monitoring operational them more vulnerable to hackers. This summer, a
vulnerability — nicknamed Stagefright — was found in the
open source code of the Android OS. The bug was considered Memory Fully applied in Fully applied in 9.0
a threat to 95% of Android devices — nearly 1 billion phones Randomization Nougat and started and 10.0 releases.
since Jelly bean. No Added with code
and tablets. This prompted Google and companies like code signing signing technology
Samsung and LG to rethink how they provide software technology
updates. Encryption Android 5.0 and above Hardware and
supports full disk Firmware encryption ;
encryption whereas Advanced Encryption
Android 7.0 and above Standard(AES) 256 bit
supports file based crypto engine
encryption
Built-in Antivirus Antivirus can be No antivirus is
downloaded from the required since there is
Android market. More checking been done in
easy for virus attack the Apps Store
since no protection and
Apple users have long enjoyed a somewhat higher level of checking is done
security, thanks in part to the company’s proprietary before outside web
source application
approach to software and hardware. With fewer third-party been downloaded
manufacturers involved, Apple has been able to lock down its App Store Distribution Google play is the App store constitutes
systems more easily. Also, until recently, Apple didn’t have most trusted and used 90% of apps
much adoption in the corporate world, so hackers chose marketplace for distribution by iOS
android apps, but there users but there are
mainly to target Windows-based machines instead. But those
are many other too other too which are
days may be coming to an end. which are used very used very less.
less
App Permission In this if you want an Improved permission
app , then all the system where you can
permissions is to be actually pick and
accepted , then only choose which data an
you can use that app. app gets access to. So
No modification in one can modify
permissions can be permissions on its own
made by user.
Interface Navigation system is Navigation system is
better and give access restricted , allows user
to its user to change to put them in a folder
according to their and cannot remove the
choice apps from home
screen.
Software/Security It does not provide It provides timely
A security issue has come up recently for Apple, and it’s Updates security update to the security updates for all
version lower than its users
worth noting for those who use iPhones or iPads. The Android 4.4.4 that
company announced it has discovered dozens of malware- means leading to
infected apps on its popular App Store, including WeChat, security holes for
which has more than 500 million monthly users. version lower than
4.4.4
This is considered Apple's first major cyber attack since it Customization It offers far more By contrast, it doesn’t
shows the App Store can be compromised on a large scale. It freedom in terms of allow you to change
also demonstrates that the company’s popularity has made customizing the any icons in the
Apple’s iOS — and its users — a target. The recent Apple interface according to Control Centre
you
incidents may be somewhat minor where only 39 malware- Security There is a high chance There is rare chance of
infected apps were removed from among the 1.5 million apps of malwares, and virus malware, trojans or
on the App Store but they are worth noting. to enter the system virus enter the system
Apple’s security has historically been solid, but that doesn’t because it does not as there is no option
check for the source of provided to download
mean you are completely protected.Because of the ability to download and the other than app store
sync smartphones to desktops and laptops, problems that start software or app being and other trusted
in one device can quickly spread to others. Put some download sources.
protections in place so that you can enjoy your Apple and Fragmentation The fragmentation is The fragmentation is
more because being an lesser than android
stop hackers from taking a big bite.
open-source as well as being a closed source
TABLE 1 so many versions are and providing security-
SECURITY COMPARISON BETWEEN ANDROID AND iOS there. patches to all system
Features Security Comparison in Mobile OS having iOS
Android iOS Vulnerabilites There are 850 There are 1091
Application Each app has its own All apps shared same vulnerabilities in vulnerabilities present
Sandboxing sandbox sandbox android at present in iOS at present
Data Storage Format Have an external No external storage
storage and can be and difficult for the
accessible by unwanted code to
unwanted code access built in storage
IV. CONCLUSION
REFERENCES
Although both Android and iOS have their flaws, Apple’s
iOS has still proved to be a safer bet in terms of security. [1] Grace, M., Zhou, J., Wang, Z., & Jiang, X. (2012). Systematic
Detection of Capability Leaks in Stock Android Smartphones. In
Apple runs a tight ship which can feel constricting to users,
Proceedings of the19thAnnual Symposium on Network and
but ultimately, it is to keep their users as secure as possible. Distributed System Security, NDSS ’12
Yes, hackers have started to poke holes in the iOS but they [2] K. Allix, T. F. Bissyand´e, Q. Jerome, J. Klein, R. State, and Y.
have only managed to target jail broken iPhones and a Le Traon, “Large-scale machine learning-based malware
detection: Confronting the ”10-fold cross validation scheme” with
miniscule portion of apps within the App Store. Mobile
reality,” in CODASPY ’14, 2014.
security is all about trade-offs and manage the risk. It's about [3] Charlie Miller, "Mobile Attacks and Defense," IEEE Security and
how developers can reduce and minimize potential risks for Privacy, vol. 9, no. 4, pp. 68-70, July/Aug. 2011,
consumers. The mobile user should make a choice between doi:1O.1109/MSP.2011.85
[4] R.Johnson, Z.Wang, C.Gagon, and A.Stavrou, “ Analysis of
comfort and privacy of data.
android
In conclusion, we agreed that iOS are more advantage applications`permissions,”inProc.IEEEInt.Conf.Softw.Secur.Reli
compared to Android operating System in term of security ab.Companion, SERE-C, 2012, pp.45-46.
based on comparison that have made. However, there are few [5] Android Open Source Project, Google, “Android Developers
Dashboards”, 2012
basic security points to keep our data safe on the respective
[6] https://developer.android.com/training/articles/security-tips.html
mobile device are: [7] http://www.apple.com/ipad/business/it-
center/deploymentmdm.html
Update your software : Always update your 2013 8th International Conference on Information Technology in
Smartphone OS, irrespective of it being an Android Asia (CITA)
[8] "Apple - iPhone 4S - The most amazing iPhone yet." [Online].
or an iOS, whenever any application patches or OS Available: http://www.apple.com/iphone/.
upgrades are released. [9] Prince McLean.Inside google’s Android and Apple’s iPhone OS
Lock your device: If the device is being used by a as business models.roughlyDrafted Magazine.November
stranger, use a password to lock your device to avoid 10,2009.
[10] Khadijah Wan Mohd Ghazali, Rosilah Hassan and Zulkarnain Md
data theft. Ali, A Network Device Simulator, IEEE ICACT 2013,
Don’t jailbreak your devices.: Do not jail-break, PyongChang Korea Jan 27-30, 2013, pp.378-381.
root, or modify the OS files. [11] Qing Li; Clark, G., "Mobile Security: A Look Ahead," Security &
Privacy, IEEE , vol.11, no.1, pp.78,81, Jan.-Feb. 2013 doi:
Add genuine antivirus from authorized app- 10.1109/MSP.2013.15
store: Install an antivirus and firewall software to [12] Tae Oh; Stackpole, B.; Cummins, E.; Gonzalez, C.;
detect and stop any infection. Ramachandran, R.; Shinyoung Lim, "Best security practices for
Add location tracking app: Install device-tracking android, blackberry, and iOS," Enabling Technologies for
Smartphone and Internet of Things (ETSIoT),
applications to find the phone whenever it is lost or [13] A. J. Aviv, K. Gibson, E. Mossop, M. Blaze, and J. M. Smith,
stolen. "Smudge attacks on smartphone touch screens," Berkeley, CA,
Backup your data: Regularly backup or USA, 2010, pp. 1- 7.
synchronize your settings and other personal [14] "Symantec: Finders Will Try to Access Lost Smartphones -
Security - News & Reviews - eWeek.com - eWeek Mobile."
information to avoid the loss of data. [Online].Available:
Know what you’re downloading: Try to learn http://mobile.eweek.com/c/a/Security/Symantec-Finders-WillTry-
about the application’s reputation before installing to-Access- Lost-Smartphones-350586/.
it.
Manage your data: Control the types of data that
can be accessed via mobile devices to determine
your exposure should a device be compromised.
Use Mobile Device Management software: Use it
to create an encrypted password-protected sandbox
for sensitive data and enforce device-side technical
policies.