D. Buhov, Markus Huber, Georg Merzdovnik, E. Weippl, V. Dimitrova
{"title":"Android应用中的网络安全挑战","authors":"D. Buhov, Markus Huber, Georg Merzdovnik, E. Weippl, V. Dimitrova","doi":"10.1109/ARES.2015.59","DOIUrl":null,"url":null,"abstract":"The digital world is in constant battle for improvement - especially in the security field. Taking into consideration the revelations from Edward Snowden about the mass surveillance programs conducted by governmental authorities, the number of users that raised awareness towards security is constantly increasing. More and more users agree that additional steps must be taken to ensure the fact that communication will remain private as intended in the first place. Taking in consideration the ongoing transition in the digital world, there are already more mobile phones than people on this planet. According to recent statistics there are around 7 billion active cell phones by 2014 out of which nearly 2 billion are smartphones. The use of smartphones by itself could open a great security hole. The most common problem when it comes to Android applications is the common misuse of the HTTPS protocol. Having this in mind, this paper addresses the current issues when it comes to misuse of the HTTPS protocol and proposes possible solutions to overcome this common problem. In this paper we evaluate the SSL implementation in a recent set of Android applications and present some of the most common missuses. The goal of this paper is to raise awareness to current and new developers to actually consider security as one of their main goals during the development life cycle of applications.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":"{\"title\":\"Network Security Challenges in Android Applications\",\"authors\":\"D. Buhov, Markus Huber, Georg Merzdovnik, E. Weippl, V. Dimitrova\",\"doi\":\"10.1109/ARES.2015.59\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The digital world is in constant battle for improvement - especially in the security field. Taking into consideration the revelations from Edward Snowden about the mass surveillance programs conducted by governmental authorities, the number of users that raised awareness towards security is constantly increasing. More and more users agree that additional steps must be taken to ensure the fact that communication will remain private as intended in the first place. Taking in consideration the ongoing transition in the digital world, there are already more mobile phones than people on this planet. According to recent statistics there are around 7 billion active cell phones by 2014 out of which nearly 2 billion are smartphones. The use of smartphones by itself could open a great security hole. The most common problem when it comes to Android applications is the common misuse of the HTTPS protocol. Having this in mind, this paper addresses the current issues when it comes to misuse of the HTTPS protocol and proposes possible solutions to overcome this common problem. In this paper we evaluate the SSL implementation in a recent set of Android applications and present some of the most common missuses. The goal of this paper is to raise awareness to current and new developers to actually consider security as one of their main goals during the development life cycle of applications.\",\"PeriodicalId\":331539,\"journal\":{\"name\":\"2015 10th International Conference on Availability, Reliability and Security\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-08-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"14\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 10th International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2015.59\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 10th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2015.59","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Network Security Challenges in Android Applications
The digital world is in constant battle for improvement - especially in the security field. Taking into consideration the revelations from Edward Snowden about the mass surveillance programs conducted by governmental authorities, the number of users that raised awareness towards security is constantly increasing. More and more users agree that additional steps must be taken to ensure the fact that communication will remain private as intended in the first place. Taking in consideration the ongoing transition in the digital world, there are already more mobile phones than people on this planet. According to recent statistics there are around 7 billion active cell phones by 2014 out of which nearly 2 billion are smartphones. The use of smartphones by itself could open a great security hole. The most common problem when it comes to Android applications is the common misuse of the HTTPS protocol. Having this in mind, this paper addresses the current issues when it comes to misuse of the HTTPS protocol and proposes possible solutions to overcome this common problem. In this paper we evaluate the SSL implementation in a recent set of Android applications and present some of the most common missuses. The goal of this paper is to raise awareness to current and new developers to actually consider security as one of their main goals during the development life cycle of applications.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
