Advanced
Analysis of a Security Survey for Smartphones
Analysis of a Security Survey for Smartphones
International Journal of Contents. 2015. Sep, 11(3): 14-23
Copyright © 2015, The Korea Contents Association
  • Received : March 12, 2015
  • Accepted : July 17, 2015
  • Published : September 28, 2015
Download
PDF
e-PUB
PubReader
PPT
Export by style
Article
Author
Metrics
Cited by
TagCloud
About the Authors
Sang-Zo Nam
namsz@mokwon.ac.kr

Abstract
This paper presents the findings of a study in which students at a four-year university were surveyed in an effort to analyze and verify the differences in perceived security awareness, security-related activities, and security damage experiences when using smartphones, based on demographic variables such as gender, academic year, and college major. Moreover, the perceived security awareness items and security-related activities were tested to verify whether they affect the students’ security damage experience. Based on survey data obtained from 592 participants, the findings indicate that demographic differences exist for some of the survey question items. The majority of the male students replied “affirmative” to some of the questions related to perceived security awareness and “enthusiastic” to questions about security-related activities. Some academic year differences exist in the responses to perceived security awareness and security-related activities. On the whole, freshmen had the lowest level of security awareness. Security alert seems to be very high in sophomores, but it decreases as the students become older. While the difference in perceived security awareness based on college major was not significant, the difference in some security-related activities based on that variable was significant. No significant difference was found in some items such as storing private information in smartphones and frequency of implementation of security applications based on the college major variable. However, differences among the college majors were verified in clicking hyperlinks in unknown SMS messages and in the number of security applications in smartphones. No differences were found in security damage experiences based on gender, academic year, and college major. Security awareness items had no impact on the experience of security damage in smartphones. However, some security activities, such as storing resident registration numbers in a smartphone, clicking hyperlinks in unknown SMS messages, the number of security apps in a smartphone, and the frequency of implementation of security apps did have an impact on security damage.
Keywords
1. INTRODUCTION
Recently, smartphones have become an integrated terminal and the rapid propagation of these devices has made them essential [1] . Now, it is time to address the social problems related to smartphone usage, such as addiction [2] - [4] and security issues. In terms of security, although people are aware of the need for computer and network security, the significance of smartphone security has not yet received sufficient public attention. The reason for this could be due to the fact that smartphones have a shorter history of use than computers and telecommunication systems.
However, the number of smartphone security breaches has begun to rapidly expand. Therefore, the significance of smartphone security should not be overlooked and precautions should be taken to ensure smartphone security so that the same errors caused by the security vulnerability problems of computers and networks will not be repeated. The Android smartphone, which is popular in Korea, has open source characteristics, which can be used by malicious application developers resulting in the potential misuse or nonuse of control permission for communications between the application components [5] . In addition, it is possible to break into the iPhone’s closed network using the zombie process [6] and information sniffing via the iPhone’s Safari browser has also been reported [7] . In order to invigorate various research studies on smartphone security, it is necessary to investigate the current state of affairs.
The goal of the present study is to verify security awareness and activities for smartphones. We selected university students who are one of the most prolific smartphone users as the focus of the investigation. We conducted a comparison of the security awareness, security-related activities, and security damage experiences of university students using smartphones based on the following variables: gender, academic year in school, and college major. We also tested perceived security awareness items and security-related activities to verify whether they affect the smartphone security damage experience of the students. Out of a total of 8,399 students enrolled at a four-year university in Korea, 592 participants were used as the study sample.
2. RESEARCH BACKGROUND
- 2.1 Smartphone Security
McAfee Labs Threats Report for the 4 th quarter of 2013 noted that 2.47 million new mobile malicious codes were identified, which brought the annual total to 3.73 million malicious codes at the end of 2013. That reflects a 197% rate of growth compared to the total number of malicious codes at the end of 2012, and that growth is significantly greater than the 1,000+ total malicious codes identified at the end of 2011. A new 2015 [8] report indicated that the total number of mobile malicious codes at the end of 2014 exceeded 6 million as shown in Fig. 1 .
PPT Slide
Lager Image
Increasing trend of mobile malicious code (source: McAfee Labs Threats Report, Feb. 2015)
Regarding the fact that mobile malicious codes can be diffused by downloaded applications, web sites, push mails, and SMS messages, the seriousness of the future proliferation is easy to comprehend. Catching up with this trend, the Korea Communications Commission established and implemented a comprehensive mobile security plan, and the Korea Internet & Security Agency(KISA) provides Self Security Checker(SSC), which is a smartphone application for security inspection [9] .
Jang reported that the damage patterns caused by mobile malicious codes included file delete and modification, battery consumption, financial information breaches, information leakage, push messages, remote control, and SMS messages phishing [10] . Moreover, Na. et al. argued that PC security threats could be applied to smartphones, and reported that smartphone-related security threats included private information leakage, corporate classified intelligence leakage, business information leakage caused by smartphone loss and theft, and information leakage caused by malicious code infection, malfunction, charging fraud, mobile DDoS attack, packet sniffing and hacking, and the risk of illegally contacting the server [11] .
However, Lee et al. argued that smartphone securityrelated technology is limited to terminal security, such as vaccine programs, backup management, and remote wipes, and pointed out that the security-related technology of smartphones was immature compared to wire communications [12] . Lee argued that while smartphone functions could be compared with PC functions, smartphone security needed to be able to more fully cope with the new infection routes of SMS messages [13] .
Lee et al. argued that the anti-virus program, which is the most popular smartphone security measure, could be ineffective in the case of a belated update, and proposed alternative security measures, such as code signing, security patches, secure file management, system security measures, secure chips, and storage security [14] .
- 2.2 Review of Information Security Practices
Despite the importance of information security, it is evident that awareness about information security be heightened. Park et al. investigated the information security awareness of university students, and reported that while the students recognized its importance, their awareness about the need for that security and their practice of it were sorely lacking [15] .
Park investigated the correlations among security awareness, security activities, the professor’s security level, and management process for university research labs [16] . Kim et al. suggested that security policies influenced individual characteristics and improved security awareness. Moreover, individual characteristics and security awareness had a positive impact on security effectiveness [17] . Ha et al. noted that a correlation existed among security interest, information security awareness, security vulnerability, information leakage risks, and security activities [18] .
The existing literature primarily consists of studies investigating security threats and security technology as well as studies examining the correlations among security elements, such as technicality, awareness, policy, activities, effectiveness, etc.
It is difficult to find studies that have compared these security elements based on demographic characteristics, which can provide basic information for the present status of smartphone security. Therefore, we compared security elements, such as security awareness, security-related activities, and security damage experiences, based on demographic characteristics such as gender, academic year, and college major. We also aimed to verify whether perceived security awareness items and security-related activities affected the security damage experience for smartphone users. The obtained results were analyzed and reported.
3. RESEARCH METHODOLOGY
- 3.1 Survey methodology
3.1.1 Survey content: The survey used in this research study consisted of four categories: statistics of the survey respondents, security awareness, security-related activities, and security damage experiences. The survey consisted of multiple-choice, yes-no, and 5-point Likert scale questions. Survey categories and questions are listed in Table 1 .
Survey content
PPT Slide
Lager Image
Survey content
3.1.2 Statistics of survey respondents: We surveyed 8,399 students in March 18th of 2014 to March 31st of 2014 of a four-year university in Korea, and received 592 immaculate replies. The ratio of male : female amongst the respondents is 49.8% : 50.2%, while the academic year(freshman : sophomore : junior : senior) ratio is 31.1% : 26.2% : 17.9% : 24.8%, and college major(Science and Engineering, Liberal Arts and Social Sciences, Music and Fine Arts) ratio is 24.7% : 7.1% : 67.2. The respondents of Music and Fine Arts College are 42 students, which is over 30 samples of statistical minimum tolerance.
- 3.2. Hypotheses
3.2.1 Hypotheses for gender difference in smartphone security: We developed the following hypotheses to investigate gender difference.
H1-1: There is gender difference in having an interest in smartphone security.
H1-2: There is gender difference in awareness of the necessity for security applications.
H1-3: There is gender difference in awareness of SMS Phishing.
H1-4: There is gender difference in storing account number, password in a smartphone.
H1-5: There is gender difference in storing accredited certificate in a smartphone.
H1-6: There is gender difference in storing IDs and passwords of websites in a smartphone.
H1-7: There is gender difference in storing resident registration numbers in a smartphone.
H1-8: There is gender difference in clicking hyperlinks in unknown SMS messages.
H1-9: There is gender difference in number of security apps in smartphone.
H1-10: There is gender difference in frequency of implementation of security applications.
H1-11: There is gender difference in experience of security damage in smartphone use.
H1-12: There is gender difference in experience of SMS Phishing through a smartphone.
3.2.2 Hypotheses for academic year difference in smartphone security: We developed the following hypotheses to investigate academic year difference.
H2-1: There is academic year difference in having an interest in smartphone security.
H2-2: There is academic year difference in awareness of the necessity for security applications.
H2-3: There is academic year difference in awareness of SMS Phishing.
H2-4: There is academic year difference in storing account number, password in a smartphone.
H2-5: There is academic year difference in storing accredited certificate in a smartphone.
H2-6: There is academic year difference in storing IDs and passwords of websites in a smartphone.
H2-7: There is academic year difference in storing resident registration numbers in a smartphone.
H2-8: There is academic year difference in clicking hyperlinks in unknown SMS messages.
H2-9: There is academic year difference in number of security apps in smartphone.
H2-10: There is academic year difference in frequency of implementation of security applications.
H2-11: There is academic year difference in experience of security damage in smartphone use.
H2-12: There is academic year difference in experience of SMS Phishing through a smartphone.
3.2.3 Hypotheses for college major difference in smartphone security: We developed the following hypotheses to investigate college major difference.
H3-1: There is college major difference in having an interest in smartphone security.
H3-2: There is college major difference in awareness of the necessity for security applications.
H3-3: There is college major difference in awareness of SMS Phishing.
H3-4: There is college major difference in storing account number, password in a smartphone.
H3-5: There is college major difference in storing accredited certificate in a smartphone.
H3-6: There is college major difference in storing IDs and passwords of websites in a smartphone.
H3-7: There is college major difference in storing resident registration numbers in a smartphone.
H3-8: There is college major difference in clicking hyperlinks in unknown SMS messages.
H3-9: There is college major difference in number of security apps in smartphone.
H3-10: There is college major difference in frequency of implementation of security applications.
H3-11: There is college major difference in experience of security damage in smartphone use.
H3-12: There is college major difference in experience of SMS Phishing through a smartphone.
3.2.4 Hypotheses for items affecting security damage in smartphones: We developed the following hypotheses to investigate the impact that the security awareness items and security activities had on the experience of security damage.
H4-1: Having an interest in smartphone security has impact on experience of security damage in smartphone use.
H4-2: Awareness of the necessity for security applications has impact on experience of security damage in smartphone use.
H4-3: Awareness of SMS Phishing has impact on experience of security damage in smartphone use.
H4-4: Storing account number, password in a smartphone has impact on experience of security damage in smartphone use.
H4-5: Storing accredited certificate in a smartphone has impact on experience of security damage in smartphone use.
H4-6: Storing IDs and passwords of websites in a smartphone has impact on experience of security damage in smartphone use.
H4-7: Storing resident registration numbers in a smartphone has impact on experience of security damage in smartphone use.
H4-8: Clicking hyperlinks in unknown SMS messages has impact on experience of security damage in smartphone use.
H4-9: Number of security apps in smartphone has impact on experience of security damage in smartphone use.
H4-10: Frequency of implementation of security applications has impact on experience of security damage in smartphone use.
4. STUDY RESULTS
We analyzed descriptive statistics using SPSS 20. To verify the statistical significance of the demographic differences, t-test, ANOVA test, or X 2 (Chi Square) test were used depending on the circumstances. To test the impact of security awareness items and security activities on experience of security damage, we applied Logistic Regression Analysis.
- 4.1 Analysis of Differences Based on Gender
We verified the statistical difference based on gender by using t-test for the security awareness items such as H1-1: having an interest in smartphone security, H1-2: awareness of the necessity for security applications and H1-3: awareness of SMS Phishing which were two groups(male vs. female) and 5-point Likert scale comparisons.
4.1.1 Test results: We found from Table 2 that male had higher response in having an interest in smartphone security and in awareness of SMS Phishing. But, female had higher response in necessity of security application. We found from the t-test that the asymptotic significances (2-sided) of H1-1: having an interest in smartphone security and H1-3: awareness of SMS Phishing are much less than .05, which means there are statistically significant differences between male and female at a 95 percent accuracy level.
T-test results: Difference in security awareness between male and female
PPT Slide
Lager Image
T-test results: Difference in security awareness between male and female
We verified the statistical difference based on gender by using chi-square test for security activities items such as H1-4: storing of account number, password in a smartphone, H1-5: storing of accredited certificate in a smartphone, H1-6: storing of IDs and passwords of websites in a smartphone, H1-7: storing of resident registration numbers in a smartphone, H1-8: clicking hyperlinks in unknown SMS messages, H3-9: number of security apps in smartphone and H3-10: frequency of implementation of security applications which were two groups(male vs. female) and nominal responses comparisons.
As we can see from Table 3 , differences between male and female were not verified in H1-4: storing of account number, password in a smartphone, H1-5: storing of accredited certificate in a smartphone, H1-7: storing of resident registration numbers in a smartphone and H1-8: clicking hyperlinks in unknown SMS messages. However, there were significant differences at a 95 percent accuracy level in H1-6: storing of IDs and passwords of websites in a smartphone due to the twice many positive responses(191:106) of female as shown in Table 4 , and in H1-9: number of security apps in smartphone due to the relatively positive responses of male, and in H1-10: frequency of implementation of security applications due to the much larger positive responses of male as shown in Table 4 .
Chi-Square test results: Difference in security activities between male and female
PPT Slide
Lager Image
Chi-Square test results: Difference in security activities between male and female
Frequency: Difference in security activities between male and female
PPT Slide
Lager Image
Frequency: Difference in security activities between male and female
We verified the statistical difference based on gender by using chi-square test for security damage items such as H1-11: experience of security damage in smartphone use and H1-12: experience of SMS Phishing through a smartphone, which were two groups(male vs. female) and nominal responses comparisons.
As we can see from Table 5 , differences between male and female were not verified statistically in H1-11: experience of security damage in smartphone use and H1-12: experience of SMS Phishing through a smartphone. However, we can find from Table 6 that females experienced security damage and SMS Phishing relatively more than males.
Chi-Square test results: Difference in security damage experiences between male and female
PPT Slide
Lager Image
Chi-Square test results: Difference in security damage experiences between male and female
Frequency: Difference in security damage experiences between male and female
PPT Slide
Lager Image
Frequency: Difference in security damage experiences between male and female
4.1.2 Discussion: Even though males’ having an interest in smartphone security and awareness of SMS Phishing were found to be significantly higher than females, females’ awareness of the necessity of security apps was found to be as high as 4.01 out of 5.00, which was higher than that of males. Females less frequently click unknown hyperlinks; they also have more security applications than males and implement them more often than males. This finding implies that females are more cautious than males. However, females store private information, and they experience security damage and SMS Phishing more often than males. Females are vulnerable to security damage. We can propose that females are in need of more education that is focused on increasing their security awareness, addressing the problems associated with storing private information, and reducing security fraud.
- 4.2 Analysis of Differences Based on Academic year
We verified the statistical difference based on academic year by using ANOVA test for H2-1: having an interest in smartphone security, H2-2: awareness of the necessity for security applications and H2-3: awareness of SMS Phishing which were more than three groups(freshman vs. sophomore vs. junior vs. senior+) and 5-point Likert scale comparisons.
- 4.2.1 Test results:
As we can see from Table 7 , the asymptotic significances (2-sided) of H2-1: having an interest in smartphone security and H2-2: awareness of the necessity of security apps were much less than .05, which meant there were statistically significant difference among academic year at a 95 percent accuracy level. As for the H2-1: having an interest in smartphone security, interests of freshman and junior were relatively low. Also, as for the H2-2: awareness of the necessity of security apps, freshman had low awareness. As for the H2-3: awareness of SMS Phishing, freshman had relatively low awareness, but the difference was not statistically significant.
ANOVA-test results: Difference in security awareness among academic year
PPT Slide
Lager Image
ANOVA-test results: Difference in security awareness among academic year
We verified the statistical difference based on academic year by using chi-square test for H2-4: storing of account number, password in a smartphone, H2-5: storing of accredited certificate in a smartphone, H2-6: storing of IDs and passwords of websites in a smartphone, H2-7: storing of resident registration numbers in a smartphone, H2-8: clicking hyperlinks in unknown SMS messages, H2-9: number of security apps in smartphone and H2-10: frequency of implementation of security applications which were more than three groups and nominal responses comparisons.
As we can see from Table 8 , differences among academic year were not verified in H2-4: storing of account number, password in a smartphone, H2-7: storing of resident registration numbers in a smartphone, H2-9: number of security apps in smartphone and in H2-10: frequency of implementation of security applications. However, there were significant differences at a 95 percent accuracy level in H2-5: storing of accredited certificate in a smartphone due to the low positive response(33%) of freshman and high positive response(64%) of senior, in H2-6: storing of IDs and passwords of websites in a smartphone due to the extremely high negative response of sophomore, and H2-8: clicking hyperlinks in unknown SMS messages due to the much high positive responses of freshman as shown in Table 9 .
Chi-Square test results: Difference in security activities among academic year
PPT Slide
Lager Image
Chi-Square test results: Difference in security activities among academic year
Frequency: Difference in security activities among academic year
PPT Slide
Lager Image
Frequency: Difference in security activities among academic year
We verified the statistical difference based on academic year by using chi-square test for H2-11: experience of security damage in smartphone use and H2-12: experience of SMS Phishing through a smartphone, which were more than three groups and nominal responses comparisons.
Frequency: Difference in security damage experiences among academic year
PPT Slide
Lager Image
Frequency: Difference in security damage experiences among academic year
As we can see from Table 11 , differences among academic year were not verified statistically in H2-11: experience of security damage in smartphone use and H2-12: experience of SMS Phishing through a smartphone. However, we found that seniors experience security damage relatively more.
Chi-Square test results: Difference in security damage experiences among academic year
PPT Slide
Lager Image
Chi-Square test results: Difference in security damage experiences among academic year
4.2.2 Discussion: We found that the security awareness of the freshmen was lower than it was for the students in the other grade levels. The freshmen’s awareness of SMS Phishing was low; it received only 2.96 out of a total of 5 points in the security awareness question measurement. However, the interests in security increased for sophomores. The storing of private information was found to increase with age. It can be inferred that this is due to the fact that the number of mobile transactions also increased with age. From the extremely high negative response of the sophomores for storing of IDs and passwords for websites in a smartphone, it can be inferred that security alerts become very high for those students, but it decreases as the students become older. The experiences of security damage and SMS Phishing increase with age, too. We can propose that timely education for security concepts is required for freshmen, and education for security observance is required for senior students.
- 4.3 Analysis of Differences Based on College major
For the college major variable, we used three common classifications: Natural Sciences and Engineering, Liberal Arts and Social Sciences, and Music and Fine Arts.
We verified the statistical difference based on college major by using ANOVA test for H3-1: having an interest in smartphone security, H3-2: awareness of the necessity for security applications and H3-3: awareness of SMS Phishing which were more than three groups(Science and Engineering vs. Liberal Arts and Social Sciences vs. Music and Fine Arts) and 5-point Likert scale comparisons.
- 4.3.1 Test results:
ANOVA-test results: Difference in security awareness among college majors
PPT Slide
Lager Image
ANOVA-test results: Difference in security awareness among college majors
We found from the ANOVA test that the asymptotic significances (2-sided) of H3-1: having an interest in smartphone security, H3-2: awareness of the necessity of security apps and H2-3: awareness of SMS Phishing were not statistically verified.
We verified the statistical difference based on college major by using chi-square test for H3-4: storing of account number, password in a smartphone, H3-5: storing of accredited certificate in a smartphone, H3-6: storing of IDs and passwords of websites in a smartphone, H3-7: storing of resident registration numbers in a smartphone, H3-8: clicking hyperlinks in unknown SMS messages, H3-9: number of security apps in smartphone and H3-10: frequency of implementation of security applications which were more than three groups and nominal responses comparisons.
As we can see from Table 14 , the differences among these three majors were verified at a 95% accuracy level in H3-8: clicking hyperlinks in unknown SMS messages. As we can see from Table 13 , the negative responses of the students with Science and Engineering majors and of the students with Liberal Arts and Social Sciences majors were 16% and 19%, respectively, while those of the students with Music and Fine Arts majors was as high as 33%. A significant difference was found in H3-9: the number of security apps in a smartphone. Only 13% of the Science and Engineering students answered “None” to this question compared to 21% of the Music and Fine Arts students. However, no significant difference was found among the students in the three majors for the other items, such as storing private information in a smartphone and frequency of implementation of security applications.
Frequency: Difference in security activities among college major
PPT Slide
Lager Image
Frequency: Difference in security activities among college major
Chi-Square test results: Difference in security activities among college major
PPT Slide
Lager Image
Chi-Square test results: Difference in security activities among college major
We verified the statistical difference based on college major by using chi-square test for H3-11: experience of security damage in smartphone use and H3-12: experience of SMS Phishing through a smartphone, which were more than three groups and nominal responses comparisons.
Frequency: Difference in security damage experiences among college major
PPT Slide
Lager Image
Frequency: Difference in security damage experiences among college major
As we can see from Table 16 , differences among college major were not verified statistically in H3-11: experience of security damage in smartphone use and H3-12: experience of SMS Phishing through a smartphone.
Chi-Square test results: Difference in security damage experiences among college major
PPT Slide
Lager Image
Chi-Square test results: Difference in security damage experiences among college major
4.3.2 Discussion: Even though, the statistical significance of the differences in security awareness among the students in the three college majors was not verified, we found that students with a Natural Science and Engineering major had the highest interest in the necessity for security and the highest awareness of SMS Phishing. Students with a Music and Fine Arts major were found to have the lowest security interest and the lowest awareness of SMS Phishing. Moreover, while the Music and Fine Arts students’ awareness of the necessity for security applications was as high as the Natural Science and Engineering students, the Music and Fine Arts students stored private information in a smartphone, clicked unknown hyperlinks, had fewer security applications, and experienced more security damages than the students with the other college majors. Students with a Natural Science and Engineering major were found to have the highest number of security activities and their proportion for experiencing security damages was the lowest. Therefore, we can propose that more opportunities for security-related education are needed for students whose college major is Music and Fine Arts.
- 4.4 Analysis of the Impact on the Experience of Security Damage in Smartphone Use
We adopted Logistic Regression Analysis, which can be used when the dependent variable is a yes/no choice in order to test whether the items of security awareness and activities have an impact on the experience of security damage in smartphone use.
4.4.1 Test results: As we can see from Table 17 , significance probability is far less than .05, which means this model is appropriate.
Entire model factor test
PPT Slide
Lager Image
Entire model factor test
The Hosmer-Lemeshow test shows the model’s goodness of fit. When the probability is near to 1.00, it means that the model’s fitness is good. In this study, the model’s .861 probability is good enough to demonstrate its fitness.
The Hosmer-Lemeshow goodness-of-fit test
PPT Slide
Lager Image
The Hosmer-Lemeshow goodness-of-fit test
The Wals(Wald) of Table 19 is similar to t-value. Four security-related activities such as storing resident registration numbers in a smartphone, clicking hyperlinks in unknown SMS messages, number of security apps in a smartphone, frequency of implementation of security apps show probabilities less than .05, which means that those four activities have an impact on the experience of security damage in smartphone use. The Exp(B) 5.760 of storing resident registration numbers in a smartphone means a 5.760-fold increase in the damage experience possibility when resident registration numbers are stored in a smartphone,.
Variables included in equation
PPT Slide
Lager Image
Variables included in equation
4.4.2 Discussion: We found that the security awareness items did not have an impact on the experience of security damage for smartphone users. However, we found that people should take care not to store their resident registration numbers in a smartphone and doing so posed a security threat mostly. In addition, clicking hyperlinks in unknown SMS messages can increase the probability of experiencing security damage. When the number of security apps in smartphone is less and when the frequency of implementation of security apps is less often, the possibility of experiencing security damage can be increased. These findings should be widely known to arouse attention to the security damage.
5. CONCLUSION
We surveyed students at a four-year university to verify the differences among security awareness, security-related activities, and security damage experiences using a smartphone based on gender, academic year, and college major using survey data obtained from 592 participants.
We found that there is no difference in the awareness of the necessity for security apps between males and females, but the males’ interests in smartphone security and awareness of SMS Phishing are higher than the females. Significant differences between males and females were found with regard to storing IDs and passwords of websites in a smartphone; females had twice as many positive responses as males to this security activity. Significant differences between males and females were also found with regard to the number of security apps in a smartphone; males had relatively more positive responses to this than females. Significant differences between males and females were found with regard to the frequency of implementation of security applications; males had a much larger positive response than females. It was statistically verified that the security-related actions of males are more protective than those of females. Therefore, we found that security awareness programs are more necessary for females. In regard to the experiences of security damages, the differences between males and females were not verified statistically.
We found that freshmen and juniors demonstrated relatively little interest in smartphone security. The freshmen were less aware of the necessity for security apps. On the whole, the study’s findings show that the security awareness of the freshmen was lacking. Significant differences were found for storing accredited certificates in a smartphone due to the low positive response (33%) of the freshmen and the high positive response (64%) of the seniors, which can be inferred as being the result of the fact that the number of mobile transactions increases with age. From the extremely high negative response of the sophomores for storing of IDs and passwords of websites in a smartphone, it can be inferred that security alert is a factor that is very high for sophomores, but it decreases as they grew older. The fact that clicking hyperlinks in unknown SMS messages elicited much larger positive responses of freshmen shows that timely education and enlightenment are needed about the security risks associated with those activities.
No significant difference in security awareness and experience of security damage was found among the students in the three different college major groups. In addition, no significant difference was found in the students’ responses to storing private information in a smartphone and frequency of implementation of security applications. However, differences among the college majors were verified in clicking hyperlinks in unknown SMS messages and in the number of security apps in a smartphone. The Science and Engineering students demonstrated the most awareness of these security-related activities while the Music and Fine Arts students were the least aware.
We anticipate that this research can provide practical information for ascertaining the status of the security awareness and security-related activities of university students based on demographic variables. This feedback can be used to find appropriate strategies for developing an effective security policy. The verified fact that females are cautious, but store private information, and are vulnerable to security damage can be used to develop female-oriented security check applications or to conduct further research on security alert methodology related to females and smartphone use. This study’s results can also be utilized in a security concepts education program for freshmen and a security observance program for seniors as well as security programs for all students with a Music and Fine Arts college major.
Furthermore, a complementary study can be conducted by researching comparative analyses of the general public based on gender, occupation, age, residential area, etc., and the findings could contribute to the development and implementation of an effective security policy.
Acknowledgements
This study was financially supported by the research year fund of Mokwon University in 2013.
BIO
Sang Zo Nam
He received a B.A. in Business Administration from Sogang University, Korea, a M.B.A. from State University of New York at Buffalo, U.S.A. in 1982, and 1988, respectively, and also received a Ph.D. in management information systems from KAIST, Korea in 1996. Since then, he has been with the Department of Service Management, Mokwon University. His main research interests include MIS, e-business, e-learning, and mobile applications.
References
Nam S. Z. 2013 “Evaluation of University Students' Utilization of Smartphone,” International Journal of Smart Home 7 (4) 175 - 182
Hwang K. H. , Yoo Y. S. , Cho O. H. 2012 “Smartphone Overuse and Upper Extremity Pain, Anxiety, Depression, and Interpersonal Relationships among College Students,” The Journal of the Korea Contents Association 12 (10) 365 - 375    DOI : 10.5392/JKCA.2012.12.10.365
Lee J. M. , Park J. H. 2013 “Effect of Smart-phone Use on Performance,” The Journal of the Korea Contents Association 13 (2) 451 - 459    DOI : 10.5392/JKCA.2013.13.02.451
Seo B. K. 2014 “Adult Internet Addiction and Smartphone Use Characteristics,” The Journal of the Korea Contents Association 14 (1) 305 - 317    DOI : 10.5392/JKCA.2014.14.01.305
Jeon C. , Cho Y. , Hong J. “Detecting Collaborative Privacy Information Leaks on Android Applications,” Proc. Korea Computer Congress 2012 2012 vol. 39, no. 1 92 - 94
http://teamcrak.tistory.com/270
http://www.zdnet.com/blog/security/pwn2own-2010-iphone-hacked-sms-database-hijacked/5836
McAfee, Inc. 2015 Threat Statistics, McAfee Labs Threats Report 35 - 40
Kim S. K. 2011 “Show Interest in Smartphone Security,” KLID Local Information Magazine 71 12 - 15
Jang S. K. 2010 “Security Threats in Smartphone,” Korea Information Processing Society Review 17 (2) 64 - 69
Na W. , Lee Y. H. , Jee S. J. 2010 “Security Issue and Confrontational Strategy,” IT & SOCIETY 26 1 - 28
Lee Y. H. , Kwon H. S. , Kim S. J. 2010 “A Proposal for Security Enforcement of Smartphone and Mobile Office,” IT & SOCIETY 26 29 - 34
Lee Y. S. 2011 “Security Threat and Response,” Journal of KOSHAM 11 (3) 52 - 58
Lee H. C. , Jung J. H. , Kim S. H. , Lee J. H. 2010 “Security Technology Trend,” Korea Information Processing Society Review 17 (3) 61 - 72    DOI : 10.3743/KOSIM.2010.27.2.061
Park I. H. , Lee E. D. , Seo S. W. “Analysis of Security Awareness Survey for Improvement of Research Information Security,” Proc. KASBA Annual Conference 2009 2009 1 - 7
Park I. H. , Kim S. W. , Seo S. W. 2010 “Improving Research Information Security in Academic Institutes through the Analysis of Security Awareness and Activities,” Journal of Korea Institute of Information Security and Cryptology 20 (2) 91 - 108
Kim J. , Kang D. 2008 “The Effects of Security Policies, Security Awareness and Individual Characteristics on Password Security Effectiveness,” Journal of Korea Institute of Information Security and Cryptology 18 (4) 123 - 133
Ha S. W. , Kim H. J. 2013 “The Effects of User’s Security Awareness on Password Security Behavior,” Journal of Digital Contents Society 14 (2) 179 - 189    DOI : 10.9728/dcs.2013.14.2.179