Cryptographic Misuse Detection Tools

2021-9-24
Koru, Emine Selin
Today digital devices are an inevitable part of our lives. We use these devices for things like sharing photos, communicating with friends, and exchanging money. All these actions need privacy. In fact, properly used cryptographic systems can fulfill this need for privacy. However, in some cases developers can make mistakes, because of the reason such as lack of knowledge about cryptography and hard usage of cryptographic APIs. Thus, cryptographic misuse detection has become a new field of study and tools have begun to be designed to detect these misuses. In this study, we discuss 11 detection tools. They are CryptoLint [61], CMA [87], CDRep [77], sPECTRA [68], BinSight [79], CHIRON [85], CryptoGuard [84] and CRYLOGGER [83] in Android platform; iCryptoTracer [76] and Automated Binary Analysis [65] on iOS platform and CRYPTOREX [94] on IoT platform. Moreover, we give a comprehensive rule set and discuss shortcomings of each tool to contribute to future studies.

Suggestions

A Software quality model for android applications
Şimşek, Merve Vildan; Betin Can, Aysu; Department of Information Systems (2016)
Nowadays mobile devices have become increasingly widespread. It causes mobile applications number to grow dramatically. As the popularity of these systems is predicted to continue its increase in the near future, the importance of the quality of mobile applications increases. The aim of this study is to present a quality model for Android applications. We chose applications developed for Android Operating System as our target because of its prevalence in the mobile market. To achieve the aim of the study, w...
RONFC: A Novel Enabler-Independent NFC Protocol for Mobile Transactions
Turk, Ismail; Angın, Pelin; Cosar, Ahmet (Institute of Electrical and Electronics Engineers (IEEE), 2019-01-01)
The use of near field communication (NFC) technology for contactless mobile transactions has become popular in the past decade with the availability of this technology in mobile devices. Today, there are millions of the NFC-enabled mobile handsets in the market, with mobile handset manufacturers and mobile network operators enabling m-wallet solutions using the secure elements (SEs) that they own, thus can remotely control, on the devices. While this approach gives full control to the SE owner to activate a...
Wireless Body Area Network Studies for Telemedicine Applications Using IEEE 802.15.6 Standard
Ozderya, Hasan Yavuz; ERDÖL, HAKAN; KAYIKÇIOĞLU, TEMEL; Yılmaz, Ali Özgür; KAYA, İSMAİL (2017-03-18)
Wireless communication is becoming a part of our life at every step. But widespread use in medical applications is yet to come. We are developing a wireless communication system based on 802.15.6 MAC and 802.15.4 PHY for use in transmitting ECG data from a remote patient monitoring device which is used for home based telemedicine applications. The paper concentrates on explaining the stack program development phases of the standard IEEE 802.15.6 and its flexible access features. It is believed that the subj...
Development and improvement of analog circuit design: a message passing interface parallel computing approach with genetic algorithms
Kalınlı, Adem; Aksu, Özgür (IOS Press, 2010-02-01)
The world, we live and will live in the future, is Analog. Everything we can see, hear and perceive in life is Analog, from voice, music and seismic activity to visual perception, voice recognition and energy delivery. 20th Century scientists are still trying to understand and formulate world events. For this aim they have produced a system, which is different human machine language, name is Digital Systems. Digital Systems is only human known and used systems. If anything in the world is wanted to be done ...
Customer value of mobile services
Zubari, Sinem; Arifoğlu, Ali; Özden, M. Yaşar; Department of Information Systems (2010)
Mobile devices are becoming widely common today. As the number of mobile devices continue to grow all around the world, its functionality is extending and mobile technologies are gaining more popularity in every aspect of our life. Today, wide range of mobile services is offered to people. The purpose of our study is examining the customer value of mobile services for individuals or citizens. A value model for mobile services has been proposed with five dimensions: Functional Value, Social Value, Emotional ...
Citation Formats
E. S. Koru, “Cryptographic Misuse Detection Tools,” M.S. - Master of Science, Middle East Technical University, 2021.