University of Twente Student Theses


Haly : Automated evaluation of hardening techniques in Android and iOS apps

Beijnum, A.C.W. van (2023) Haly : Automated evaluation of hardening techniques in Android and iOS apps.

[img] PDF
Abstract:Although mobile operating systems employ a variety of features to sandbox and isolate apps, these are not always sufficient. Because of this, app developers are recommended to implement their own security checks. In this work, we investigate the prevalence of hardening techniques in mobile apps. We design and develop Haly, an open-source framework that can detect the implementation of eight hardening techniques in apps by combining automated static and dynamic analysis. We use Haly to analyze 1,836 popular Android and iOS apps and present the general prevalence of these hardening techniques, as well as prevalence in relation to several factors, such as app store category and access to privacy-sensitive permissions. Our research is the first work that combines research into the prevalence of multiple hardening techniques with analysis of multiple mobile platforms, namely Android and iOS. We conclude that hardening techniques are more prevalent on Android than on iOS, and that apps with more privacy-sensitive permissions implement more hardening techniques. Furthermore, we find that many apps implement hardening techniques on only one of the two OSes and that third-party libraries contribute significantly to the prevalence of hardening techniques.
Item Type:Essay (Master)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:
Export this item as:BibTeX
HTML Citation
Reference Manager


Repository Staff Only: item control page