Home // ICIMP 2017, The Twelfth International Conference on Internet Monitoring and Protection // View article

Security Testing over Encrypted Channels on the ARM Platform

Authors:
Fatih Kilic
Benedikt Geßele
Hasan Ibne Akram

Keywords: security testing; network security; reverse engineering; encrypted communication; embedded security

Abstract:
Security Testing has been applied for many years to detect vulnerabilities in applications. With the increasing demand for encryption to protect the confidentiality of network data, the requirements have changed. When proprietary, closed source software uses end-to-end encryption, security testing tools which are fuzzing the application layer over network with plaintext data will eventually fail. The Intrusion Detection Framework for Encrypted Network Data (iDeFEND) framework circumvents this problem without violating the security of the end-to-end encryption. Unfortunately, the framework cannot be used on the Advanced RISC Machines (ARM) platform, since it uses architecture depended features of x86. In this paper, we transfer iDeFEND to the ARM architecture and thereby, make it suitable for testing applications on embedded devices. In addition, we discuss the limitations of the current framework and improve it with novel methods to provide a more generic approach for security testing. We present a generic method for inspecting data on encrypted channels. Our approach does not require any knowledge of the structure of the wrapper function for receiving and decrypting like iDeFEND. Furthermore, we present a solution to test and inspect applications that are using packet queues. Finally, we evaluate our approach on popular mobile applications.

Pages: 12 to 17

Copyright: Copyright (c) IARIA, 2017

Publication date: June 25, 2017

Published in: conference

ISSN: 2308-3980

ISBN: 978-1-61208-564-7

Location: Venice, Italy

Dates: from June 25, 2017 to June 29, 2017