APPregator: A Large-Scale Platform for Mobile Security Analysis

Autor: Andrea Romdhana, Davide Caputo, Alessio Merlo, Luca Verderame
Přispěvatelé: Dipartimento di Informatica, Bioingegneria, Robotica e Ingegneria dei Sistemi [Genova] (DIBRIS), Universita degli studi di Genova, Valentina Casola, Alessandra De Benedictis, Massimiliano Rak, TC 6, WG 6.1
Jazyk: angličtina
Rok vydání: 2020
Předmět:
Zdroj: Testing Software and Systems ISBN: 9783030648800
ICTSS
Lecture Notes in Computer Science
32th IFIP International Conference on Testing Software and Systems (ICTSS)
32th IFIP International Conference on Testing Software and Systems (ICTSS), Dec 2020, Naples, Italy. pp.73-88, ⟨10.1007/978-3-030-64881-7_5⟩
DOI: 10.1007/978-3-030-64881-7_5⟩
Popis: Part 2: Security Testing; International audience; The Google Play Store currently includes up to 2.8M apps. Nonetheless, it is rather straightforward for a user to quickly retrieve the app that matches her tastes, as Google provides a reliable search engine. However, it is likewise almost impossible to select apps according to a security footprint (e.g., all apps that enforce SSL pinning). To overcome this limitation, this paper presents APPregator, a platform which allows security analysts to i) download apps from multiple app stores, ii) perform automated security analysis (both static and dynamic), and iii) aggregate the results according to user-defined security constraints (e.g., vulnerability patterns).The empirical assessment of APPregator on a set of 200.000 apps taken from the Google Play Store and Aptoide suggests that the current implementation grants a good level of performance and reliability. APPregator will be made freely available to the research community by the end of 2020.
Databáze: OpenAIRE
Externí odkaz: