Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Functional and Security Testing of a Mobile Client-Server Application
Linköping University, Department of Computer and Information Science.
Linköping University, Department of Computer and Information Science.
2018 (English)Independent thesis Basic level (degree of Bachelor), 10,5 credits / 16 HE creditsStudent thesisAlternative title
Funktionell och säkerhetstestning av en mobilapplikation bestående av en klient- och serversida (Swedish)
Abstract [en]

Today’s massive usage of smartphones has put a high demand on all application developers in the matter of security. For us to be able to keep using all existing and new applications, a process that removes significant security vulnerabilities is essential. To remove these vulnerabilities, the applications have to be tested. In this thesis, we identify six methods for functional and security testing of client-server applications running Android and Python Flask. Regarding functional testing, we implement Espresso testing and RESTful API testing. In regards to the security testing of the system, we do not only implement fuzz testing, sniffing, reverse engineering and SQL injection testing on a system developed by a student group in a parallel project, but also discover a significant security vulnerability that directly affects the integrity and reliability of this system. Out of the six identified testing techniques, reverse engineering exposed the vulnerability. In conjunction with this, we verified that the system’s functionality works as it is supposed to.

Place, publisher, year, edition, pages
2018. , p. 50
Keywords [en]
Security, Android, Mobile application, Python, Flask, Server, Software testing, Functional testing, Reverse engineering, Fuzz testing, Monkey testing, RESTful API testing, Sniffing, SQL injection, Confidentiality, Integrity, Availability, Reliability, Espresso, Postman, Wireshark, dex2jar, Apktool, JD-GUI
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:liu:diva-148710ISRN: LIU-IDA/LITH-EX-G--18/030--SEOAI: oai:DiVA.org:liu-148710DiVA, id: diva2:1219756
Subject / course
Information Technology
Presentation
2018-05-29, Ada Lovelace, Linköpings universitet, Linköping, 09:15 (Swedish)
Supervisors
Examiners
Available from: 2018-06-21 Created: 2018-06-17 Last updated: 2018-06-21Bibliographically approved

Open Access in DiVA

fulltext(2044 kB)14 downloads
File information
File name FULLTEXT01.pdfFile size 2044 kBChecksum SHA-512
f9c212b491d8916acaef277dd15ca495eecbac578cf6f14b240d7dce3fff8b32de333bde0c1f986d92db58556f8eba1bcc0891ef4f713bda66eb2cca767ec140
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Holmberg, DanielNyberg, Victor
By organisation
Department of Computer and Information Science
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 14 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 70 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf