Paper Info
Title
Mobile Friendly or Attacker Friendly? - A Large-scale Security Evaluation of Mobile-first Websites.
Abstract
In the last few years, traffic generated by mobile devices has surpassed desktop visits. In order to provide users with the best browsing experience, many website owners specifically tailor their site to mobile devices. While some websites make use of reactive designs, many others opt to create an entirely new "mobile-first" website, typically hosted on a subdomain of the desktop site. These mobile-first sites provide a unique viewpoint on how organizations handle security: the mobile version of a site is typically developed several years after the desktop site by the same organization. Through a large-scale security analysis on 10,222 domains with both a desktop and mobile-first version, we find several strong indicators that security is generally applied consistently across the different parts of an organization's web estate. Overall, we find relatively few differences between the desktop and mobile versions of a website, both on the adoption and the implementation of security features, indicating that these are applied reactively rather than proactively during the design phase.
Year
DOI
Venue
2019
10.1145/3321705.3329855
AsiaCCS
Field
DocType
ISBN
Mobile security,Estate,Computer science,Computer security,Mobile device,Security analysis,Web application security
Conference
978-1-4503-6752-3
Citations 
PageRank 
References 
0
0.34
0
Authors
3
Name
Order
Citations
PageRank
Tom van Goethem113611.77
Victor Le Pochat2304.09
Wouter Joosen32898287.70