Security Smells Pervade Mobile App Servers

08/16/2021
by   Pascal Gadient, et al.
0

[Background] Web communication is universal in cyberspace, and security risks in this domain are devastating. [Aims] We analyzed the prevalence of six security smells in mobile app servers, and we investigated the consequence of these smells from a security perspective. [Method] We used an existing dataset that includes 9714 distinct URLs used in 3376 Android mobile apps. We exercised these URLs twice within 14 months and investigated the HTTP headers and bodies. [Results] We found that more than 69 security smells, and that unprotected communication and misconfigurations are very common in servers. Moreover, source-code and version leaks, or the lack of update policies expose app servers to security risks. [Conclusions] Poor app server maintenance greatly hampers security.

READ FULL TEXT
research
02/26/2019

SeMA: A Design Methodology for Building Secure Android Apps

UX designers use storyboards to visually capture a user experience (UX) ...
research
11/05/2021

Security Header Fields in HTTP Clients

HTTP headers are commonly used to establish web communications, and some...
research
11/20/2017

Quantum Inspired Security on a Mobile Phone

The widespread use of mobile electronic devices increases the complexiti...
research
04/04/2018

Co Hijacking Monitor: Collaborative Detecting and Locating Mechanism for HTTP Spectral Hijacking

With the rapid growth of mobile internet, mobile application, like websi...
research
08/16/2020

Attributes affecting user decision to adopt a Virtual Private Network (VPN) app

A Virtual Private Network (VPN) helps to mitigate security and privacy r...
research
11/19/2020

To Terminate or Not to Terminate Secure Sockets Layer (SSL) Traffic at the Load Balancer

The concepts of terminating or not terminating Secure Sockets Layer (SSL...

Please sign up or login with your details

Forgot password? Click here to reset