The misunderstanding and incorrect configurations of cryptographic primitives have exposed severe security vulnerabilities to attackers. Due to the pervasiveness and diversity of cryptographic misuses, a comprehensive and accurate understanding of how cryptographic misuses can undermine the security of an Android app is critical to the subsequent mitigation strategies but also challenging. Although various approaches have been proposed to detect cryptographic misuse in Android apps, studies have yet to focus on estimating the security risks of cryptographic misuse. To address this problem, the authors present an extensible framework for deciding the threat level of cryptographic misuse in Android apps. Firstly, the authors propose a general and unified specification for representing cryptographic misuses to make our framework extensible and develop adapters to unify the detection results of the state-of-the-art cryptographic misuse detectors, resulting in an adapter-based detection tool chain for a more comprehensive list of cryptographic misuses. Secondly, the authors employ a misuse-originating data-flow analysis to connect each cryptographic misuse to a set of data-flow sinks in an app, based on which the authors propose a quantitative data-flow-driven metric for assessing the overall risk of the app introduced by cryptographic misuses. To make the per-app assessment more useful for app vetting at the app-store level, the authors apply unsupervised learning to predict and classify the top risky threats to guide more efficient subsequent mitigation. In the experiments on an instantiated implementation of the framework, the authors evaluate the accuracy of our detection and the effect of data-flow-driven risk assessment of our framework. Our empirical study on over 40,000 apps, and the analysis of popular apps reveal important security observations on the real threats of cryptographic misuse in Android apps.
K E Y W O R D SAndroid (operating system), application programme interfaces, learning (artificial intelligence), programme analysis, smart phones
| INTRODUCTIONCryptographic algorithms and protocols are the indispensable building blocks for modern distributed computing systems and smartphone apps. Cryptographic primitives, implemented as cryptographic APIs in typical libraries, provide various functionalities such as keys/certificate management, encryption, decryption, digital signature, message digest, and utilisation of security protocols. Such cryptographic primitives have been reported vulnerable to many attacks and misused seriously on different platforms [1][2][3][4].Previous detection approaches of cryptographic misuses fall into three categories: static analysis [2, 5-9], dynamic analysis [10], or a combination of both [3,11]. In general, static