2019
DOI: 10.3390/e21121136
|View full text |Cite
|
Sign up to set email alerts
|

A Framework to Secure the Development and Auditing of SSL Pinning in Mobile Applications: The Case of Android Devices

Abstract: The use of mobile devices has undergone rapid growth in recent years. However, on some occasions, security has been neglected when developing applications. SSL/TLS has been used for years to secure communications although it is not a vulnerability-free protocol. One of the most common vulnerabilities is SSL pinning bypassing. This paper first describes some security controls to help protect against SSL pinning bypassing. Subsequently, some existing methods for bypassing are presented and two new methods are de… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

0
1
0

Year Published

2020
2020
2023
2023

Publication Types

Select...
4
2

Relationship

0
6

Authors

Journals

citations
Cited by 8 publications
(1 citation statement)
references
References 17 publications
0
1
0
Order By: Relevance
“…The IoT ecosystem is still not entirely trustworthy because it faces many challenges due to the characteristics of cyberspace, where threats from organized intelligence and criminal groups are far more challenging to defeat than individual hacktivists [2]. Therefore, the fast growth of biometrics in cyber-society, without some extra layers of security, may pose some big problems, especially for medium and small healthcare organizations [3]. The reason small and medium healthcare organizations are more vulnerable is because their customers and patients are more focused on their health issues than systems' security.…”
mentioning
confidence: 99%
“…The IoT ecosystem is still not entirely trustworthy because it faces many challenges due to the characteristics of cyberspace, where threats from organized intelligence and criminal groups are far more challenging to defeat than individual hacktivists [2]. Therefore, the fast growth of biometrics in cyber-society, without some extra layers of security, may pose some big problems, especially for medium and small healthcare organizations [3]. The reason small and medium healthcare organizations are more vulnerable is because their customers and patients are more focused on their health issues than systems' security.…”
mentioning
confidence: 99%