Android Application Pen-testing Framework
Journal: IPASJ International Journal of Computer Science (IIJCS) (Vol.5, No. 8)Publication Date: 2017-09-10
Authors : Digvijaysinh Rathod;
Page : 1-5
Keywords : Keywords: Android; Pen testing; Vulnerability; Malware; Mobile Forensics; Mobile Security;
Abstract
ABSTRACT Android OS running Smartphones are widely accepted and popular in the recent years and as the vogue of using the Android applications in the android phone are inspiring the Android developers to build verities ofAndroid applications. There are 2.8 million android applications in Android play store itself. Security pet-testing of Android mobile application is challengeable and complicated for pen-tester because of various versions of Android OS and mobile phone fragmentation. The two major problems found in Android applications were Insecure Communication over the network and Code Mitigating which includes altering some portion of code which leads certain benefits to the attacker. There are various other ways to penetrate the android applications and find innumerable vulnerabilities and bugs which might lead to critical organizational fail. I used SantokuOS which is Linux based open source operating and Genymotion to configure virtual envirnmentwith DIVA (Damn insecure and vulnerable App) to perform mobile application penetration testing. I elaborated broad categories of mobile application vulnerabilities and demonstrate practically vary crucial security loophole - insecure data storage, insecure communication and data leakage.
Other Latest Articles
- An Enactment of College Talent Placement System
- Performance Improvement of BLDC Motor Based on Quasi-Z Source Network
- Feature Extraction of Customer Reviews Using Frequent Pattern Mining Algorithm
- Advanced Demand Forecasting for Resource Allocation in the Cloud for Media Streaming Applications
- Outsourced Attribute Based Encryption (OABE) Watchword Search Function for Cloud Computing
Last modified: 2017-09-10 13:30:41