Skip navigation
Please use this identifier to cite or link to this item: http://arks.princeton.edu/ark:/88435/dsp0105741v746
Title: Analyzing WhatsApp Security with Dynamic Binary Instrumentation
Authors: Liu, Kevin
Advisors: Jha, Niraj
Department: Electrical Engineering
Certificate Program: Applications of Computing Program
Class Year: 2020
Abstract: The number of IoT devices are rapidly growing, and security vulnerabilities are also growing along with it. Smartphones have become nearly ubiquitous in society, completely reshaping how we live our daily lives. One of the most popular apps used in the world is WhatsApp, with 2 billion users and counting. WhatsApp users often take their security and privacy as granted, but given that all their data is stored unencrypted on their devices, they should be asking: how can security vulnerabilities and exploits impact user data stored on their devices? In this work we seek to answer that question by examining potential attacks against WhatsApp and simulating them to better understand the end result on WhatsApp. We integrate Frida with DroidBot to automate discovery of functions of interest for these attacks. In addition, we also consider a methodology for generating regular expressions that captures the dynamic behavior of WhatsApp. We focus on analyzing WhatsApp on Android, one of the most widely used apps on the most popular mobile OS in the world. We use Frida, a modern dynamic instrumentation toolkit, to both simulate the attacks as well as generating the regular expressions.
URI: http://arks.princeton.edu/ark:/88435/dsp0105741v746
Type of Material: Princeton University Senior Theses
Language: en
Appears in Collections:Electrical Engineering, 1932-2020

Files in This Item:
File Description SizeFormat 
LIU-KEVIN-THESIS.pdf1.58 MBAdobe PDF    Request a copy


Items in Dataspace are protected by copyright, with all rights reserved, unless otherwise indicated.