HyperG pushes Smart Sensing, using dynamic detection, and defense mechanisms to protect App security

Last year (2019), Gamania CloudForce made the department that is responsible for the operation of appGuard (an App protection service) independent, and established the Singapore company HyperG Smart Security that focuses on the development of smart technology security products, striving to become a global first-class smart security service company and sales platform. This year, HyperG continues to launch Smart Sensing after appGuard; it is a comprehensive dynamic detection, defense and sensing system that can safeguard the security of Apps through real-time monitoring, analysis and response.

HyperG’s information security consultant Yi-Chih Hsieh stated that the concept of security development had not yet taken shape years ago; most App developers did not know how to develop secure Apps. They focused their development on the performance, functions, stability or availability of the App, which caused several Apps to have loopholes and gave hackers chances to use methods such as web tracking and internet phishing etc. to steal the personal information of App users, then slowly explore information including their background, work unit, and salary level etc., and finally launching criminal acts such as fraudulent and extortion, causing loss to users.

Many App publishers became aware of this risk later and started importing App protection tools, hoping to “lock” the App to prevent others from performing damaging behaviors such as root, jailbreak, hook, injection attacks, and others. Even though these tools use many probes and run rich tests, they are still “static protection”; this means that they only allow users to learn their flaws from the test results so they can correct the errors and improve the protection measures, and then push the App with multiple locks added to the market. Who would have known that after the App becomes available on the market, hackers could always find ways to break the blockade and successfully steal the personal information of users, insert plug-ins and even cause the App to crash; protection for this has always been missing.

The reason why Smart Sensing was created was mainly to change static protection to dynamic protection (detect+defend). Looking from the surface, the test items supported by Smart Sensing are more or less the same compared to traditional tools; it also includes root/jailbreak, shell frame, risk process and sensitive configuration etc., but the only difference is that it provides a real-time monitoring system. In other words, it can transmit the detection content to the backstage data management center immediately, and then use AI to run logical comparison to determine whether there are malicious programs or plug-ins. If there is, analyze its signatures in detail so that App publishers or developers could quickly defend or respond (without modifying the source code), and use prevention to reduce future threats and risks.

Multiple analyses are provided to help users clarify the information security of the App and the current operational status

Yi-Chih Hsieh said that Smart Sensing supports two types of deployment modes; one is to construct it on the public cloud of Gamania CloudForce, and have the cloud backstage collect and record messages automatically, and then use AI to perform analysis and judgement to grasp the entire attack cycle and signature of the plug-in; the other is to create private cloud and construct the Smart Sensing server in the user’s own environment. This way they will not have to worry about information leaking and can also enjoy the same functions.

When we talk about the main functions of Smart Sensing, the first thing to mention is security automatic analysis. It monitors and keeps statistics of users’ traffics, and further provide a statistical report on the number of attacks that the App received within a certain period; from equipment reuse, emulator, injection attacks, debug behaviors, system acceleration, program plug-in down to location fraud etc., none of these threat events can escape from it.

Yi-Chih Hsieh then stated that the second and third functions are operational data analysis and crash message analysis. This is mainly because App owners care a great deal about how many people use their App, when do most people open the App, how long is the App used for each time and whether there were any crashes or abnormalities; that’s why Smart Sensing thoughtfully provides related information so users can learn the login and usage situation within a certain period of time, overview of equipment and statistical results on the most favorite Apps to install. As for crashing, event related information such as equipment type, location, system version, App version and crash time etc. can help developers quickly restore the environmental conditions of the crash.

The fourth item is SDK testing. Everybody knows that many developers today are used to adopting third-party kits or SDK in order to accelerate production speed and satisfy specific functional needs, for example the login module and connection module etc. Who would have known that these SDKs might not be safe enough and might collect and transmit user behavior information without users knowing about it? Smart Sensing can help users perform appropriate strategic configurations to ensure that the SDK permission is monitored; once unauthorized access of information occurs; it can block it right away.

The fifth item is to block unauthorized behaviors; it works similarly to SDK permission monitoring and aims to prevent specific malicious programs or plug-ins from leading App users to third party Apps (such as online banking login screen), and prevent hackers from stealing users’ account and password information.

Combine appGuard and Smart Sensing to construct complete protection architecture

Yi-Chih Hsieh summarized that insecure Apps would generate three types of victims; the first is the publisher of the App, such as the gaming industry. If plug-ins were inserted into the App, hackers will have the chance to steal money or other valuable treasures and cause revenue loss to business operators.

The second type of victim is the common folks who used the App. When hackers get the personal information of this group of people, they will also have sensitive information such as their credit card numbers etc., then they can perform fraudulent transactions in small amounts over and over again without the card holder noticing, and cause users to suffer financial losses inexplicably. The third type of victim is also App users but users who have more economical strength or higher social statuses. Hackers will use methods such as ransom or blackmail and force them to pay a bigger price at once.

All in all, Apps with information security risks may cause great damage; not only will end users suffer, publishers themselves will also suffer losses. From this it can be seen that publishers should not let their guard down either; reinforcing the information security defense architecture of the App is the right thing to do.

Yi-Chih Hsieh stressed that every field has its specialists; Smart Sensing is more like a risk control system for Apps, it has a role similar to a monitor. But when you ask how it protects the foundation of the App, that’s not within its capability; instead, that is the strength of appGuard that is great for providing protection measures for Apps such as packing and obfuscation. Therefore, he suggests that enterprises can integrate and use both appGuard and Smart Sensing; with the interlinking of the two, they can form the most complete and rigorous App defense mechanism.