Regresar

Security analysis protocol for android-based mobile applications

Abstract:

This document presents a testing protocol to evaluate security of mobile applications based on Android. For this, it’s been used as a reference the methodology proposed by OWASP Mobile Security Project. It’s been developed a protocol of tests that consists of three phases: Information gathering, static analysis and dynamic analysis. To assess the security of mobile applications the testing protocol has been designed, using certain steps of the OWASP Mobile Security Project. For the three phases that are part of the designed test protocol, a set of tasks is defined with the necessary procedure and tools. Subsequent to the design of the test protocol, it has been validated on a mobile application, and it has been presented comments of the test. The tools used in the protocol include dex2jar, PeaZip, axml2printer, jd-gui, logcat, OWASP ZAP and Drozer.

Año de publicación:

2019

Keywords:

  • Data gathering
  • dynamic analysis
  • OWASP
  • Mobile application
  • security
  • android
  • Static Analysis

Fuente:

scopusscopus

Tipo de documento:

Article

Estado:

Acceso restringido

Áreas de conocimiento:

  • Ingeniería de software
  • Ciencias de la computación

Áreas temáticas:

  • Programación informática, programas, datos, seguridad
  • Producción
  • Física aplicada

Contribuidores:

José PalaciosJosé Palacios
Gabriel LópezGabriel López
Franklin L. SánchezFranklin L. Sánchez