SafetyNOT

Ibrahim, Muhammad bin; Imran, Abdullah Al; Bianchi, Antonio

doi:10.1145/3458864.3466627

Cited by 15 publications

(2 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is worth noticing that, contrary to other SafetyNet services, the Attestation API requires an app to have a registered and valid API key on its Google website; however, this malicious sample demonstrates that the attackers can abuse "benign" security mechanisms. Moreover, our data confirms the findings of Ibrahim et al [53], showing that legitimate apps do not properly use SafetyNet services that would significantly improve their security posture.…”

Section: Prevalencesupporting

confidence: 83%

Unmasking the Veiled: A Comprehensive Analysis of Android Evasive Malware

Ruggia,

Nisi,

Dambra

et al. 2024

Proceedings of the 19th ACM Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

Section: Prevalencesupporting

confidence: 83%

Unmasking the Veiled: A Comprehensive Analysis of Android Evasive Malware

Ruggia,

Nisi,

Dambra

et al. 2024

Proceedings of the 19th ACM Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

“…SafetyNot [36] has shown the usage of regular expressions for fingerprinting Android APIs. We use a similar approach to fingerprint the SDKs and formulate regular expressions for each SDK.…”

Section: 32mentioning

confidence: 99%

AoT - Attack on Things: A security analysis of IoT firmware updates

Ibrahim,

Continella,

Bianchi

2023

2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P)

View full text Add to dashboard Cite

IoT devices implement firmware update mechanisms to fix security issues and deploy new features. These mechanisms are often triggered and mediated by mobile companion apps running on the users' smartphones. While it is crucial to update devices, these mechanisms may cause critical security flaws if they are not implemented correctly. Given their relevance, in this paper, we perform a systematic security analysis of the firmware update mechanisms adopted by IoT devices via their companion apps. First, we define a threat model for IoT firmware updates, and we categorize the different potential security issues affecting them. Then, we analyze 23 popular IoT devices (and corresponding companion apps) to identify vulnerable devices and the SDKs that such devices use to implement the update functionality. Our analysis reveals that 6 popular SDKs present dangerous security flaws. Additionally, we fingerprint each vulnerable SDK and we leverage our fingerprints to perform a largescale analysis of companion apps from the Google Play Store. Our results show that 61 popular devices and 1,356 apps rely on vulnerable SDKs, thus, they potentially adopt an insecure firmware update mechanism.

show abstract