International Journal of Science and Research (IJSR)

International Journal of Science and Research (IJSR)
Call for Papers | Fully Refereed | Open Access | Double Blind Peer Reviewed

ISSN: 2319-7064


Downloads: 7

India | Software Engineering | Volume 9 Issue 6, June 2020 | Pages: 1948 - 1951


SSL Pinning in Android Applications: A Comprehensive Study

Naga Satya Praveen Kumar Yadati

Abstract: The rapid growth in mobile device usage has sometimes led to a neglect of security in application development. While SSL/TLS has been a cornerstone for securing communications, it is not without vulnerabilities. One significant issue is SSL pinning bypassing. This paper explores security controls to mitigate SSL pinning bypassing, reviews existing bypassing techniques, and introduces two new methods. We conducted experiments on popular applications to assess the effectiveness of these controls and bypassing methods. Finally, we propose an applicability framework that links security controls to corresponding bypassing methods, offering guidance for pentesters and developers.

Keywords: SSL pinning, security, mobile applications, Android, auditing, vulnerabilities, OWASP



Rate This Article!



Received Comments

No approved comments available.


Top