Mostrar el registro sencillo del ítem

dc.contributor.authorPradeep, Amogh
dc.contributor.authorParacha, Muhammad Talha
dc.contributor.authorBhowmick, Protick
dc.contributor.authorDavanian, Ali
dc.contributor.authorAbbas, Razaghpanah
dc.contributor.authorChung, Taejoong
dc.contributor.authorLindorfer, Martina
dc.contributor.authorVallina-Rodriguez, Narseo 
dc.contributor.authorLevin, Dave
dc.contributor.authorChoffnes, David
dc.date.accessioned2022-10-07T09:29:55Z
dc.date.available2022-10-07T09:29:55Z
dc.date.issued2022-10
dc.identifier.urihttps://hdl.handle.net/20.500.12761/1623
dc.description.abstractTLS certificate pinning is a security mechanism used by applications (apps) to protect their network traffic against malicious certificate authorities (CAs), in-path monitoring, and other TLS tampering. Pinning can provide enhanced security to defend against malicious third-party access to sensitive data in transit (e.g.,to protect sensitive banking and health care information), but can also hide an app’s personal data collection from users and auditors. Prior studies found pinning was rarely used in the Android ecosystem; however, little is known about recent pinning usage on iOS and across mobile platforms. In this paper, we thoroughly investigate the use of certificate pinning on Android and iOS. We collect 5,079 unique apps from the two official app stores: 575 common apps, 1,000 popular apps each, and 1,000 randomly selected apps each. We develop novel, cross-platform, static and dynamic analysis techniques to detect certificate pinning, not only based on static configurations, but also its run-time use. We find certificate pinning as much as 4 times more widely adopted than reported in prior studies. More specifically, we find that at least 0.9% to 8% of Android apps and 2.5% to 11% of iOS apps use certificate pinning (depending on the above groups of apps). We then investigate which categories of apps most frequently use pinning (apps in the “finance” category), which destinations are typically pinned (first-party destinations vs those used by third-party libraries), which certificates are pinned and how they are pinned (CA vs leaf certificates), and the connection security for pinned connections vs unpinned ones (e.g., the use of weak ciphers or improper certificate validation). Last, we investigate how many pinned connections are amenable to binary instrumentation for revealing the contents of their connections, and for those that are, we analyze the data sent in pinned connections to understand what is protected by pinning.es
dc.language.isoenges
dc.titleA Comparative Analysis of Certificate Pinning in Android & iOSes
dc.typeconference objectes
dc.conference.date25-27 October 2022es
dc.conference.placeNice, Francees
dc.conference.titleInternet Measurement Conference *
dc.event.typeconferencees
dc.pres.typepaperes
dc.type.hasVersionAMes
dc.rights.accessRightsopen accesses
dc.acronymIMC*
dc.rankA*
dc.relation.projectNameTrustawarees
dc.relation.projectNameOdioes
dc.relation.projectNameRamon y Cajal (Narseo Vallina-Rodriguez)es
dc.subject.keywordCertificate Pinning, App Pinning, Transport Layer Security, TLS, Network Security, Measurement Techniqueses
dc.description.refereedTRUEes
dc.description.statuspubes


Ficheros en el ítem

Este ítem aparece en la(s) siguiente(s) colección(ones)

Mostrar el registro sencillo del ítem