A Case Study of Mobile Health Applications: The OWASP Risk of Insufficient Cryptography

Mobile devices are being deployed rapidly for both private and professional reasons. One area of that has been growing is in releasing healthcare applications into the mobile marketplaces for health management. These applications help individuals track their own biorhythms and contain sensitive information. This case study examines the source code of mobile applications released to GitHub for the Risk of Insufficient Cryptography in the Top Ten Mobile Open Web Application Security Project risks. We first develop and justify a mobile OWASP Cryptographic knowledgegraph for detecting security weaknesses specific to mobile applications which can be extended to other domains involving cryptography. We then analyze the source code of 203 open source healthcare mobile applications and report on their usage of cryptography in the applications. Our findings show that none of the open source healthcare applications correctly applied cryptography in all elements of their applications. As humans adopt healthcare applications for managing their health routines, it is essential that they consider the privacy and security risks they are accepting when sharing their data. Furthermore, many open source applications and developers have certain environmental parameters which do not mandate adherence to regulations. In addition to creating new free tools for security risk identifications during software development such as standalone or compiler-embedded, the article suggests awareness and training modules for developers prior to marketplace software release

Evaluation of Cryptography Usage in Android Applications

Mobile application developers are using cryptography in their products to protect sensitive data like passwords, short messages, documents etc. In this paper, we study whether cryptography and related techniques are employed in a proper way, in order to protect these private data. To this end, we downloaded 49 Android applications from the Google Play marketplace and performed static and dynamic analysis in an attempt to detect possible cryptographic misuses. The results showed that 87.8 % of the applications present some kind of misuse, while for the rest of them no cryptography usage was detected during the analysis. Finally, we suggest countermeasures, mainly intended for developers, to alleviate the issues identified by the analysis

High-level Cryptographic Abstractions

The interfaces exposed by commonly used cryptographic libraries are clumsy, complicated, and assume an understanding of cryptographic algorithms. The challenge is to design high-level abstractions that require minimum knowledge and effort to use while also allowing maximum control when needed. This paper proposes such high-level abstractions consisting of simple cryptographic primitives and full declarative configuration. These abstractions can be implemented on top of any cryptographic library in any language. We have implemented these abstractions in Python, and used them to write a wide variety of well-known security protocols, including Signal, Kerberos, and TLS. We show that programs using our abstractions are much smaller and easier to write than using low-level libraries, where size of security protocols implemented is reduced by about a third on average. We show our implementation incurs a small overhead, less than 5 microseconds for shared key operations and less than 341 microseconds (< 1%) for public key operations. We also show our abstractions are safe against main types of cryptographic misuse reported in the literature

Improving Android app security and privacy with developers

Existing research has uncovered many security vulnerabilities in Android applications (apps) caused by inexperienced, and unmotivated developers. Especially, the lack of tool support makes it hard for developers to avoid common security and privacy problems in Android apps. As a result, this leads to apps with security vulnerability that exposes end users to a multitude of attacks. This thesis presents a line of work that studies and supports Android developers in writing more secure code. We first studied to which extent tool support can help developers in creating more secure applications. To this end, we developed and evaluated an Android Studio extension that identifies common security problems of Android apps, and provides developers suggestions to more secure alternatives. Subsequently, we focused on the issue of outdated third-party libraries in apps which also is the root cause for a variety of security vulnerabilities. Therefore, we analyzed all popular 3rd party libraries in the Android ecosystem, and provided developers feedback and guidance in the form of tool support in their development environment to fix such security problems. In the second part of this thesis, we empirically studied and measured the impact of user reviews on app security and privacy evolution. Thus, we built a review classifier to identify security and privacy related reviews and performed regression analysis to measure their impact on the evolution of security and privacy in Android apps. Based on our results we proposed several suggestions to improve the security and privacy of Android apps by leveraging user feedbacks to create incentives for developers to improve their apps toward better versions.Die bisherige Forschung zeigt eine Vielzahl von Sicherheitslücken in Android-Applikationen auf, welche sich auf unerfahrene und unmotivierte Entwickler zurückführen lassen. Insbesondere ein Mangel an Unterstützung durch Tools erschwert es den Entwicklern, häufig auftretende Sicherheits- und Datenschutzprobleme in Android Apps zu vermeiden. Als Folge führt dies zu Apps mit Sicherheitsschwachstellen, die Benutzer einer Vielzahl von Angriffen aussetzen. Diese Dissertation präsentiert eine Reihe von Forschungsarbeiten, die Android-Entwickler bei der Entwicklung von sichereren Apps untersucht und unterstützt. In einem ersten Schritt untersuchten wir, inwieweit die Tool-Unterstützung Entwicklern beim Schreiben von sicherem Code helfen kann. Zu diesem Zweck entwickelten und evaluierten wir eine Android Studio-Erweiterung, die gängige Sicherheitsprobleme von Android-Apps identifiziert und Entwicklern Vorschläge für sicherere Alternativen bietet. Daran anknüpfend, konzentrierten wir uns auf das Problem veralteter Bibliotheken von Drittanbietern in Apps, die ebenfalls häufig die Ursache von Sicherheitslücken sein können. Hierzu analysierten wir alle gängigen 3rd-Party-Bibliotheken im Android-Ökosystem und gaben den Entwicklern Feedback und Anleitung in Form von Tool-Unterstützung in ihrer Entwicklungsumgebung, um solche Sicherheitsprobleme zu beheben. Im zweiten Teil dieser Dissertation untersuchten wir empirisch die Auswirkungen von Benutzer-Reviews im Android Appstore auf die Entwicklung der Sicherheit und des Datenschutzes von Apps. Zu diesem Zweck entwickelten wir einen Review-Klassifikator, welcher in der Lage ist sicherheits- und datenschutzbezogene Reviews zu identifizieren. Nachfolgend untersuchten wir den Einfluss solcher Reviews auf die Entwicklung der Sicherheit und des Datenschutzes in Android-Apps mithilfe einer Regressionsanalyse. Basierend auf unseren Ergebnissen präsentieren wir verschiedene Vorschläge zur Verbesserung der Sicherheit und des Datenschutzes von Android-Apps, welche die Reviews der Benutzer zur Schaffung von Anreizen für Entwickler nutzen

Détection des utilisations à risque d’API : approche basée sur le système immunitaire

Les APIs sont des ingrédients essentiels pour développer des systèmes logiciels complexes. Cependant, elles sont difficiles à apprendre et à utiliser. Par conséquent, les développeurs peuvent les utiliser à mauvais escient, ce qui entraîne différents types de problèmes. La mauvaise utilisation d’une interface de programmation peut entraîner des erreurs très difficiles à détecter et qui peuvent se révéler graves. Détecter ces erreurs d’utilisation n’est pas simple. C’est pour cela que nous avons développé une approche basée sur le système immunitaire, un mécanisme qui permet de détecter à la fois des types d’anomalies connus et inconnus. Ici, les cellules de l’organisme seront les bonnes utilisations de l’API et les mauvaises utilisations seront les cellules étrangères de l’organisme. Le système immunitaire a la particularité d’être un système décentralisé qui fonctionne grâce à des détecteurs, les lymphocytes T, qui ont pour rôle de détecter les cellules étrangères. Avec APImmune, nous allons donc générer des détecteurs pour être capables de détecter des utilisations à risque des APIs. Notre approche a été évaluée sur deux ensembles de données et plus particulièrement MUBench. Les résultats montrent que notre approche complète les travaux précédemment réalisés dans ce domaine de recherche. Les détecteurs peuvent être générés à partir de code source, en abstrayant des utilisations possibles des APIs et en générant des formes déviantes de ces utilisations. De plus, pour permettre la détection, le code qui a servi à générer les détecteurs n’a pas besoin d’être révélé. Par ailleurs, les détecteurs peuvent être produits pour différentes versions de l’interface de programmation, ce qui apporte une vraie modularité dans la détection.APIs are essential ingredients for developing complex software systems. However, they are difficult to learn and use. As a result, developers can misuse them, resulting in different types of issues. Misuse of a programming interface can lead to errors that are very difficult to detect and can have consequences. Detecting these misuses is not easy. We have thus developed an approach based on the immune system, a mechanism that allows to detect known and unknown anomaly types. Here the cells of the organism will be the good uses of the API and the bad ones will be the foreign cells of the organism. The immune system has the particularity of being a decentralized system that functions thanks to detectors, T lymphocytes, whose role is to detect foreign cells. With APImmune we will therefore generate detectors that have the ability to detect risky uses of APIs. Our approach was evaluated on two sets of data and more specifically MUBench. The results show that our approach complements previous works in this area of research. In addition, the detectors can be generated from source code by abstracting the API usages and by generating artificial deviations from these usages. Moreover, for the detection purpose, only the artificial detectors are necessary, and the code used to generate them is not disclosed. Finally, the detectors can be produced for different versions of the programming interface, that brings modularity in the detection