Almost everywhere one turns, one sees someone using a smartphone or other mobile, internet-connected device. Commonly, usage of such devices is not to make and receive phone calls as one might expect but the use of countless services that allow one to manipulate, share, download, view, listen to digital entities, such as emails, photos, videos, audio files, and so much more. Indeed, many users keep much of their personal, private, and business lives locked and synchronized in these powerful portable computers. But, there is a problem – data leakage. How can we be sure that our smartphones aren’t betraying our inner secrets to third parties with perhaps malicious intent or at best with their, not our, interest in mind?
Work published in the International Journal of Security and Networks discusses and assesses the techniques that can be employed to test whether a smartphone or device is leaking data. The team has surveyed the problem for the two main operating systems – Android and iOS. The team explains data leakage is defined as the unintentional or accidental distribution of sensitive information to a third-party entity. This might be leakage to the creators of a particular app or leakage via malware or hacking.
Ultimately, the team found, none of the current defenses against data leakage is perfect nor even entirely adequate. They point out that future developments in machine learning, so-called artificial intelligence, will most likely be the way forward for smart software to protect our purportedly smart devices.
Rocha, T., Souto, E. and El-Khatib, K. (2019) ‘Techniques to detect data leakage in mobile applications‘, Int. J. Security and Networks, Vol. 14, No. 3, pp.146-157.