International Journal of Science and Research (IJSR)

International Journal of Science and Research (IJSR)
Call for Papers | Fully Refereed | Open Access | Double Blind Peer Reviewed

ISSN: 2319-7064


Downloads: 2 | Views: 176 | Weekly Hits: ⮙1 | Monthly Hits: ⮙1

Informative Article | Software Engineering | India | Volume 9 Issue 6, June 2020 | Popularity: 5 / 10


     

SSL Pinning in Android Applications: A Comprehensive Study

Naga Satya Praveen Kumar Yadati


Abstract: The rapid growth in mobile device usage has sometimes led to a neglect of security in application development. While SSL/TLS has been a cornerstone for securing communications, it is not without vulnerabilities. One significant issue is SSL pinning bypassing. This paper explores security controls to mitigate SSL pinning bypassing, reviews existing bypassing techniques, and introduces two new methods. We conducted experiments on popular applications to assess the effectiveness of these controls and bypassing methods. Finally, we propose an applicability framework that links security controls to corresponding bypassing methods, offering guidance for pentesters and developers.


Keywords: SSL pinning, security, mobile applications, Android, auditing, vulnerabilities, OWASP


Edition: Volume 9 Issue 6, June 2020


Pages: 1948 - 1951


DOI: https://www.doi.org/10.21275/SR24627200440



Make Sure to Disable the Pop-Up Blocker of Web Browser


Text copied to Clipboard!
Naga Satya Praveen Kumar Yadati, "SSL Pinning in Android Applications: A Comprehensive Study", International Journal of Science and Research (IJSR), Volume 9 Issue 6, June 2020, pp. 1948-1951, https://www.ijsr.net/getabstract.php?paperid=SR24627200440, DOI: https://www.doi.org/10.21275/SR24627200440

Similar Articles

Downloads: 0

Informative Article, Software Engineering, India, Volume 11 Issue 12, December 2022

Pages: 1335 - 1338

Efficiently Managing Billions of Data Points with Configurable and Extensible Functionality

Naveen Koka

Share this Article

Downloads: 1 | Weekly Hits: ⮙1 | Monthly Hits: ⮙1

Prototypes and Models, Software Engineering, United States of America, Volume 13 Issue 4, April 2024

Pages: 194 - 197

Next - Generation AI - Powered Web Scraping and Integration Platform for Seamless Transition to Modern Solutions

Naveen Koka

Share this Article

Downloads: 1 | Weekly Hits: ⮙1 | Monthly Hits: ⮙1

Informative Article, Software Engineering, United States of America, Volume 13 Issue 6, June 2024

Pages: 743 - 747

Low-Code / No-Code Approach to Build Applications for P&C Insurance Carriers

Imran Ur Rehman

Share this Article

Downloads: 1 | Weekly Hits: ⮙1 | Monthly Hits: ⮙1

Informative Article, Software Engineering, India, Volume 8 Issue 1, January 2019

Pages: 2271 - 2273

Deployments in Release Engineering

Amarjot Singh Dhaliwal

Share this Article

Downloads: 2 | Weekly Hits: ⮙1 | Monthly Hits: ⮙1

Technical Report, Software Engineering, United States of America, Volume 13 Issue 4, April 2024

Pages: 931 - 936

Architecting Serverless Solutions for Cost - Effective and Scalable Applications

Kiran Kumar Voruganti

Share this Article

Top