Honey, I Shrunk Your App Security: The State of Android App Hardening

Beitrag bei einer Tagung
(Konferenzbeitrag)


Details zur Publikation

Autorinnen und Autoren: Haupert V, Maier D, Schneider N, Kirsch J, Müller T
Herausgeber: Giuffrida Cristiano, Bardin Sébastien, Blanc Gregory
Titel Sammelwerk: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Verlag: Springer International Publishing
Verlagsort: Cham, Switzerland
Jahr der Veröffentlichung: 2018
Titel der Reihe: Lecture Notes in Computer Science
Band: LNCS
Heftnummer: 10885
Tagungsband: Detection of Intrusions and Malware, and Vulnerability Assessment
Seitenbereich: 69-91
ISBN: 9783319934105
ISSN: 0302-9743
Sprache: Englisch


Abstract

The continued popularity of smartphones has led companies from all business sectors to use them for security-sensitive tasks like two-factor authentication. Android, however, suffers from a fragmented landscape of devices and versions, which leaves many devices unpatched by their manufacturers. This security gap has created a vital market of commercial solutions for Runtime Application Self-Protection (RASP) to harden apps and ensure their integrity even on compromised devices. In this paper, we assess the RASP market for Android by providing an overview of the available products and their features. Furthermore, we describe an in-depth case study for a leading RASP product—namely Promon Shield—which is being used by approximately 100 companies to protect over 100 million end users worldwide. We demonstrate two attacks against Promon Shield: The first removes the entire protection scheme statically from an app, while the second disables all security measures dynamically at runtime.


FAU-Autorinnen und Autoren / FAU-Herausgeberinnen und Herausgeber

Haupert, Vincent
Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)
Müller, Tilo Dr.-Ing.
Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)


Einrichtungen weiterer Autorinnen und Autoren

Technische Universität Berlin
Technische Universität München (TUM)


Zitierweisen

APA:
Haupert, V., Maier, D., Schneider, N., Kirsch, J., & Müller, T. (2018). Honey, I Shrunk Your App Security: The State of Android App Hardening. In Giuffrida Cristiano, Bardin Sébastien, Blanc Gregory (Eds.), Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 69-91). Paris, FR: Cham, Switzerland: Springer International Publishing.

MLA:
Haupert, Vincent, et al. "Honey, I Shrunk Your App Security: The State of Android App Hardening." Proceedings of the DIMVA 2018, Paris Ed. Giuffrida Cristiano, Bardin Sébastien, Blanc Gregory, Cham, Switzerland: Springer International Publishing, 2018. 69-91.

BibTeX: 

Zuletzt aktualisiert 2019-09-01 um 05:10