Automated security testing of android applications for secure mobile development

Bibliographic Details
Main Author: Palma, F.
Publication Date: 2020
Other Authors: Ferreira, N., Serrão, C., Oliveira, J., de Almeida, A., Nunes, L.
Language: eng
Source: Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
Download full: http://hdl.handle.net/10071/20829
Summary: Mobile computing is on the rise. More and more users rely on mobile applications and mobile devices to execute the most basic tasks of their lives while depositing their most private and critical data on them. Mobile application stores act as the trust anchors that sit between applications developed by third parties and the user’s mobile devices. Therefore, app stores should provide the means to ensure that the apps installed by the users follow high security and quality standards, minimising the user’s data exposure risks. A critical path towards that security and quality standards is to early test and detect mobile application vulnerabilities resulting from incorrect development practices and to provide developers feedback about the problems found and some additional information on how to correct them. This paper presents a system, developed to help Android app stores (in this case, on the Aptoide app store) timely detect vulnerabilities on submitted apps and provide appropriate feedback to developers. The provide feedback makes developers aware of the secure development processes while improving the quality and security of their apps before they are made available to end-users and installed on their devices.
id RCAP_fa6c16f7ba5fce76a47ec6dd88698312
oai_identifier_str oai:repositorio.iscte-iul.pt:10071/20829
network_acronym_str RCAP
network_name_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository_id_str https://opendoar.ac.uk/repository/7160
spelling Automated security testing of android applications for secure mobile developmentVulnerabilitiesAndroidMobileSecurityTestSoftwareDevelopmentFeedbackDevelopersMobile computing is on the rise. More and more users rely on mobile applications and mobile devices to execute the most basic tasks of their lives while depositing their most private and critical data on them. Mobile application stores act as the trust anchors that sit between applications developed by third parties and the user’s mobile devices. Therefore, app stores should provide the means to ensure that the apps installed by the users follow high security and quality standards, minimising the user’s data exposure risks. A critical path towards that security and quality standards is to early test and detect mobile application vulnerabilities resulting from incorrect development practices and to provide developers feedback about the problems found and some additional information on how to correct them. This paper presents a system, developed to help Android app stores (in this case, on the Aptoide app store) timely detect vulnerabilities on submitted apps and provide appropriate feedback to developers. The provide feedback makes developers aware of the secure development processes while improving the quality and security of their apps before they are made available to end-users and installed on their devices.IEEE2020-11-17T11:49:34Z2020-01-01T00:00:00Z20202020-12-17T16:24:17Zconference objectinfo:eu-repo/semantics/publishedVersionapplication/pdfhttp://hdl.handle.net/10071/20829eng978-1-7281-1075-210.1109/ICSTW50294.2020.00046Palma, F.Ferreira, N.Serrão, C.Oliveira, J.de Almeida, A.Nunes, L.info:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2024-07-07T02:58:59Zoai:repositorio.iscte-iul.pt:10071/20829Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-28T18:12:47.850671Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse
dc.title.none.fl_str_mv Automated security testing of android applications for secure mobile development
title Automated security testing of android applications for secure mobile development
spellingShingle Automated security testing of android applications for secure mobile development
Palma, F.
Vulnerabilities
Android
Mobile
Security
Test
Software
Development
Feedback
Developers
title_short Automated security testing of android applications for secure mobile development
title_full Automated security testing of android applications for secure mobile development
title_fullStr Automated security testing of android applications for secure mobile development
title_full_unstemmed Automated security testing of android applications for secure mobile development
title_sort Automated security testing of android applications for secure mobile development
author Palma, F.
author_facet Palma, F.
Ferreira, N.
Serrão, C.
Oliveira, J.
de Almeida, A.
Nunes, L.
author_role author
author2 Ferreira, N.
Serrão, C.
Oliveira, J.
de Almeida, A.
Nunes, L.
author2_role author
author
author
author
author
dc.contributor.author.fl_str_mv Palma, F.
Ferreira, N.
Serrão, C.
Oliveira, J.
de Almeida, A.
Nunes, L.
dc.subject.por.fl_str_mv Vulnerabilities
Android
Mobile
Security
Test
Software
Development
Feedback
Developers
topic Vulnerabilities
Android
Mobile
Security
Test
Software
Development
Feedback
Developers
description Mobile computing is on the rise. More and more users rely on mobile applications and mobile devices to execute the most basic tasks of their lives while depositing their most private and critical data on them. Mobile application stores act as the trust anchors that sit between applications developed by third parties and the user’s mobile devices. Therefore, app stores should provide the means to ensure that the apps installed by the users follow high security and quality standards, minimising the user’s data exposure risks. A critical path towards that security and quality standards is to early test and detect mobile application vulnerabilities resulting from incorrect development practices and to provide developers feedback about the problems found and some additional information on how to correct them. This paper presents a system, developed to help Android app stores (in this case, on the Aptoide app store) timely detect vulnerabilities on submitted apps and provide appropriate feedback to developers. The provide feedback makes developers aware of the secure development processes while improving the quality and security of their apps before they are made available to end-users and installed on their devices.
publishDate 2020
dc.date.none.fl_str_mv 2020-11-17T11:49:34Z
2020-01-01T00:00:00Z
2020
2020-12-17T16:24:17Z
dc.type.driver.fl_str_mv conference object
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10071/20829
url http://hdl.handle.net/10071/20829
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv 978-1-7281-1075-2
10.1109/ICSTW50294.2020.00046
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv IEEE
publisher.none.fl_str_mv IEEE
dc.source.none.fl_str_mv reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron:RCAAP
instname_str FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron_str RCAAP
institution RCAAP
reponame_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
collection Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository.name.fl_str_mv Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
repository.mail.fl_str_mv info@rcaap.pt
_version_ 1833597260027396096

Similar Items